oss-security - CVE-2015-3206 python-kerberos: checkPassword() does not verify KDC authenticity
oss-security - AW: Multiple disputed issues in util-vserver
oss-security - About CVE-2012-5645
oss-security - Additional information for packagers concerning recent BIND security vulnerabilities
oss-security - Advisory X41-2017-001: Multiple Vulnerabilities in X.org
oss-security - Announce: OpenSSH 7.3 released
oss-security - Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Audit: log terminal emulator escape sequences handling CVE-2015-5186
oss-security - BIND9 CVE-2017-3135: Combination of DNS64 and RPZ Can Lead to Crash
oss-security - BIND9 CVE-2017-3140 & CVE-2017-3141
oss-security - Broken authentication on Monkey HTTPD Auth plugin
oss-security - CSRF in the JBoss AS 7 administration console & HTTP management API - CVE-2011-3609
oss-security - CVE ASSIGNMENT CORRECTION -- USE CVE-2011-3590 instead of CVE-2011-2390 [was: Re: kexec-tools: Multiple security flaws by management
oss-security - CVE REJECT CVE-2009-1193
oss-security - CVE Request - XStream: DoS when unmarshalling void
oss-security - CVE Request - multiple ghostscript -dSAFER sandbox problems
oss-security - CVE Request -- kernel: tcp: drop SYN+FIN messages
oss-security - CVE Request for incomplete fix to CVE-2015-3297 in Etherpad Minify
oss-security - CVE Request(s): VTigerCRM and SugarCRM
oss-security - CVE Request: DBD-mysql: use-after-free in mysql_dr_error
oss-security - CVE Request: Info-ZIP unzip 6.0
oss-security - CVE Request: No demangling of untrusted binaries (2)
oss-security - CVE Request: SimpleSAMLphp: SSPSA 201612-02: Incorrect signature verification
oss-security - CVE Request: Vtiger CRM 6.4 Authenticated Remote Code Execution
oss-security - CVE Request: Wordpress: 8 security issues in 4.7
oss-security - CVE Request: adequate: privilege escalation via tty hijacking
oss-security - CVE Request: another recursion in GRE
oss-security - CVE Request: libgcrypt hardening for RSA-CRT leak
oss-security - CVE Request: pkexec tty hijacking via TIOCSTI ioctl
oss-security - CVE Request: zendframework SQL injections
oss-security - CVE for ISPConfig 3.0.4.3 \"Add new Webdav user\" can chmod and chown entire server from client interface
oss-security - CVE for tog-pegasus Hash DoS issue from 2011
oss-security - CVE issues with recent python flaws
oss-security - CVE mistake in libsoup release notes
oss-security - CVE request -- coreutils -- tty hijacking possible in \"su\" via TIOCSTI, ioctl
oss-security - CVE request / advisory: Cherokee
oss-security - CVE request for select() buffer overrun in CHICKEN Scheme on the Android platform
oss-security - CVE request: CHICKEN Scheme incomplete fix for CVE-2012-6122 (select() fs_set buffer overrun)
oss-security - CVE request: Nagios: Incomplete fix for CVE-2016-8641
oss-security - CVE request: Piwik <= 2.16.0 (saveLayout) PHP Object Injection vulnerability
oss-security - CVE request: Zenphoto waraxe-2012-SA#096
oss-security - CVE request: incorrect URL parsing in async-http-client <= 2.0.35
oss-security - CVE request: kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMIN
oss-security - CVE request: openjpeg: incorrect fix for CVE-2013-6045 (was Re: openjpeg CVE-2016-3181, CVE-2016-3182 .. and CVE-2013-6045)
oss-security - CVE request: various NodeJS module vulnerabilities
oss-security - CVE request: webcalendar before 1.2.5 XSS
oss-security - CVE update (CVE-2016-5395) - Fixed in Apache Ranger 0.6.1
oss-security - CVE update (CVE-2016-6815) - Fixed in Ranger 0.6.2
oss-security - CVE update - fixed in Apache Ranger 0.6.3
oss-security - CVE updates: fixes in Apache Atlas 0.7.1-incubating
oss-security - CVE updates: fixes in Apache Atlas 0.8-incubating
oss-security - CVE's for Drupal Contrib 2012 001 through 057 (67 new CVE assignments)
oss-security - CVE's for MediaWiki 1.20.2 / 1.19.2
oss-security - CVE-2009-4067 kernel: usb: buffer overflow in auerswald_probe()
oss-security - CVE-2011-3979 being duplicate of CVE-2011-3352
oss-security - CVE-2011-4924 assignment notification -- Zope2, Zope3: Incomplete upstream fix for CVE-2010-1104 issue
oss-security - CVE-2012-2216 - Social Engine Multiples Vulnerabilities (XSS and CSRF)
oss-security - CVE-2012-2238: trytond missing permissions check in button model
oss-security - CVE-2012-2248: isc-dhcp, Debian-specific: build path included in PATH
oss-security - CVE-2012-5617: gksu-polkit privileged code execution with unprivileged credentials
oss-security - CVE-2012-6302 Soapbox 0.3.1 sandbox bypass
oss-security - CVE-2012-6306 HCView Write Access Violation with GIF file
oss-security - CVE-2012-6307 JPEGsnoop Write Access Violation with JPEG file
oss-security - CVE-2012-6309 Arctic Torrent crash with .torrent file
oss-security - CVE-2013-0293 -- ovirt-node: Lock screen accepts F2 to drop to shell
oss-security - CVE-2013-1666 description still missing
oss-security - CVE-2013-1895 py-bcrypt 0.2 concurrency vulnerability (auth bypass)
oss-security - CVE-2013-2060 OpenShift Origin: Potential remote command execution vulnerability in download cart url
oss-security - CVE-2013-2097: zPanel themes remote command execution as root
oss-security - CVE-2013-2228 : Salt Stack RSA exponent of 1 (there can be only one! da-na-naaah! na-na-na-naahh-nah-nahhh!)
oss-security - CVE-2013-4578 OpenJDK: jarsigner does not detect unsigned bytecode injected into signed jars
oss-security - CVE-2013-6876 s3dvt Root shell
oss-security - CVE-2013-7450: Pulp < 2.3.0 distributed the same CA key to all users
oss-security - CVE-2014-0021: chrony traffic amplification in cmdmon protocol
oss-security - CVE-2014-0234 Installer: OpenShift Enterprise: openshift.sh default password creation
oss-security - CVE-2014-1226 s3dvt Root shell (still)
oss-security - CVE-2014-3114 WordPress plugin ezpz-one-click-backup cmd parameter os command injection
oss-security - CVE-2014-3471 Qemu: hw: pci: use after free triggered via guest
oss-security - CVE-2014-5443: Seafile local horizontal privilege escalation vulnerability
oss-security - CVE-2014-6440: Heap Overflow in VLC Transcode Module
oss-security - CVE-2014-7224 - Android accessibility and accessibilityTraversal vulnerability
oss-security - CVE-2014-8156: freesmartphone.org stack configures D-Bus system bus to be insecure
oss-security - CVE-2014-8166 cups: code execution via unescape ANSI escape sequences
oss-security - CVE-2015-0276: Kallithea: Lack of CSRF attack protection enables gaining unauthorised access to users' accounts
oss-security - CVE-2015-0296 preinstall scriptlet in texlive-base rpm of fedora allows unprivileged user to delete arbitrary files(maybe others)
oss-security - CVE-2015-0841: off-by-one error in network code of monopd/libcapsinetwork
oss-security - CVE-2015-0853: insecure use of os.system() in svn-workbench
oss-security - CVE-2015-0854: Insecure use of system() in shutter
oss-security - CVE-2015-1325 apport race conditions / ubuntu local root
oss-security - CVE-2015-1328: incorrect permission checks in overlayfs, ubuntu local root
oss-security - CVE-2015-1416: vulnerability in patch(1)
oss-security - CVE-2015-1820: ruby rest-client session fixation vulnerability
oss-security - CVE-2015-1835: Remote exploit of secondary configuration variables in Apache Cordova on Android
oss-security - CVE-2015-1850: OpenStack Cinder/Nova: Format-guessing and file disclosure in image convert
oss-security - CVE-2015-1864: Multiple HTML and Javascript injections
oss-security - CVE-2015-2080 - Jetty remote unauthenticated credential exposure
oss-security - CVE-2015-3208 hornetq: XXE/SSRF in XPath selector
oss-security - CVE-2015-3210: PCRE Library Heap Overflow Vulnerability
oss-security - CVE-2015-3210: PCRE Library Heap Overflow Vulnerability
oss-security - CVE-2015-3210: PCRE Library Heap Overflow Vulnerability
oss-security - CVE-2015-3217: PCRE Library Call Stack Overflow Vulnerability in match()
oss-security - CVE-2015-3222 - OSSEC root escalation
oss-security - CVE-2015-3243 rsyslog: some log files are created world-readable
oss-security - CVE-2015-5155 - openslp 1.2.1 ParseExtension() DoS vulnerability
oss-security - CVE-2015-5224 login-utils: file name collision due to incorrect mkstemp use
oss-security - CVE-2015-5232: various /tmp races in opa-fm, opa-ff
oss-security - CVE-2015-5237: Integer overflow in protobuf serialization (currently minor)
oss-security - CVE-2015-5239 Qemu: vnc infinite loop issue
oss-security - CVE-2015-5278 Qemu: net: avoid infinite loop when receiving packets
oss-security - CVE-2015-5282: Foreman stored XSS in parameter hide checkbox
oss-security - CVE-2015-5327 kernel: User triggerable out-of-bounds read
oss-security - CVE-2015-7266
oss-security - CVE-2015-7504 Qemu: net: pcnet: heap overflow vulnerability in loopback mode
oss-security - CVE-2015-7549 Qemu: pci: msi-x: null pointer dereference issue
oss-security - CVE-2015-8107 - a2ps(gnu) v4.14 format string vulnerability
oss-security - CVE-2016-0617: linux kernel: hugetlbfs: fix bugs in hugetlb_vmtruncate_list()
oss-security - CVE-2016-0634 -- bash prompt expanding $HOSTNAME
oss-security - CVE-2016-0760: Hive builtin functions “reflect”,“reflect2”, and “java_method” are not blocked in Ap
oss-security - CVE-2016-1249: Out-of-bounds read by DBD::mysql >= version 2.9003
oss-security - CVE-2016-1253 most: shell command injection through filenames
oss-security - CVE-2016-1281: TrueCrypt and VeraCrypt Windows installers allow arbitrary code execution with elevation of privilege
oss-security - CVE-2016-2117 memory disclosure to ethernet due to unchecked scatter/gather IO
oss-security - CVE-2016-3078: php: integer overflow in ZipArchive::getFrom*
oss-security - CVE-2016-3083: Apache Hive SSL vulnerability bug disclosure
oss-security - CVE-2016-3091 Diego log encoding vulnerability
oss-security - CVE-2016-3619 libtiff: Out-of-bounds Read in the bmp2tiff tool
oss-security - CVE-2016-3620 libtiff: Out-of-bounds Read in the bmp2tiff tool
oss-security - CVE-2016-3621 libtiff: Out-of-bounds Read in the bmp2tiff tool
oss-security - CVE-2016-3622 libtiff: Divide By Zero in the tiff2rgba tool
oss-security - CVE-2016-3622 libtiff: Divide By Zero in the tiff2rgba tool
oss-security - CVE-2016-3623 libtiff: Divide By Zero in the rgb2ycbcr tool
oss-security - CVE-2016-3624 libtiff: Out-of-bounds Write in the rgb2ycbcr tool
oss-security - CVE-2016-3625 libtiff: Out-of-bounds Read in the tiff2bw tool
oss-security - CVE-2016-3631 - libtiff 4.0.6 illegel read
oss-security - CVE-2016-3632 - libtiff 4.0.6 illegel write
oss-security - CVE-2016-3633 - libtiff 4.0.6 illegel read
oss-security - CVE-2016-3634 - libtiff illegel read
oss-security - CVE-2016-3658 - libtiff 4.0.6 illegel read
oss-security - CVE-2016-3694 modified eCommerce Shopsoftware 2.0.0.0 rev 9678 - Blind SQL Injection
oss-security - CVE-2016-3945 libtiff: Out-of-bounds Write in the tiff2rgba tool
oss-security - CVE-2016-3990 : out-of-bounds write in horizontalDifference8() in tiffcp tool
oss-security - CVE-2016-3991 : out-of-bounds write in loadImage() in tiffcrop tool
oss-security - CVE-2016-4338: Zabbix Agent 3.0.1 mysql.size shell command injection
oss-security - CVE-2016-4451, CVE-2016-4475: Foreman organizations/locations API/UI privilege escalations
oss-security - CVE-2016-4451: Privileges escalation through Organization and Locations Foreman API
oss-security - CVE-2016-4455: subscription-manager: incorrect permisions in /var/lib/rhsm/
oss-security - CVE-2016-4484: - Cryptsetup Initrd root Shell
oss-security - CVE-2016-4973 gcc: Targets using libssp for SSP are missing -D_FORTIFY_SOURCE functionality
oss-security - CVE-2016-4995: Foreman information disclosure through unauthorized template previews
oss-security - CVE-2016-5011: util-linux: Extended partition loop in MBR partition table leads to DoS
oss-security - CVE-2016-5314:libtiff 4.0.6 PixarLogDecode( ) out-of-bound writes
oss-security - CVE-2016-5315: libtiff 4.0.6 tif_dir.c: setByteArray() Read access violation
oss-security - CVE-2016-5316: libtiff 4.0.6 tif_pixarlog.c: PixarLogCleanup() Segmentation fault
oss-security - CVE-2016-5317: GNOME nautilus: crash occurs when generating a thumbnail for a crafted TIFF image
oss-security - CVE-2016-5320: libtiff 4.0.6 rgb2ycbcr: command excution
oss-security - CVE-2016-5321: libtiff 4.0.6 DumpModeDecode(): Ddos
oss-security - CVE-2016-5322:libtiff 4.0.6 extractContigSamplesBytes: out-of-bounds read
oss-security - CVE-2016-5323: libtiff 4.0.6 tiffcrop _TIFFFax3fillruns(): divide by zero
oss-security - CVE-2016-5390: Foreman information disclosure in host interfaces/parameters API
oss-security - CVE-2016-5399: php: out-of-bounds write in bzread()
oss-security - CVE-2016-5400 - linux kernel: denial of service in airspy USB driver.
oss-security - CVE-2016-5403 Qemu: virtio: unbounded memory allocation on host via guest leading to DoS
oss-security - CVE-2016-5404 freeipa: Insufficient privileges check in certificate revocation
oss-security - CVE-2016-5412 Kernel: powerpc: kvm: Infinite loop via H_CEDE hypercall when running under hypervisor-mode
oss-security - CVE-2016-5425 - Apache Tomcat packaging on RedHat-based distros - Root Privilege Escalation (affecting CentOS, Fedora, OracleLinux, RedHat etc.)
oss-security - CVE-2016-6160: Segmentation fault in tcprewrite (tcpreplay)
oss-security - CVE-2016-6299 mock: privilige escalation via mock-scm
oss-security - CVE-2016-6301: busybox: NTP server denial of service flaw
oss-security - CVE-2016-6323: Missing unwind information on ARM EABI (32-bit) causes backtrace generation to hang
oss-security - CVE-2016-6327 | Linux kernel crash in infiniband subsystem.
oss-security - CVE-2016-6519: openstack-manila: Persistent XSS in Metadata field
oss-security - CVE-2016-6580, Python Priority: DoS via Unlimited Stream Insertion
oss-security - CVE-2016-6581, Python HPACK and old Python Hyper releases: HPACK Bomb
oss-security - CVE-2016-6803: Apache OpenOffice unquoted search path vulnerability
oss-security - CVE-2016-6804 Apache OpenOfice Advisory
oss-security - CVE-2016-6823 - ImageMagick BMP Coder Out-Of-Bounds Write Vulnerability
oss-security - CVE-2016-7035 - pacemaker - improper IPC guarding
oss-security - CVE-2016-7039 Kernel: net: unbounded recursion in the vlan GRO processing
oss-security - CVE-2016-7056 ECDSA P-256 timing attack key recovery (OpenSSL, LibreSSL, BoringSSL)
oss-security - CVE-2016-7067 - CSRF in Monit Service Manager
oss-security - CVE-2016-7077: information disclosure from association lists shown without authorization
oss-security - CVE-2016-7078: Foreman organization/location authorization vulnerability
oss-security - CVE-2016-7101 - ImageMagick SGI Coder Out-Of-Bounds Read Vulnerability
oss-security - CVE-2016-7543 -- bash SHELLOPTS+PS4
oss-security - CVE-2016-7545 -- SELinux sandbox escape
oss-security - CVE-2016-7902: Dotclear <= 2.10.2 (Media Manager) Unrestricted File Upload
oss-security - CVE-2016-7903: Dotclear <= 2.10.2 Password Reset Address Spoof
oss-security - CVE-2016-7980: SPIP 3.1.2 Exec Code Cross-Site Request Forgery
oss-security - CVE-2016-7981: SPIP 3.1.2 Reflected Cross-Site Scripting
oss-security - CVE-2016-7982: SPIP 3.1.1/3.1.2 File Enumeration / Path Traversal
oss-security - CVE-2016-7998: SPIP 3.1.2 Template Compiler/Composer PHP Code Execution
oss-security - CVE-2016-7999: SPIP 3.1.2 Server Side Request Forgery
oss-security - CVE-2016-8610: SSL Death Alert: OpenSSL SSL/TLS SSL3_AL_WARNING undefined alert Remote DoS
oss-security - CVE-2016-8634: Foreman stored XSS in orgs/locations wizard step
oss-security - CVE-2016-8637: dracut creates world readble initramfs when early cpio is used
oss-security - CVE-2016-8638 ipsilon: DoS via logging out all open SAML2 sessions
oss-security - CVE-2016-8639: Foreman stored XSS in orgs/locations in settings
oss-security - CVE-2016-8640 pycsw SQL injection issue
oss-security - CVE-2016-8654 jasper: Heap-based buffer overflow in QMFB code in JPC codec
oss-security - CVE-2016-9015: Python urllib3 1.17 and 1.18 certificate verification failure
oss-security - CVE-2016-9297 LibTIFF regression
oss-security - CVE-2016-9580 CVE-2016-9581 openjpeg2: heap buffer oevrflows
oss-security - CVE-2016-9583 jasper: Out of bounds heap read in jpc_pi_nextpcrl()
oss-security - CVE-2016-9591 jasper: Use-after-free on heap in jas_matrix_destroy
oss-security - CVE-2016-9602 Qemu: 9p: virtfs allows guest to access host filesystem
oss-security - CVE-2016-9603 Qemu: cirrus: heap buffer overflow via vnc connection
oss-security - CVE-2017-0357: iucode-tool (v1.4 to v2.1): heap buffer overflow on -tr loader
oss-security - CVE-2017-0358 ntfs-3g: modprobe influence vulnerability via environment variables
oss-security - CVE-2017-1000083: evince: Command injection vulnerability in CBT handler
oss-security - CVE-2017-10664 Qemu: qemu-nbd: server breaks with SIGPIPE upon client abort
oss-security - CVE-2017-10806 Qemu: usb-redirect: stack buffer overflow in debug logging
oss-security - CVE-2017-11171: gnome-session: Bad reference counting in the context of accept_ice_connection() in gsm-xsmp-server.c
oss-security - CVE-2017-11334 Qemu: exec: oob access during dma operation
oss-security - CVE-2017-11343 CHICKEN Scheme: algorithmic complexity attack in hash tables
oss-security - CVE-2017-12153 Linux kernel: nl80211: null pointer dereference in nl80211_set_rekey_data()
oss-security - CVE-2017-14160: libvorbis-1.3.5 bark_noise_hybridmp() integer signedness bug
oss-security - CVE-2017-2575 libbpg: NULL pointer dereference in image_alloc
oss-security - CVE-2017-2581, CVE-2017-2579, CVE-2017-2580, CVE-2017-2586, CVE-2017-2587: Multiple vulnerabilities in netpbm
oss-security - CVE-2017-2591 389 Directory Server: DoS via OOB heap read in \"attribute uniqueness\" plugin
oss-security - CVE-2017-2615 Qemu: display: cirrus: oob access while doing bitblt copy backward mode
oss-security - CVE-2017-2620 Qemu: display: cirrus: out-of-bounds access issue while in cirrus_bitblt_cputovideo
oss-security - CVE-2017-2630 Qemu: nbd: oob stack write in client routine drop_sync
oss-security - CVE-2017-2633 Qemu: VNC: memory corruption due to unchecked resolution limit
oss-security - CVE-2017-2667: Hammer CLI SSL certificate verification disabled
oss-security - CVE-2017-2669: Dovecot DoS when passdb dict was used for authentication
oss-security - CVE-2017-2672: Foreman image password disclosure in audit log
oss-security - CVE-2017-2885 libsoup - stack based buffer overflow with HTTP Chunked Encoding
oss-security - CVE-2017-3305 - The Riddle vulnerability in MySQL client (public disclosure)
oss-security - CVE-2017-5589+ Multiple XMPP Clients User Impersonation Vulnerability
oss-security - CVE-2017-7467: minicom and prl-vzvncserver vt100.c escparms[] buffer overflow
oss-security - CVE-2017-7471 Qemu: 9p: virtfs allows guest to change filesystem attributes on host
oss-security - CVE-2017-7482 Linux kernel: krb5 ticket decode len check.
oss-security - CVE-2017-7518 Kernel: KVM: debug exception via syscall emulation
oss-security - CVE-2017-7539 Qemu: qemu-nbd crashes due to undefined I/O coroutine
oss-security - CVE-2017-7558: Linux kernel: sctp: out-of-bounds read in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info()
oss-security - CVE-2017-7659: mod_http2 null pointer dereference
oss-security - CVE-2017-7669: Apache Hadoop privilege escalation
oss-security - CVE-2017-7980 Qemu: display: cirrus: OOB r/w access issues in bitblt routines
oss-security - CVE-2017-8086 Qemu: 9pfs: host memory leakage via v9pfs_list_xattr
oss-security - CVE-2017-8112 Qemu: scsi: vmw_pvscsi: infinite loop in pvscsi_log2
oss-security - CVE-2017-8380 Qemu: scsi: megasas: out-of-bounds read in megasas_mmio_write
oss-security - CVE-2017-9060 Qemu: virtio-gpu: host memory leakage in Virtio GPU device
oss-security - CVE-2017-9310 Qemu: net: infinite loop in e1000e NIC emulation
oss-security - CVE-2017-9330 Qemu: usb: ohci: infinite loop due to incorrect return value
oss-security - CVE-2017-9772: OCaml release 4.04.2
oss-security - CVE-request: Joomla core information disclosure 372-20111003
oss-security - CVEs for vulnerabilities listed in MySQL 5.6.33 release note
oss-security - Code Execution through a variety Java (Un-)Marshallers
oss-security - Corrections to CVE-2015-3297
oss-security - Cross-site scripting flaw in AskBot
oss-security - DOM based XSS in the JBoss AS 7 administration console - CVE-2011-3606
oss-security - Defense4all security advisory: CVE-2014-8149 users can export report data to an arbitrary file on the server's filesystem
oss-security - Docker 1.3.3 - Security Advisory [11 Dec 2014]
oss-security - Dokeos 2.1.1 XSS CVE-2012-5776
oss-security - Double free corruption in JasPer JPEG-2000 implementation (CVE-2015-5203)
oss-security - Duplicate CVE: CVE-2015-7703 in NTP
oss-security - Expat 2.2.1 security fixes
oss-security - Fedora Atomic - downloads updates over HTTP (CVE-2015-3229)
oss-security - Four BIND vulnerabilities have been disclosed today (11 January) that are fixed in new security releases
oss-security - FreeBSD Security Advisory FreeBSD-SA-14:13.pam
oss-security - Fuzzing findings (and maybe CVE requests) - Image/GraphicsMagick, elfutils, GIMP, gdk-pixbuf, file, ndisasm, less
oss-security - Fwd: CVE request - samsumg android phone SVE-2016-6244 Possible Privilege Escalation in telecom
oss-security - Fwd: CVE requests
oss-security - Fwd: CVE-2015-0249: Apache Roller allows admin users to execute arbitrary Java code
oss-security - Fwd: Multiple Vulnerabilities in Simple HRM system v2.3 and below
oss-security - Fwd: Old CVE ids, public, but still \"RESERVED\"
oss-security - Fwd: [ANNOUNCE] CVE-2016-6793 Apache Wicket deserialization vulnerability
oss-security - Fwd: [scr231911] SVE-2016-6248: SystemUI Security issue
oss-security - Grails Console is still vulnerable to CSRF CVE-2016-6521
oss-security - GraphicsMagick 1.3.25 fixes some security issues
oss-security - HT Editor 2.0.20 buffer overflows CVE-2012-5867
oss-security - Huge-IT Portfolio Gallery manager v1.1.5 SQL Injection and XSS
oss-security - ISC announces three BIND vulnerabilities
oss-security - ISC announces two BIND vulnerabilities
oss-security - Important vulnerability in Dovecot (CVE-2016-8652)
oss-security - Incomplete fix for CVE-2016-8641 (Nagios local root via (sym)links)
oss-security - Incorrect handling of self signed certificates in OpenFire XMPP Server
oss-security - Information on CVE-2014-0158, openjpeg
oss-security - Is CVE-2015-4650 a duplicate, leak, or just a typo?
oss-security - Jenkins plugins -- multiple fixes
oss-security - Jenkins plugins -- multiple vulnerabilities
oss-security - Jenkins plugins -- multiple vulnerabilities
oss-security - LMS-2014-06-16-1: Oberhumer LZO
oss-security - LMS-2014-06-16-3: Libav LZO
oss-security - LMS-2014-06-16-4: FFmpeg LZO
oss-security - LSE Leading Security Experts GmbH - LSE-2014-05-21 - Check_MK - Arbitrary File Disclosure Vulnerability
oss-security - LSE Leading Security Experts GmbH - LSE-2014-05-22 - F*EX - Multiple Issues
oss-security - Libgcrypt 1.7.8 fixes \"Sliding right into disaster\" RSA side-channel attack (CVE-2017-7526)
oss-security - Libgcrypt and GnuPG 1.4 RNG output prediction
oss-security - Linux Kernel use-after-free in SCSI generic device interface
oss-security - Linux encrypted boot security, was: CVE-2016-4484: - Cryptsetup Initrd root Shell
oss-security - LinuxMint - temp file creation vulns in mintNanny and mintUpdate
oss-security - MP3::Info file loading from cwd
oss-security - Mailcwp remote file upload vulnerability incomplete fix v1.100
oss-security - Medium risk security flaws in Konqueror
oss-security - Moodle security notifications public
oss-security - Moodle security release 3.0.4, 2.9.6, 2.8.12, 2.7.14
oss-security - Multiple CVE info for Ipsilon
oss-security - Multiple issues in libVNCserver
oss-security - Multiple vulnerabilities in Jenkins
oss-security - Multiple vulnerabilities in LibTIFF and associated tools
oss-security - MySQL / MariaDB / Percona - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / CVE-2016-5616]
oss-security - MySQL / MariaDB / Percona - Root Privilege Escalation Exploit [ CVE-2016-6664 / CVE-2016-5617 ]
oss-security - Netty/Play's Security Updates (CVE-2015-2156)
oss-security - New security vulnerability for Apache CXF Fediz - CVE-2015-5175
oss-security - Notification of upstream Condor security fixes
oss-security - OS command injection vulnerability in Chicken Scheme
oss-security - OpenDaylight security advisory: CVE-2015-1778 authentication bypass, CVE-2015-1611 CVE-2015-1612 topology spoofing via LLDP
oss-security - OpenStack Ironic does not honor clean steps (CVE-2015-7514)
oss-security - OpenStack Ironic does not honor clean steps (CVE-2015-7514)
oss-security - OpenVZ simfs container filesystem breakout
oss-security - Out of bounds read and signed integer overflow in libarchive
oss-security - Please REJECT CVE-2012-6686
oss-security - Please reject CVE-2011-0705
oss-security - Please reject duplicate CVE for libxml2
oss-security - Possible CVE Request: dulwich: does not prevent to write files in commits with invalid paths to working tree
oss-security - Possible CVE Requests: several issues fixed in Jenkins (Advisory 2014-02-14)
oss-security - Possible \"new\" CVE for Zoo directory traversal
oss-security - PowerDNS Security Advisories 2016-02, 2016-03, 2016-04 and 2016-05
oss-security - PowerDNS Security Advisories for dnsdist 2017-01 and 2017-02
oss-security - PowerDNS Security Advisory 2015-02
oss-security - Problems in automatic crash analysis frameworks
oss-security - Pulp 2.6.4 released for CVE-2015-5263
oss-security - Pulp 2.8.2 release for CVE-2016-3095
oss-security - Pulp 2.8.3 Released to address multiple CVEs
oss-security - Python CVE-2016-0772: smtplib StartTLS stripping attack
oss-security - QEMU image format input validation fixes (multiple CVEs)
oss-security - Qualys Security Advisory - LibreSSL (CVE-2015-5333 and CVE-2015-5334)
oss-security - Qualys Security Advisory - The Stack Clash
oss-security - RCE vulnerability in Openstack Murano using insecure YAML tags (CVE-2016-4972)
oss-security - RCE vulnerability in Openstack Murano using insecure YAML tags (CVE-2016-4972)
oss-security - RE: CVE Requests for Drupal contributed modules (from SA-CONTRIB-2015-132 to SA-CONTRIB-2015-156)
oss-security - RE: CVE request: XSS in MantisBT
oss-security - RE: CVE request: python-pyrad insecurities
oss-security - RE: CVE request: surf
oss-security - RE: CVE-2017-2615 Qemu: display: cirrus: oob access while doing bitblt copy backward mode
oss-security - RE: CVE-2017-2615 Qemu: display: cirrus: oob access while doing bitblt copy backward mode
oss-security - RE: OS command injection vulnerability in Chicken Scheme
oss-security - RE: Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME
oss-security - RE: Re: SWFUpload <= (Object Injection/CSRF) Vulnerabilities Multiple flaws
oss-security - RE: Re: SWFUpload <= (Object Injection/CSRF) Vulnerabilities Multiple flaws
oss-security - RE: request for CVEs for git clients
oss-security - REJECT CVE-2015-1861
oss-security - Re: CVE request - asterisk, python-markdown, jetty, kde
oss-security - Re: (possible) CVE request: suPHP 0.7.2 release fixed a possible arbitrary code execution
oss-security - Re: 2 moderate (borderline low) docker flaws fixed in >=1.5 and possibly earlier
oss-security - Re: 2 moderate (borderline low) docker flaws fixed in >=1.5 and possibly earlier
oss-security - Re: 2 moderate (borderline low) docker flaws fixed in >=1.5 and possibly earlier
oss-security - Re: 3 bugs refer to buffer overflow in in libtiff 4.0.6
oss-security - Re: A CGI application vulnerability for PHP, Go, Python and others
oss-security - Re: A CGI application vulnerability for PHP, Go, Python and others - CHICKEN eggs
oss-security - Re: A number of EncFS issues
oss-security - Re: A small backlog of vulnerabilities in Chicken Scheme
oss-security - Re: About CVE-2012-5645
oss-security - Re: About CVE-2012-5645
oss-security - Re: About CVE-2012-5645
oss-security - Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
oss-security - Re: Ansible CVE requests
oss-security - Re: Ansible CVE requests
oss-security - Re: Ansible CVE requests
oss-security - Re: Asking for CVE for imagemagick
oss-security - Re: Asking for CVE for imagemagick
oss-security - Re: Assign a CVE for Python's restkit Please
oss-security - Re: BUG_ON crash in linux 4.7-rc6/master skbuff.c
oss-security - Re: Batavi 1.0 - XSRF bug fixed
oss-security - Re: Berkeley DB reads DB_CONFIG from cwd
oss-security - Re: Browsing and attaching images considered harmful in Linux
oss-security - Re: Browsing and attaching images considered harmful in Linux
oss-security - Re: Buffer Overflow in lha compression utility
oss-security - Re: Buffer overflow in libarchive-3.2.0
oss-security - Re: Buffer overflow in pycrypto
oss-security - Re: Bugs fixed in libevent 2.1.6
oss-security - Re: CVE Assignment for Crypto++ and \"AES and incorrect argument to _freea() under Microsoft compilers\"
oss-security - Re: CVE ID Request for Python CGIHTTPServer File Disclosure
oss-security - Re: CVE ID request: certificate spoofing through crafted SASL message in inspircd, charybdis
oss-security - Re: CVE ID request: certificate spoofing through crafted SASL message in inspircd, charybdis
oss-security - Re: CVE Request (2002): Linux TCP stack could accept invalid TCP flag combinations
oss-security - Re: CVE Request (2002): Linux TCP stack could accept invalid TCP flag combinations
oss-security - Re: CVE Request (minor) -- JVM: heap memory disclosure (possibly various JDKs)
oss-security - Re: CVE Request (two ids) -- Xchat-WDK (prior 1499-4 [2012-01-18]) and Xchat-v2.8.6 on Maemo architecture -- Heap-based buffer
oss-security - Re: CVE Request - CSRF vulnerability in the Google Analyticator Wordpress Plugin v6.4.9.3 before rev @1183563
oss-security - Re: CVE Request - Code execution vulnerability in GNU/bash v4.4 autocompletion
oss-security - Re: CVE Request - Exponent CMS 2.3.9 multi-vulnerabilities in install code
oss-security - Re: CVE Request - Full Path disclosure on Wordpress plugin NextGEN Gallery
oss-security - Re: CVE Request - Go net/http library - HTTP smuggling
oss-security - Re: CVE Request - Linux kernel - securelevel/secureboot bypass.
oss-security - Re: CVE Request - OpenJPEG: Security Fixes
oss-security - Re: CVE Request - OpenSLP 2.0 Memory Corruption
oss-security - Re: CVE Request - OpenSLP 2.0 Memory Corruption
oss-security - Re: CVE Request - OpenSLP 2.0 Memory Corruption
oss-security - Re: CVE Request - OpenStack Designate mDNS DoS through incorrect handling of large RecordSets
oss-security - Re: CVE Request - PECL-HTTP 3.0.0 Buffer overflow
oss-security - Re: CVE Request - Portable UPnP SDK 1.6.19 through 1.8.x
oss-security - Re: CVE Request - Remote DoS vulnerabilities in BitlBee
oss-security - Re: CVE Request - Ruby OpenSSL Library - IV Reuse in GCM Mode
oss-security - Re: CVE Request - Samsung Exynos GPU driver OOB read
oss-security - Re: CVE Request - Samsung Exynos fimg2d Multiple Issues
oss-security - Re: CVE Request - Samsung Exynos fimg2d NULL Pointer Dereference
oss-security - Re: CVE Request - Slim 1.3.6 fixes a security issue
oss-security - Re: CVE Request - TRE & musl libc regex integer overflows in buffer size computations
oss-security - Re: CVE Request - TRE & musl libc regex integer overflows in buffer size computations
oss-security - Re: CVE Request - TrueCrypt 7.1a and VeraCrypt 1.14 Local Elevation of Privilege
oss-security - Re: CVE Request - XStream: DoS when unmarshalling void
oss-security - Re: CVE Request - cups: 'Listen localhost:631' option not honoured correctly on IPv6-enabled systems when systemd used for CUPS
oss-security - Re: CVE Request - multiple ghostscript -dSAFER sandbox problems
oss-security - Re: CVE Request - multiple ghostscript -dSAFER sandbox problems
oss-security - Re: CVE Request -- Broadcom Wifi Driver Brcmfmac brcmf_cfg80211_start_ap Buffer Overflow
oss-security - Re: CVE Request -- Drupal v6.16 / v5.22 SA-CORE-2010-001
oss-security - Re: CVE Request -- FreeRDP: Multiple security fixes in 1.1.0-beta1 version
oss-security - Re: CVE Request -- FreeRDP: Multiple security fixes in 1.1.0-beta1 version
oss-security - Re: CVE Request -- Freeciv (X < 2.3.3): DoS (memory exhaustion or excessive CPU consumption) via malformed network packets
oss-security - Re: CVE Request -- LDAP Account Manager Pro / PhpLDAPadmin -- Multiple XSS flaws
oss-security - Re: CVE Request -- LDAP Account Manager Pro / PhpLDAPadmin -- Multiple XSS flaws
oss-security - Re: CVE Request -- LDAP Account Manager Pro / PhpLDAPadmin -- Multiple XSS flaws
oss-security - Re: CVE Request -- MediaWiki 1.19.2 and 1.18.5 multiple security flaws
oss-security - Re: CVE Request -- Mercurial --Doesn't verify subject Common Name properly
oss-security - Re: CVE Request -- Mercurial --Doesn't verify subject Common Name properly
oss-security - Re: CVE Request -- Mumble server (Murmur) / Qt SQLite -- Remotely exploitable DoS (murmur termination) due QueryUsers Qt
oss-security - Re: CVE Request -- OpenOffice.org -- InteVyDis Demo of OpenOffice 0day. Released with VulnDisco 8.8 pack (release date
oss-security - Re: CVE Request -- OpenVAS Manager v2.0.3
oss-security - Re: CVE Request -- Polipo -- Assertion failure by processing certain HTTP POST / PUT requests
oss-security - Re: CVE Request -- Ruby (OpenSSL extension) -- Insecure way of creation exponent value by private RSA key generation
oss-security - Re: CVE Request -- Smarty -- {smarty.template} && {smarty.currentdir} security bypass
oss-security - Re: CVE Request -- Transmission v1.92
oss-security - Re: CVE Request -- WebSVN -- execCommand() remote commands injection vulnerability
oss-security - Re: CVE Request -- WordPress v3.1.2
oss-security - Re: CVE Request -- Zend Framework -- SQL injection when using PDO_MySql
oss-security - Re: CVE Request -- Zikula (v1.3.x) -- XSS flaw due improper sanitization of 'themename' parameter by setting default,
oss-security - Re: CVE Request -- apt
oss-security - Re: CVE Request -- autojump: autojump profile will load random stuff from a directory called custom_install
oss-security - Re: CVE Request -- drupal6-views_bulk_operations: XSS due improper escaping of a vocabulary help (SA-CONTRIB-2011-042)
oss-security - Re: CVE Request -- evolution -- Uses insecure (non-SSL) connection when storing the sent message into the Sent folder
oss-security - Re: CVE Request -- foomatic (foomatic-filters): foomatic-rip (debug mode) insecure temporary file use in renderer command
oss-security - Re: CVE Request -- fwknop 2.0.3: Multiple security issues
oss-security - Re: CVE Request -- fwknop 2.0.3: Multiple security issues
oss-security - Re: CVE Request -- gnome-desktop3: Switching users dialog does not lock the screen for the original user account
oss-security - Re: CVE Request -- gnome-desktop3: Switching users dialog does not lock the screen for the original user account
oss-security - Re: CVE Request -- kde-workspace 4.10.5 fixing two security flaws
oss-security - Re: CVE Request -- kernel: tcp: drop SYN+FIN messages
oss-security - Re: CVE Request -- kernel: tcp: drop SYN+FIN messages
oss-security - Re: CVE Request -- kernel: tcp: drop SYN+FIN messages
oss-security - Re: CVE Request -- kernel: tcp: drop SYN+FIN messages
oss-security - Re: CVE Request -- kernel: tcp: drop SYN+FIN messages
oss-security - Re: CVE Request -- kernel: tcp: drop SYN+FIN messages
oss-security - Re: CVE Request -- kernel: tcp: drop SYN+FIN messages
oss-security - Re: CVE Request -- openvas-scanner -- Insecure temporary file use by generation of an OVAL system characteristics
oss-security - Re: CVE Request -- pam_yubico -- Authentication bypass via NULL password
oss-security - Re: CVE Request -- php-ZendFramework: XSS vectors in multiple Zend Framework components (ZF2012-03)
oss-security - Re: CVE Request -- phpLDAPadmin -- Local file inclusion flaw in \"common.php\" via \"Accept-Language\" HTTP header leading to DoS
oss-security - Re: CVE Request -- pootle -- XSS via 'match_names' parameter on translate.html page
oss-security - Re: CVE Request -- quagga (ospf6d): Assertion failure when removing routes (retrieving information which route to remove)
oss-security - Re: CVE Request -- redis: Two insecure temporary file use flaws
oss-security - Re: CVE Request -- redis: Two insecure temporary file use flaws
oss-security - Re: CVE Request -- roundup: Multiple XSS flaws plus other security related fixes corrected in upstream 1.4.20 version
oss-security - Re: CVE Request -- rpcbind -- Insecure (predictable) temporary file use
oss-security - Re: CVE Request -- rpcbind -- Insecure (predictable) temporary file use
oss-security - Re: CVE Request -- rpcbind -- Insecure (predictable) temporary file use
oss-security - Re: CVE Request -- rpcbind -- Insecure (predictable) temporary file use
oss-security - Re: CVE Request -- rpcbind -- Insecure (predictable) temporary file use
oss-security - Re: CVE Request -- xscreensaver -- exits when activated
oss-security - Re: CVE Request -- yaws -- Directory traversal flaw
oss-security - Re: CVE Request -- yum: Not removing bad metadata and using it in next run
oss-security - Re: CVE Request / Discussion -- dirmngr -- Improper dealing with blocking system calls, when verifying a certificate
oss-security - Re: CVE Request : IPv6 Hop limit lowering via RA messages
oss-security - Re: CVE Request : Libtorrent 1.1.0 inflate_gzip denial of service
oss-security - Re: CVE Request : Use-after-free in gifcolor
oss-security - Re: CVE Request : Use-after-free in openjpeg
oss-security - Re: CVE Request ImageMagick buffer overflow
oss-security - Re: CVE Request Openstack-infra puppet-gerrit module xss vulnerability
oss-security - Re: CVE Request Qemu: Information leak in vmxnet3_complete_packet
oss-security - Re: CVE Request Qemu: net: e1000 infinite loop issue
oss-security - Re: CVE Request Qemu: net: e1000 infinite loop issue
oss-security - Re: CVE Request Qemu: scsi: megasas: out-of-bounds read in megasas_lookup_frame() function
oss-security - Re: CVE Request Qemu: scsi: megasas: out-of-bounds write while setting controller properties
oss-security - Re: CVE Request Qemu: scsi: megasas: stack information leakage while reading configuration
oss-security - Re: CVE Request Qemu: scsi: mptsas: invalid memory access while building configuration pages
oss-security - Re: CVE Request Qemu: usb: xhci memory leakage during device unplug
oss-security - Re: CVE Request Qemu: virtio: infinite loop in virtqueue_pop
oss-security - Re: CVE Request Qemu: vmware_vga: OOB stack memory access when processing svga command
oss-security - Re: CVE Request for Denial of Service in pacman 5.0.1
oss-security - Re: CVE Request for Drupal Contributed Modules
oss-security - Re: CVE Request for Drupal Contributed Modules
oss-security - Re: CVE Request for Drupal contributed modules
oss-security - Re: CVE Request for Drupal contributed modules
oss-security - Re: CVE Request for Drupal contributed modules
oss-security - Re: CVE Request for Drupal contributed modules
oss-security - Re: CVE Request for KNewStuff/KArchive issue
oss-security - Re: CVE Request for WP Fastest Cache plugin
oss-security - Re: CVE Request for Wordpress-Plugin Broken Link Checker v1.10.8: Persistent XSS in admin panel enabled by modified headers
oss-security - Re: CVE Request for ZFS on Linux
oss-security - Re: CVE Request for incomplete fix to CVE-2015-3297 in Etherpad Minify
oss-security - Re: CVE Request for information leak in Etherpad exports
oss-security - Re: CVE Request for read-only directory traversal in Etherpad Minify
oss-security - Re: CVE Request for read-only directory traversal in Etherpad frontend tests
oss-security - Re: CVE Request for requests-kerberos
oss-security - Re: CVE Request for spamdyke \"STARTTLS\" Plaintext
oss-security - Re: CVE Request uclibc-ng dns resolver issues
oss-security - Re: CVE Request, Use after free vulnerability in Dwarfdump
oss-security - Re: CVE Request: -- Linux kernel: double free in netlink_dump
oss-security - Re: CVE Request: 2015 squidguard reflected XSS
oss-security - Re: CVE Request: A read out-of-bands was found in the parsing of TGA files using libgd
oss-security - Re: CVE Request: A read out-of-bands was found in the parsing of TGA files using libgd
oss-security - Re: CVE Request: A read out-of-bands was found in the parsing of TGA files using libgd
oss-security - Re: CVE Request: ATutor LMS Version 2.2 with stored XSS and file upload issue
oss-security - Re: CVE Request: Advanced Electron Forums (AEF) 1.0.9 <= Cross Site Request Forgery (CSRF) Vulnerability
oss-security - Re: CVE Request: Ansible not caching SSH host keys
oss-security - Re: CVE Request: Any User Can Panic Kernel Through Sysctl on OpenBSD
oss-security - Re: CVE Request: Arm Mali gpu driver Dos vulnerability
oss-security - Re: CVE Request: Audio File Library
oss-security - Re: CVE Request: BusyBox tar directory traversal
oss-security - Re: CVE Request: Bypass Restricted Python - Plone
oss-security - Re: CVE Request: CPAN perl module Data::UUID symlink attacks
oss-security - Re: CVE Request: CSRF in Grails console
oss-security - Re: CVE Request: Cap'n Proto: Several issues
oss-security - Re: CVE Request: Clipboard Perl module: clipedit: insecure use of temporary files
oss-security - Re: CVE Request: Concrete CMS 5.4.1.1 <= Cross Site Scripting
oss-security - Re: CVE Request: Cryptography 1.5.3: HKDF might return an empty byte-string
oss-security - Re: CVE Request: DBD-mysql: use-after-free in mysql_dr_error
oss-security - Re: CVE Request: Default password in openstack / crowbar trove
oss-security - Re: CVE Request: Denial-of-Service / Unexploitable Memory Corruption in mmap() on OpenBSD
oss-security - Re: CVE Request: Django CMS
oss-security - Re: CVE Request: Django CMS
oss-security - Re: CVE Request: Dotclear: XSS vulnerability in comments managment page and media exclusion control enforcement
oss-security - Re: CVE Request: Elgg 1.7.10 <= | Multiple Vulnerabilities
oss-security - Re: CVE Request: FlightGear: Allows the route manager to overwrite arbitrary files
oss-security - Re: CVE Request: Gambas Directory hijack vulnerability
oss-security - Re: CVE Request: Game Music Emulators: incorrect emulation of the SPC700 audio co-processor of SNES: arbitrary code execution via malformed SPC music file
oss-security - Re: CVE Request: GnuTLS: GNUTLS-SA-2016-1: File overwrite by setuid programs
oss-security - Re: CVE Request: Hash collision issue in Mono/C# (similar to Microsoft .NET issue)
oss-security - Re: CVE Request: Horde_Ldap: Stricter parameter check in bind() to detect empty passwords
oss-security - Re: CVE Request: IPTables-Parse: Use of predictable names for temporary files
oss-security - Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors
oss-security - Re: CVE Request: Info-ZIP unzip 6.0
oss-security - Re: CVE Request: Info-ZIP unzip 6.0
oss-security - Re: CVE Request: Info-ZIP unzip 6.0
oss-security - Re: CVE Request: Info-ZIP unzip 6.0
oss-security - Re: CVE Request: Info-Zip zipinfo buffer overflow
oss-security - Re: CVE Request: Information disclosure in MantisBT
oss-security - Re: CVE Request: Information disclosure in MantisBT
oss-security - Re: CVE Request: Insecure Software Download in pip
oss-security - Re: CVE Request: Insecure Software Download in pip
oss-security - Re: CVE Request: IrRegular Expressions resource exhaustion in regex compilation [was: Re: CVE Request: resource exhaustion in regex expression handling in WebKit]
oss-security - Re: CVE Request: Irssi Multiple Vulnerabilities (2017/01)
oss-security - Re: CVE Request: Irssi out of bounds read in format string
oss-security - Re: CVE Request: Jcow CMS 4.2 <= | Cross Site Scripting
oss-security - Re: CVE Request: Jcow CMS 4.x:4.2 <= , 5.x:5.2 <= | Arbitrary Code Execution
oss-security - Re: CVE Request: Jenkins and plugins
oss-security - Re: CVE Request: Joomla! 1.6.0 | SQL Injection Vulnerability
oss-security - Re: CVE Request: Joomla! 1.7.0 | Multiple Cross Site Scripting (XSS) Vulnerabilities
oss-security - Re: CVE Request: Linux kernel crypto api unprivileged arbitrary module load
oss-security - Re: CVE Request: Linux: ip6_gre: invalid reads in ip6gre_err()
oss-security - Re: CVE Request: Linux: net: out-of-bounds due do a signedness issue when defragging ipv6
oss-security - Re: CVE Request: Linux: signed overflows for SO_{SND|RCV}BUFFORCE
oss-security - Re: CVE Request: Local Privilege Escalation in QEMU virtfs-proxy-helper
oss-security - Re: CVE Request: MCabber: remote attackers can modify the roster and intercept messages via a crafted roster-push IQ stanza
oss-security - Re: CVE Request: MCabber: remote attackers can modify the roster and intercept messages via a crafted roster-push IQ stanza
oss-security - Re: CVE Request: MUJS null pointer dereference and Heap buffer overflow write
oss-security - Re: CVE Request: Magento SWF XSS
oss-security - Re: CVE Request: Mambo CMS 4.6.x | Multiple Cross Site Scripting Vulnerabilities
oss-security - Re: CVE Request: MediaWiki 1.25.3, 1.24.4 and 1.23.11
oss-security - Re: CVE Request: MediaWiki Security Releases 1.20.4 and 1.19.5
oss-security - Re: CVE Request: Mediawiki security releases 1.24.1, 1.23.8, 1.22.15 and 1.19.23
oss-security - Re: CVE Request: NetworkManager arbitrary file access
oss-security - Re: CVE Request: NetworkManager creates an open network when asked to create an adhoc-WPA network
oss-security - Re: CVE Request: NetworkManager creates an open network when asked to create an adhoc-WPA network
oss-security - Re: CVE Request: No Demangling During Analysis of Untrusted Binaries
oss-security - Re: CVE Request: No demangling of untrusted binaries (2)
oss-security - Re: CVE Request: No demangling of untrusted binaries (2)
oss-security - Re: CVE Request: Nova-LXD incorrectly applied Neutron security group rules
oss-security - Re: CVE Request: OSSIM multiple vulnerabilities
oss-security - Re: CVE Request: OTRS: execution of JavaScript in OTRS context by opening malicious attachment
oss-security - Re: CVE Request: October CMS - Stored XSS in image caption tag
oss-security - Re: CVE Request: OpenAFS: directory information leaks (OPENAFS-SA-2016-003)
oss-security - Re: CVE Request: OpenJPEG Heap Buffer Overflow Issue
oss-security - Re: CVE Request: OpenPNE 3, opWebAPIPlugin, opOpenSocialPlugin -- XXE vulnerability fix
oss-security - Re: CVE Request: Openpgp.js Critical vulnerability in S2K
oss-security - Re: CVE Request: PCRE Library Heap Overflow Vulnerability in find_fixedlength()
oss-security - Re: CVE Request: PHPShop 0.8.1 <= | Cross Site Scripting Vulnerability
oss-security - Re: CVE Request: Percona Toolkit automatic version check - remote code execution / information leak
oss-security - Re: CVE Request: PgBouncer: failed auth_query lookup leads to connection as auth_user
oss-security - Re: CVE Request: Pidgin XMPP remote crash (#62)
oss-security - Re: CVE Request: Pidgin XMPP remote crash (#62)
oss-security - Re: CVE Request: Plone Privilege Escalation
oss-security - Re: CVE Request: Plone Sandbox escape vulnerability
oss-security - Re: CVE Request: Plone Unauthorized user creation
oss-security - Re: CVE Request: Plone XSS
oss-security - Re: CVE Request: Plone header injection
oss-security - Re: CVE Request: Potential DoS in Crypto++ ASN.1 parser
oss-security - Re: CVE Request: Privilege escalation in webdav - Plone
oss-security - Re: CVE Request: Python keyring
oss-security - Re: CVE Request: Python keyring
oss-security - Re: CVE Request: Qemu: net: vmxnet: integer overflow in packet initialisation
oss-security - Re: CVE Request: Qemu: scsi: mptsas infinite loop in mptsas_fetch_requests
oss-security - Re: CVE Request: Qemu: scsi: pvscsi: infinite loop when processing IO requests
oss-security - Re: CVE Request: Roundcube: XSS issue in SVG image handling and protection for download urs against CSRF
oss-security - Re: CVE Request: Shaarli: Several XSS in index.php
oss-security - Re: CVE Request: SimpleSAMLphp: SSPSA 201612-01: Incorrect signature verification
oss-security - Re: CVE Request: SimpleSAMLphp: SSPSA 201612-02: Incorrect signature verification
oss-security - Re: CVE Request: Stalin: Insecure use of temporary files
oss-security - Re: CVE Request: Stored Cross-Site Scripting in TYPO3 Bookmarks
oss-security - Re: CVE Request: SuiteCRM Post-Auth Race Condition Shell Upload Remote Code Execution.
oss-security - Re: CVE Request: TOTP Replay Attack in Ruby library \"devise-two-factor\"
oss-security - Re: CVE Request: The minissdpd (v 1.2.20130907-3) is affected by an improper validation of array index weakness
oss-security - Re: CVE Request: UnRTF: stack-based buffer overflows in cmd_* functions
oss-security - Re: CVE Request: UnRTF: stack-based buffer overflows in cmd_* functions
oss-security - Re: CVE Request: Unauthorized disclosure of site content - Plone
oss-security - Re: CVE Request: Vanilla Forums 2.0.17.1 ~ 2.0.17.5 <= Cross Site Scripting Vulnerability
oss-security - Re: CVE Request: Vtiger CRM 6.4 Authenticated Remote Code Execution
oss-security - Re: CVE Request: W3 Total Cache - public cache exposure
oss-security - Re: CVE Request: WebAuth: Authentication credential disclosure
oss-security - Re: CVE Request: WebKitGTK+ late TLS certificate verification
oss-security - Re: CVE Request: WebsiteBaker 2.8.1 <= Arbitrary File Upload Vulnerability
oss-security - Re: CVE Request: WebsiteBaker 2.8.1 <= Cross Site Request Forgery (CSRF) Vulnerability
oss-security - Re: CVE Request: Wordpress: 8 security issues in 4.7
oss-security - Re: CVE Request: Write out-of-bounds in gdk-pixbuf 2.30.7
oss-security - Re: CVE Request: XML entity expansion in the XML::Atom Perl module
oss-security - Re: CVE Request: XSS in smokeping / start and end time fields not filtered
oss-security - Re: CVE Request: XSS issue in MantisBT permalink_page.php
oss-security - Re: CVE Request: XSS vulns in b2evolution v6.7.5
oss-security - Re: CVE Request: XXE vulnerability in Restlet
oss-security - Re: CVE Request: XXE vulnerability in Restlet
oss-security - Re: CVE Request: YaBB 2.5.2 and earlier arbitrary code execution
oss-security - Re: CVE Request: Zabbix: SQL injection vulnerabilities in \"Latest data\"
oss-security - Re: CVE Request: Zend Framework: Potential SQL injection in ORDER and GROUP statements of Zend_Db_Select
oss-security - Re: CVE Request: adequate: privilege escalation via tty hijacking
oss-security - Re: CVE Request: another recursion in GRE
oss-security - Re: CVE Request: bbPress 1.0.2 <= Cross Site Scripting Vulnerability
oss-security - Re: CVE Request: bson-ruby DoS and possible injection
oss-security - Re: CVE Request: cabextract -- directory traversal
oss-security - Re: CVE Request: click
oss-security - Re: CVE Request: cobbler (Ubuntu-specific)
oss-security - Re: CVE Request: devscripts: licensecheck: arbitrary shell command injection
oss-security - Re: CVE Request: docker2aci: Path traversals present in image converting
oss-security - Re: CVE Request: drupal7-entity: multiple access bypass vulnerabilities
oss-security - Re: CVE Request: evolution mail client GPG key selection issue
oss-security - Re: CVE Request: evolution mail client GPG key selection issue
oss-security - Re: CVE Request: evolution mail client GPG key selection issue
oss-security - Re: CVE Request: evolution mail client GPG key selection issue
oss-security - Re: CVE Request: ffmpeg remote exploitaion results code execution
oss-security - Re: CVE Request: ffmpeg/libav
oss-security - Re: CVE Request: ffmpeg/libav
oss-security - Re: CVE Request: foo2zjs
oss-security - Re: CVE Request: freeradius: the EAP-PWD module performs insufficient validation on packets received from an EAP peer
oss-security - Re: CVE Request: gitolite world writable files for fresh installs of v3.5.3
oss-security - Re: CVE Request: gitolite world writable files for fresh installs of v3.5.3
oss-security - Re: CVE Request: gitolite world writable files for fresh installs of v3.5.3
oss-security - Re: CVE Request: graphviz: stack-based buffer overflow in yyerror()
oss-security - Re: CVE Request: gstreamer plugins
oss-security - Re: CVE Request: gstreamer plugins
oss-security - Re: CVE Request: ha -- directory traversals
oss-security - Re: CVE Request: heap overflow in Python zipimport module
oss-security - Re: CVE Request: html5lib: potential cross-site scripting vulnerablity: quote attributes that need escaping in legacy browsers
oss-security - Re: CVE Request: icoutils: exploitable crash in wrestool programm
oss-security - Re: CVE Request: icoutils: exploitable crash in wrestool programm
oss-security - Re: CVE Request: ikiwiki: cross-site scripting via openid_identifier
oss-security - Re: CVE Request: irssi: information disclosure vulnerabilit in buf.pl
oss-security - Re: CVE Request: kmail: Attachments are not encrypted when \"automatic encryption\" is selected
oss-security - Re: CVE Request: libgcrypt hardening for RSA-CRT leak
oss-security - Re: CVE Request: libgd - gdCtxPrintf memory leak
oss-security - Re: CVE Request: libgd: Invalid color index is not properly handled leading to denial of service (crash)
oss-security - Re: CVE Request: libgd: Out-Of-Bounds Read in function read_image_tga of gd_tga.c
oss-security - Re: CVE Request: libgd: Stack Buffer Overflow in GD dynamicGetbuf
oss-security - Re: CVE Request: libgd: global out of bounds read when encoding gif from malformed input with gd2togif
oss-security - Re: CVE Request: libtiff: Out-of-bounds Write memcpy and less bound check in tiff2pdf
oss-security - Re: CVE Request: libtiff: heap buffer overflow/read outside of array
oss-security - Re: CVE Request: libtiff: read outside buffer in _TIFFPrintField()
oss-security - Re: CVE Request: lshell: shell outbreak vulnerabilities via bad syntax parse and multiline commands
oss-security - Re: CVE Request: memory leak in openssl \"hostname\" TLS Extension
oss-security - Re: CVE Request: mod-gnutls: GnuTLSClientVerify require is ignored
oss-security - Re: CVE Request: nettle's RSA code is vulnerable to cache sharing related attacks
oss-security - Re: CVE Request: null pointer deref in openslp, can be triggered remotely
oss-security - Re: CVE Request: openshift-node is logging private RSA keys to the systemd journal
oss-security - Re: CVE Request: overlayfs
oss-security - Re: CVE Request: patch: CVE needed for incomplete fix for CVE-2015-1196?
oss-security - Re: CVE Request: patch: directory traversal via file rename
oss-security - Re: CVE Request: pcsc-lite use-after-free and double-free
oss-security - Re: CVE Request: perl: XSLoader: could load shared library from incorrect location
oss-security - Re: CVE Request: pgbouncer: DoS/remote crash: invalid packet order causes lookup of NULL pointer
oss-security - Re: CVE Request: php-gettext: Arbitrary code execution in select_string, ngettext and npgettext count parameter
oss-security - Re: CVE Request: phpbb open redirect
oss-security - Re: CVE Request: pkexec tty hijacking via TIOCSTI ioctl
oss-security - Re: CVE Request: ppmd -- directory traversals
oss-security - Re: CVE Request: redis: World readable .rediscli_history
oss-security - Re: CVE Request: reseed
oss-security - Re: CVE Request: resource exhaustion in regex expression handling in WebKit
oss-security - Re: CVE Request: roundcube: XSS vulnerability in mail content page
oss-security - Re: CVE Request: rsyslogd memory leaks
oss-security - Re: CVE Request: rubygem passenger security issue
oss-security - Re: CVE Request: rubygem-nokogiri Multiple DoS vulnerabilities
oss-security - Re: CVE Request: s-nail local root
oss-security - Re: CVE Request: salt confidentiality issue
oss-security - Re: CVE Request: samba, cifs-utils
oss-security - Re: CVE Request: smokeping incomplete fix for CVE-2012-0790
oss-security - Re: CVE Request: systemd v209+: local denial-of-service attack
oss-security - Re: CVE Request: tboot failing to measure commandline parameters
oss-security - Re: CVE Request: teeworlds: possible remote code execution on teeworlds client
oss-security - Re: CVE Request: thermald
oss-security - Re: CVE Request: tor: new upstream releases (0.2.6.7, 0.2.5.12 and 0.2.4.27) fixing security issues
oss-security - Re: CVE Request: two flaws in hesiod permitting privilege elevation
oss-security - Re: CVE Request: two security fixes in libgit2 0.25.1, 0.24.6
oss-security - Re: CVE Request: two security fixes in libgit2 0.25.1, 0.24.6
oss-security - Re: CVE Request: uclibc-ng (and uclibc): ARM arch: code execution
oss-security - Re: CVE Request: util-linux runuser tty hijacking via TIOCSTI ioctl
oss-security - Re: CVE Request: util-linux runuser tty hijacking via TIOCSTI ioctl -- chroot
oss-security - Re: CVE Request: wireshark releases
oss-security - Re: CVE Request: xdg-utils: xdg-open: command injection vulnerability
oss-security - Re: CVE Request: zlib security issues found during audit
oss-security - Re: CVE Requests Facebook HHVM
oss-security - Re: CVE Requests for Drupal 7.41 and contributed modules
oss-security - Re: CVE Requests for Drupal contributed modules (from SA-CONTRIB-2015-132 to SA-CONTRIB-2015-156)
oss-security - Re: CVE Requests for phpCAS
oss-security - Re: CVE Requests: Information exposure caused by ecryptfs-setup-swap failures
oss-security - Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)
oss-security - Re: CVE Requests: libgd: potential unsigned onderflow, denial-of-service in gdImageCreateFromGd2Ctx and signed overflow in gd_io.c
oss-security - Re: CVE assignment for PHP 5.6.27 and 7.0.12
oss-security - Re: CVE assignment for PHP 5.6.28, 5.6.29, 7.0.13, 7.0.14 and 7.1.0
oss-security - Re: CVE for ISPConfig 3.0.4.3 \"Add new Webdav user\" can chmod and chown entire server from client interface
oss-security - Re: CVE for OpenBSD random() bug?
oss-security - Re: CVE for PHP 5.5.37 issues
oss-security - Re: CVE for Wordpress plugin Portable-phpmyadmin
oss-security - Re: CVE for Wordpress plugin Portable-phpmyadmin
oss-security - Re: CVE for nodejs node-uuid
oss-security - Re: CVE for ruby on rails XSS fixes
oss-security - Re: CVE id request: dhcpcd
oss-security - Re: CVE id request: masqmail
oss-security - Re: CVE id request: php-xajax
oss-security - Re: CVE id request: php-xajax
oss-security - Re: CVE id request: php-xajax
oss-security - Re: CVE id request: php-xajax
oss-security - Re: CVE id request: syscp
oss-security - Re: CVE id request: xlockmore vulnerability: local access
oss-security - Re: CVE ids for CyaSSL 2.9.4?
oss-security - Re: CVE issues with recent python flaws
oss-security - Re: CVE issues with recent python flaws
oss-security - Re: CVE needed? / gnuchess 6.2.4 fixed user input buffer overflow
oss-security - Re: CVE oops in GLSA 201308-05 (wireshark)
oss-security - Re: CVE or not: 2x grml-debootstrap
oss-security - Re: CVE request (and disclosure): ax25d missing setuid return code check
oss-security - Re: CVE request (maybe): magento before 1.7.0.2
oss-security - Re: CVE request - DCMTK remote stack buffer overflow
oss-security - Re: CVE request - Evergreen
oss-security - Re: CVE request - ICU
oss-security - Re: CVE request - Icinga 1.13.3 and older are vulnerable to XSS
oss-security - Re: CVE request - NodeBB Persistent XSS through Markdown
oss-security - Re: CVE request - OkHttp Certificate Pining Bypass
oss-security - Re: CVE request - OpenJPEG : Heap Corruption in opj_free function
oss-security - Re: CVE request - OpenJPEG : Out-Of-Bounds Read in opj_tcd_free_tile function
oss-security - Re: CVE request - OpenJPEG : Out-Of-Bounds Read in sycc422_to_rgb function
oss-security - Re: CVE request - Pulp < 2.3.0 shipped the same authentication CA key/cert to all users
oss-security - Re: CVE request - Pulp < 2.3.0 shipped the same authentication CA key/cert to all users
oss-security - Re: CVE request - Snoopy incomplete fix for CVE-2008-4796
oss-security - Re: CVE request - TelescopeJS Information Leakage: User BCrypt password hash post-authentication
oss-security - Re: CVE request - a out of bound read bug is found in libdwarf
oss-security - Re: CVE request - dhcp clients
oss-security - Re: CVE request - dhcp clients
oss-security - Re: CVE request - dhcp clients
oss-security - Re: CVE request - integer overflow and crash parsing regex in mujs
oss-security - Re: CVE request - ldapauth-fork versions < 2.3.3 are vulnerable to ldap injection.
oss-security - Re: CVE request - ldapauth-fork versions < 2.3.3 are vulnerable to ldap injection.
oss-security - Re: CVE request - mujs Heap-Buffer-Overflow write and OOB Read
oss-security - Re: CVE request - mujs Heap-Buffer-Overflow write and OOB Read
oss-security - Re: CVE request - mujs Heap-Buffer-Overflow write and OOB Read
oss-security - Re: CVE request - node-connect: methodOverride middleware reflected cross-site scripting
oss-security - Re: CVE request - perl library UI::Dialog 1.09 - shell escaping vulnerability
oss-security - Re: CVE request - python-docx 0.8.5 - XXE
oss-security - Re: CVE request - samsumg android phone TvoutService_C binder service DoS
oss-security - Re: CVE request - samsumg android phone com.samsung.android.jam.IAndroidShm binder service DoS
oss-security - Re: CVE request - samsumg android phone msm_sensor_config function write some range kernel address with any value
oss-security - Re: CVE request - simple-php-captcha - captcha bypass vulnerability
oss-security - Re: CVE request - simple-php-captcha - captcha bypass vulnerability
oss-security - Re: CVE request - slock, all versions NULL pointer dereference
oss-security - Re: CVE request - sudoers on Red Hat, Fedora, Mageia information disclosure
oss-security - Re: CVE request -- NULL dereference in libdwarf
oss-security - Re: CVE request -- linux kernel: Setting a POSIX ACL via setxattr doesn't clear the setgid bit
oss-security - Re: CVE request -- vCalendar plugin for Claws Mail: credentials exposed on interface
oss-security - Re: CVE request -- vCalendar plugin for Claws Mail: credentials exposed on interface
oss-security - Re: CVE request -- vCalendar plugin for Claws Mail: credentials exposed on interface
oss-security - Re: CVE request -- vdsm: certificate generation upon node creation
oss-security - Re: CVE request -libdwarf 20160613 heap-buffer-overflow
oss-security - Re: CVE request / Advisory: Floating Social Bar (Wordpress plugin) 1.0.1 - 1.1.6
oss-security - Re: CVE request / Advisory: Floating Social Bar (Wordpress plugin) 1.0.1 - 1.1.6
oss-security - Re: CVE request / Advisory: Floating Social Bar (Wordpress plugin) 1.0.1 - 1.1.6
oss-security - Re: CVE request / Advisory: Slideshow (Wordpress plugin) - Wordpress option value disclosure
oss-security - Re: CVE request : Exponent CMS 2.3.9 SQL injection vulnerabilities
oss-security - Re: CVE request : Exponent CMS 2.3.9 SQL injection vulnerability
oss-security - Re: CVE request CSRF in sogo
oss-security - Re: CVE request Qemu net: rocker: fix an incorrect array bounds check
oss-security - Re: CVE request Qemu virtio-gpu: memory leak in virtio_gpu_resource_create_2d
oss-security - Re: CVE request Qemu: 9pfs: memory leakage via proxy/handle callbacks
oss-security - Re: CVE request Qemu: 9pfs: potential NULL dereferencein 9pfs routines
oss-security - Re: CVE request Qemu: OOB access in address_space_rw leads to segmentation fault
oss-security - Re: CVE request Qemu: acpi: heap based buffer overrun during VM migration
oss-security - Re: CVE request Qemu: an infinite loop during packet fragmentation
oss-security - Re: CVE request Qemu: audio: memory leakage in ac97 device
oss-security - Re: CVE request Qemu: audio: memory leakage in es1370 device
oss-security - Re: CVE request Qemu: buffer overflow in vmxnet_tx_pkt_parse_headers() in vmxnet3 device emulation
oss-security - Re: CVE request Qemu: char: use after free issue in char backend
oss-security - Re: CVE request Qemu: display: cirrus_vga: a divide by zero in cirrus_do_copy
oss-security - Re: CVE request Qemu: display: virtio-gpu-3d: OOB access while reading virgl capabilities
oss-security - Re: CVE request Qemu: display: virtio-gpu-3d: host memory leakage in virgl_cmd_resource_unref
oss-security - Re: CVE request Qemu: display: virtio-gpu-3d: information leakage in virgl_cmd_get_capset
oss-security - Re: CVE request Qemu: display: virtio-gpu-3d: memory leakage in virgl_resource_attach_backing
oss-security - Re: CVE request Qemu: display: virtio-gpu: host memory leakage in virtio_gpu_resource_attach_backing
oss-security - Re: CVE request Qemu: display: virtio-gpu: memory leakage when destroying gpu resource
oss-security - Re: CVE request Qemu: display: virtio-gpu: memory leakage while updating cursor
oss-security - Re: CVE request Qemu: display: virtio-gpu: out of bounds read in virtio_gpu_set_scanout
oss-security - Re: CVE request Qemu: hmp: stack based OOB write in hmp_sendkey routine
oss-security - Re: CVE request Qemu: i386: null pointer dereference in vapic_write
oss-security - Re: CVE request Qemu: ide: ahci null pointer dereference when using FIS CLB engines
oss-security - Re: CVE request Qemu: net: e1000 infinite loop in start_xmit and e1000_receive_iov routines
oss-security - Re: CVE request Qemu: net: eepro100: infinite loop in processing command block list
oss-security - Re: CVE request Qemu: net: mcf_fec: infinite loop while receiving data in mcf_fec_receive
oss-security - Re: CVE request Qemu: net: ne2000: OOB r/w in ioport operations
oss-security - Re: CVE request Qemu: net: vmxnet3: host memory leakage
oss-security - Re: CVE request Qemu: net: vmxnet3: incorrect l2 header validation leads to a crash
oss-security - Re: CVE request Qemu: net: vmxnet3: reading IMR registers leads to a crash
oss-security - Re: CVE request Qemu: scsi: esp: oob write access while reading ESP command
oss-security - Re: CVE request Qemu: scsi: megasas: host memory leakage in megasas_handle_dcmd
oss-security - Re: CVE request Qemu: scsi: mptsas: OOB access when freeing MPTSASRequest object
oss-security - Re: CVE request Qemu: sd: sdhci OOB access during multi block SDMA transfer
oss-security - Re: CVE request Qemu: serial: host memory leakage in 16550A UART emulation
oss-security - Re: CVE request Qemu: usb: ehci null pointer dereference in ehci_caps_write
oss-security - Re: CVE request Qemu: usb: hcd-ehci: memory leak in ehci_process_itd
oss-security - Re: CVE request Qemu: usb: integer overflow in emulated_apdu_from_guest
oss-security - Re: CVE request Qemu: usb: redirector: memory leakage when destroying
oss-security - Re: CVE request Qemu: usb: xHCI: infinite loop vulnerability in xhci_ring_fetch
oss-security - Re: CVE request Qemu: virtio: integer overflow in handling virtio-crypto requests
oss-security - Re: CVE request Qemu: virtio: null pointer dereference in virtqueu_map_desc
oss-security - Re: CVE request Qemu: watchdog: memory leakage in virtual hardware watchdog wdt_i6300esb
oss-security - Re: CVE request Virglrenderer: OOB access while parsing texture instruction
oss-security - Re: CVE request Virglrenderer: host memory leakage when creating decode context
oss-security - Re: CVE request Weblate: information disclosure in password reset form
oss-security - Re: CVE request for Dropbear SSH <2016.74
oss-security - Re: CVE request for Drupal contributed module
oss-security - Re: CVE request for Drupal contributed module
oss-security - Re: CVE request for Drupal contributed modules
oss-security - Re: CVE request for Drupal contributed modules
oss-security - Re: CVE request for Drupal contributed modules
oss-security - Re: CVE request for Drupal contributed modules
oss-security - Re: CVE request for Drupal contributed modules
oss-security - Re: CVE request for Drupal contributed modules
oss-security - Re: CVE request for Drupal contributed modules
oss-security - Re: CVE request for Drupal contributed modules
oss-security - Re: CVE request for GitLab groups API
oss-security - Re: CVE request for LightDM - XDMCP denial of service
oss-security - Re: CVE request for OpenStack Compute (nova)
oss-security - Re: CVE request for OpenStack Compute (nova)
oss-security - Re: CVE request for OpenStack Compute (nova)
oss-security - Re: CVE request for OpenTTD - use CVE-2012-0049!
oss-security - Re: CVE request for PHP bug #68978: "XSS in header() with Internet Explorer" (2015)
oss-security - Re: CVE request for Plone
oss-security - Re: CVE request for Thunar (format string errors)
oss-security - Re: CVE request for Ushahidi security vulnerability 2012-008
oss-security - Re: CVE request for accountsservice local encrypted password disclosure flaw
oss-security - Re: CVE request for attic : encrypted backups attack
oss-security - Re: CVE request for bitlebee
oss-security - Re: CVE request for buffer overrun in CHICKEN Scheme's string-translate* procedure
oss-security - Re: CVE request for buffer overrun in CHICKEN process-execute and process-spawn posix procedures
oss-security - Re: CVE request for code execution via gem name collission in bundler (was Re: CVE Request)
oss-security - Re: CVE request for emacs possibly
oss-security - Re: CVE request for keepassx password database export
oss-security - Re: CVE request for oCERT advisory 2009-013 (yTNEF/Evolution TNEF)
oss-security - Re: CVE request for oCERT advisory 2009-013 (yTNEF/Evolution TNEF)
oss-security - Re: CVE request for oCERT advisory 2009-013 (yTNEF/Evolution TNEF)
oss-security - Re: CVE request for path traversal / info leak bug in Spiffy web server
oss-security - Re: CVE request for path traversal / info leak bug in Spiffy web server
oss-security - Re: CVE request for proxychains-ng : current path as the first directory for the library search path
oss-security - Re: CVE request for select() buffer overrun in CHICKEN Scheme on the Android platform
oss-security - Re: CVE request for sqlalchemy-utils
oss-security - Re: CVE request for tor
oss-security - Re: CVE request for two input validation flaws in gtk-vnc
oss-security - Re: CVE request for vulnerabilities fixed in roundcubemail 1.1.2 and 1.0.6
oss-security - Re: CVE request for vulnerability in OpenStack Glance
oss-security - Re: CVE request libaxl <= 0.6.9
oss-security - Re: CVE request tigervnc: vnc server can crash when TLS handshake terminates early
oss-security - Re: CVE request virglrenderer: host memory leak issue in virgl_resource_attach_backing
oss-security - Re: CVE request virglrenderer: null pointer dereference in vrend_clear
oss-security - Re: CVE request: XXE in perl Image::Info and XML::Twig
oss-security - Re: CVE request: mpfr: buffer overflow in mpfr_strtofr
oss-security - Re: CVE request: -- Linux kernel: ALSA: use-after-free in,kill_fasync
oss-security - Re: CVE request: /tmp file vulnerability in ace
oss-security - Re: CVE request: /tmp file vulnerability in ace
oss-security - Re: CVE request: /tmp usage race condition in onionshare
oss-security - Re: CVE request: 2 issues in inspircd
oss-security - Re: CVE request: Apache-AuthenHook perl module
oss-security - Re: CVE request: BD-J implementation in libbluray
oss-security - Re: CVE request: CAPTCHA bypass in MantisBT
oss-security - Re: CVE request: CHICKEN Scheme incomplete fix for CVE-2012-6122 (select() fs_set buffer overrun)
oss-security - Re: CVE request: CHICKEN Scheme incomplete fix for CVE-2012-6122 (select() fs_set buffer overrun)
oss-security - Re: CVE request: CKEditor module for Drupal access bypass SA-CONTRIB-2011-054
oss-security - Re: CVE request: CSRF and file inclusion in usebb before 1.0.12
oss-security - Re: CVE request: ClamAV vulnerabilities
oss-security - Re: CVE request: Curl insecure usage
oss-security - Re: CVE request: Curl insecure usage
oss-security - Re: CVE request: Curl insecure usage
oss-security - Re: CVE request: Curl insecure usage
oss-security - Re: CVE request: Curl insecure usage
oss-security - Re: CVE request: DoS in ONOS when handling jumbo ethernet frames
oss-security - Re: CVE request: DoS in OpenSLP
oss-security - Re: CVE request: DoS in multiple versions of GraphicsMagick
oss-security - Re: CVE request: Dovecot DoS in 2.x (fixed in 2.1.11)
oss-security - Re: CVE request: Dovecot DoS in 2.x (fixed in 2.1.11)
oss-security - Re: CVE request: Dovecot DoS in 2.x (fixed in 2.1.11)
oss-security - Re: CVE request: Dovecot DoS in 2.x (fixed in 2.1.11)
oss-security - Re: CVE request: Dovecot DoS in 2.x (fixed in 2.1.11)
oss-security - Re: CVE request: Dovecot remote DoS on TLS connections
oss-security - Re: CVE request: Drupal Data-module multiple vulnerabilities
oss-security - Re: CVE request: Escape Sequence Command Execution vulnerability in Terminology 0.7
oss-security - Re: CVE request: FD leakage for cgi program on Monkey HTTPD
oss-security - Re: CVE request: FD leakage for cgi program on Monkey HTTPD
oss-security - Re: CVE request: FreeBSD/NetBSD 802.11 kernel memory disclosure
oss-security - Re: CVE request: FreeBSD/OS X crontab information leakage
oss-security - Re: CVE request: Froxlor - information leak
oss-security - Re: CVE request: GIF loader buffer overflow when initializing decompression tables
oss-security - Re: CVE request: GLPI, multiple issues
oss-security - Re: CVE request: GNU Guile <= 2.0.12: REPL server vulnerable to HTTP inter-protocol attacks
oss-security - Re: CVE request: GNU Guile <= 2.0.12: Thread-unsafe umask modification
oss-security - Re: CVE request: GNU screen escalation
oss-security - Re: CVE request: Ganglia-web auth bypass
oss-security - Re: CVE request: Havalite CMS 1.1.7 stored XSS vulnerability in comments of blog posts
oss-security - Re: CVE request: Heap read out-of-bounds parsing a Javascript file with the last revision of JavaScript Core
oss-security - Re: CVE request: Heap-based buffer overflow in LibTIFF when using the PixarLog compression format
oss-security - Re: CVE request: IPython CSRF validation
oss-security - Re: CVE request: IPython CSRF validation
oss-security - Re: CVE request: IPython XSS in JSON error responses
oss-security - Re: CVE request: IPython XSS in JSON error responses
oss-security - Re: CVE request: Information leak in LibTIFF
oss-security - Re: CVE request: Inkscape fixes a XXE vulnerability during rasterization of SVG images
oss-security - Re: CVE request: Inkscape fixes a XXE vulnerability during rasterization of SVG images
oss-security - Re: CVE request: Invalid pointer dereference in the GNOME librest library
oss-security - Re: CVE request: Jenkins
oss-security - Re: CVE request: Jenkins remote code execution vulnerability
oss-security - Re: CVE request: Joomla Google Maps Plugin
oss-security - Re: CVE request: Joomla component com_sexycontactform and WordPress plugin sexy-contact-form unrestricted file upload
oss-security - Re: CVE request: Kernel: kvm: out of bounds memory access via vcpu_id
oss-security - Re: CVE request: Kernel: kvm: stack memory information leakage
oss-security - Re: CVE request: LibTIFF tiffcrop: Heap buffer overflow via writeBufferToSeparateStrips
oss-security - Re: CVE request: Linux kernel mbcache lock contention denial of service.
oss-security - Re: CVE request: MantisBT before 1.2.13 \"Change Status To\" feature allows unauthorised workflow changes
oss-security - Re: CVE request: MantisBT before 1.2.13 \"Change Status To\" feature allows unauthorised workflow changes
oss-security - Re: CVE request: MaraDNS DoS due to incorrect bounds checking on certain strings
oss-security - Re: CVE request: MatrixSSL lack of RSA-CRT hardening
oss-security - Re: CVE request: MatrixSSL lack of RSA-CRT hardening
oss-security - Re: CVE request: MediaWiki Security Release: 1.21.2, 1.20.7 and 1.19.8
oss-security - Re: CVE request: Mediawiki
oss-security - Re: CVE request: Module::Signature before 0.75 - multiple vulnerabilities
oss-security - Re: CVE request: Mplayer/Mencoder integer overflow parsing gif files
oss-security - Re: CVE request: Mplayer/Mencoder read out-of-bounds parsing a mp3 file
oss-security - Re: CVE request: Multiple incorrect default permissions in Zarafa
oss-security - Re: CVE request: Multiple vunerabilities in libdwarf & dwarfdump
oss-security - Re: CVE request: MyBB multiple vulnerabilities
oss-security - Re: CVE request: Nagios: Incomplete fix for CVE-2016-8641
oss-security - Re: CVE request: OpenCart filemanager.php parameter traversal arbitrary file access
oss-security - Re: CVE request: OpenNTPD not verifying CN during HTTPS constraints request
oss-security - Re: CVE request: Out-of-Bound read and write issues in put1bitbwtile()(tiff-4.0.7/libtiff/tif-getimage.c:1352) and putgreytile()(tiff-4.0.7/libtiff/tif-getimage.c:1288)
oss-security - Re: CVE request: PHP object insertion in Contao CMS <= 3.2.5
oss-security - Re: CVE request: Piwigo before 2.6.2 ws.php Arbitrary User Creation CSRF
oss-security - Re: CVE request: Plone multiple vulnerabilities
oss-security - Re: CVE request: PostfixAdmin SQL injections and XSS
oss-security - Re: CVE request: PostfixAdmin SQL injections and XSS
oss-security - Re: CVE request: PostfixAdmin allows to delete protected aliases
oss-security - Re: CVE request: PostfixAdmin allows to delete protected aliases
oss-security - Re: CVE request: Proxmox VE < 3.2 user enumeration vulnerability
oss-security - Re: CVE request: PyForum backdoor BMSA-2009-07
oss-security - Re: CVE request: Python HTTP header injection in urrlib2/urllib/httplib/http.client
oss-security - Re: CVE request: Qemu net: vmxnet3: use after free while writing
oss-security - Re: CVE request: Qemu: 9p: directory traversal flaw in 9p virtio backend
oss-security - Re: CVE request: Qemu: 9pfs: host memory leakage in v9fs_read
oss-security - Re: CVE request: Qemu: buffer overflow in virtio-serial
oss-security - Re: CVE request: Qemu: display: virtio-gpu-3d: information leakage in virgl_cmd_get_capset_info
oss-security - Re: CVE request: Qemu: scsi: pvscsi: OOB read and infinite loop while setting descriptor rings
oss-security - Re: CVE request: Qemu: scsi: pvscsi: infintie loop when building SG list
oss-security - Re: CVE request: Qemu: scsi: pvscsi: out-of-bounds access issue in pvsci_ring_init_msg/data routines
oss-security - Re: CVE request: Qemu: scsi: stack based buffer overflow in megasas_ctrl_get_info
oss-security - Re: CVE request: Qemu: ui: vnc: avoid floating point exception
oss-security - Re: CVE request: Qemu: usb: ehci: memory leakage in ehci_init_transfer
oss-security - Re: CVE request: Redmine: cross-site scripting vulnerability fixed in 3.0.0 and 2.6.2
oss-security - Re: CVE request: Reflected XSS / Content Spoofing in FlexPaper
oss-security - Re: CVE request: SQL injection in MovableType xml-rpc interface
oss-security - Re: CVE request: SQL injection in MovableType xml-rpc interface
oss-security - Re: CVE request: SQL injection vulnerability in WordPress plugins Community Events 1.3.5, Tune Library 1.5.4, WP Symposium 15.1
oss-security - Re: CVE request: SQL injection vulnerability in WordPress plugins Community Events 1.3.5, Tune Library 1.5.4, WP Symposium 15.1
oss-security - Re: CVE request: Simple Machines Forum (SMF) <= 2.0.5 - multiple vulnerabilities
oss-security - Re: CVE request: Simple Machines Forum (SMF) <= 2.0.5 - multiple vulnerabilities
oss-security - Re: CVE request: Struts2 xsltResult local code execution flaw
oss-security - Re: CVE request: TYPO3-EXT-SA-2014-014 and TYPO3-EXT-SA-2014-015
oss-security - Re: CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003
oss-security - Re: CVE request: Trac Ticket Modification Workflow Permission Restriction Bypass
oss-security - Re: CVE request: Two ruby 'dl' vulnerabilities fixed in ruby-1.9.1-p129
oss-security - Re: CVE request: Two vulnerabilities in Tor
oss-security - Re: CVE request: WebKit-GTK + Puseaudio: unexpectedly high sound volume
oss-security - Re: CVE request: Wesnoth authentication information disclosure
oss-security - Re: CVE request: WordPress plugin uk-cookie CSRF
oss-security - Re: CVE request: WordPress plugin user-photo file upload arbitrary PHP code execution
oss-security - Re: CVE request: WordPress plugin wp-cleanfix CSRF
oss-security - Re: CVE request: WordPress plugin wp-gpx-maps wp-gpx-maps_admin_tracks.php Improper Admin Verification File Upload PHP Code Execution
oss-security - Re: CVE request: WordPress plugin wppageflip index.php pageflipbook_language parameter traversal local file inclusion
oss-security - Re: CVE request: X server crash by client
oss-security - Re: CVE request: XSS in MantisBT
oss-security - Re: CVE request: XSS in coppermine gallery before 1.5.28
oss-security - Re: CVE request: XSS in phorum before 5.2.18
oss-security - Re: CVE request: XSS in status.net before 0.9.9 and 1.0.0beta2
oss-security - Re: CVE request: XSS in viewvc
oss-security - Re: CVE request: XSS to RCE in PHP-Fusion 9
oss-security - Re: CVE request: XSS vulnerability in jsoup related to incomplete tags at EOF
oss-security - Re: CVE request: XSS vulns in Dotclear v2.9.1
oss-security - Re: CVE request: Xymon
oss-security - Re: CVE request: ZNC NULL pointer dereference
oss-security - Re: CVE request: Zend Framework ZF2014-05 and ZF2014-06
oss-security - Re: CVE request: Zenphoto admin-news-articles.php date parameter XSS
oss-security - Re: CVE request: Zenphoto before 1.4.9 multiple vulnerabilities
oss-security - Re: CVE request: ansible zone/chroot/jail escape
oss-security - Re: CVE request: apparmor: oops in apparmor_setprocattr()
oss-security - Re: CVE request: buffer overflow in unixODBC's SQLDriverConnect()
oss-security - Re: CVE request: cgiemail multiple vulnerabilities
oss-security - Re: CVE request: cloud-init DNS resolution fix
oss-security - Re: CVE request: cmsmadesimple before 1.9.4.3 - remote database corruption
oss-security - Re: CVE request: cobbler lack of csrf protection, code execution
oss-security - Re: CVE request: contao before 2.11.4 sql injection
oss-security - Re: CVE request: coppermine gallery < 1.4.26
oss-security - Re: CVE request: cronic - predictable temporary files
oss-security - Re: CVE request: directory traversal flaw in patch
oss-security - Re: CVE request: drupal before 7.5 access bypass
oss-security - Re: CVE request: drupal before 7.5 access bypass
oss-security - Re: CVE request: drupal7 SA-CORE-2011-003 (access restriction bypass)
oss-security - Re: CVE request: echoping buffer overflow vulnerabilities
oss-security - Re: CVE request: echoping buffer overflow vulnerabilities
oss-security - Re: CVE request: echoping buffer overflow vulnerabilities
oss-security - Re: CVE request: enlightenment sysactions
oss-security - Re: CVE request: ettercap GTK
oss-security - Re: CVE request: ettercap GTK
oss-security - Re: CVE request: ettercap GTK
oss-security - Re: CVE request: f2py insecure temporary file use
oss-security - Re: CVE request: flex: Buffer overflow in generated code (yy_get_next_buffer)
oss-security - Re: CVE request: fluxbb before 1.4.7
oss-security - Re: CVE request: glibc scanf implementation crashes on certain inputs
oss-security - Re: CVE request: gri < 2.12.18 insecure temp file generation
oss-security - Re: CVE request: hs-tls: Basic constraints vulnerability
oss-security - Re: CVE request: icu: stack-based buffer overflow in uloc_getDisplayName
oss-security - Re: CVE request: ikiwiki: authorization bypass when reverting changes
oss-security - Re: CVE request: improper permissions on ~/.qtnx/*.nxml
oss-security - Re: CVE request: includeViewParameters re-evaluates param/model values as EL expressions on Mojarra/MyFaces
oss-security - Re: CVE request: incorrect URL parsing in async-http-client <= 2.0.35
oss-security - Re: CVE request: init script x11-common creates directories in insecure manners
oss-security - Re: CVE request: init script x11-common creates directories in insecure manners
oss-security - Re: CVE request: invalid memory accesses parsing object files in libgit2
oss-security - Re: CVE request: irssi 0.8.15
oss-security - Re: CVE request: irssi 0.8.15
oss-security - Re: CVE request: irssi 0.8.15
oss-security - Re: CVE request: joomla <= 1.5.15 code upload, information leak, session fixation, unauthorized access (was Fwd: Joomla!
oss-security - Re: CVE request: kernel - local DoS due to a page lock order bug in the XFS seek hole/data implementation
oss-security - Re: CVE request: kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMIN
oss-security - Re: CVE request: kernel: btrfs heap overflow
oss-security - Re: CVE request: kernel: connector security bypass
oss-security - Re: CVE request: kernel: numerous infoleaks
oss-security - Re: CVE request: kernel: numerous infoleaks
oss-security - Re: CVE request: kernel: oom: use pte pages in OOM score
oss-security - Re: CVE request: kernel: sctp: fix potential panics in the SCTP-AUTH API
oss-security - Re: CVE request: kernel: sctp: fix potential panics in the SCTP-AUTH API
oss-security - Re: CVE request: kernel: timekeeping: Prevent oops when GENERIC_TIME=n
oss-security - Re: CVE request: letodms multiple issues
oss-security - Re: CVE request: libcrypto++ - Timing Attack Counter Measure
oss-security - Re: CVE request: libgpf: use-after-free vulnerability in Decoder.cpp
oss-security - Re: CVE request: libxml2 heap contents leak
oss-security - Re: CVE request: lldpd crash in lldp_decode due large management address
oss-security - Re: CVE request: mailscanner, multiple vulnerabilities
oss-security - Re: CVE request: makepasswd, Default settings generate insecure passwords
oss-security - Re: CVE request: mktexlsr/texlive: insecure use of /tmp
oss-security - Re: CVE request: mod_ruid2 before 0.9.8
oss-security - Re: CVE request: mongodb: world-readable .dbshell history file
oss-security - Re: CVE request: monitorix: HTTP server 'handle_request()' session fixation & XSS vulnerabilities
oss-security - Re: CVE request: monitorix: HTTP server 'handle_request()' session fixation & XSS vulnerabilities (clearing up confusion)
oss-security - Re: CVE request: monkeyd world-readable logdir
oss-security - Re: CVE request: multiple issues fixed in GNU libidn 1.33
oss-security - Re: CVE request: multiple issues in Koha
oss-security - Re: CVE request: multiple status.net issues
oss-security - Re: CVE request: multiples vulnerabilities in Revive Adserver
oss-security - Re: CVE request: multiples vulnerabilities in libplist
oss-security - Re: CVE request: mwlib < 0.13.5 DoS flaw
oss-security - Re: CVE request: mysecureshell: information disclosure (or worse)
oss-security - Re: CVE request: mysecureshell: local denial of service (or worse)
oss-security - Re: CVE request: nova
oss-security - Re: CVE request: ntp-keygen may generate non-random symmetric keys on big-endian systems
oss-security - Re: CVE request: openjpeg: incorrect fix for CVE-2013-6045 (was Re: openjpeg CVE-2016-3181, CVE-2016-3182 .. and CVE-2013-6045)
oss-security - Re: CVE request: oping allows the disclosure of arbitrary file contents
oss-security - Re: CVE request: oping allows the disclosure of arbitrary file contents
oss-security - Re: CVE request: oping allows the disclosure of arbitrary file contents
oss-security - Re: CVE request: out-of-bounds read parsing an XML in libxml2 using recover mode
oss-security - Re: CVE request: pacemaker DoS when pacemaker remote is in use
oss-security - Re: CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi
oss-security - Re: CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi
oss-security - Re: CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi
oss-security - Re: CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi
oss-security - Re: CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi
oss-security - Re: CVE request: pam_shield
oss-security - Re: CVE request: phpbb before 3.0.8
oss-security - Re: CVE request: piwigo XSS in password.php
oss-security - Re: CVE request: piwigo XSS in password.php
oss-security - Re: CVE request: piwik before 1.10
oss-security - Re: CVE request: pixelpost
oss-security - Re: CVE request: pmwiki before 2.2.21
oss-security - Re: CVE request: pngcrush 1.7.83 crash bug (most likely exploitable)
oss-security - Re: CVE request: privilege escalation in sectool
oss-security - Re: CVE request: python-pyrad insecurities
oss-security - Re: CVE request: python-pyrad insecurities
oss-security - Re: CVE request: python-pyrad insecurities
oss-security - Re: CVE request: python-pyrad insecurities
oss-security - Re: CVE request: python-pyrad insecurities
oss-security - Re: CVE request: python-pysaml2 XML external entity attack
oss-security - Re: CVE request: python-pysaml2 XML external entity attack
oss-security - Re: CVE request: python-tornado: XSRF cookie allows side-channel attack against TLS (BREACH)
oss-security - Re: CVE request: python: _json module is vulnerable to arbitrary process memory read
oss-security - Re: CVE request: qt5-qtwebkit records visited URLS in private browsing
oss-security - Re: CVE request: rawstudio: Insecure use of temporary file
oss-security - Re: CVE request: remote code execution via deserialization in XStream
oss-security - Re: CVE request: remote code execution via deserialization in XStream
oss-security - Re: CVE request: sNews 1.7.1 XSS in reorder
oss-security - Re: CVE request: scheme48: insecure use of temporary files in cmuscheme48.el
oss-security - Re: CVE request: serendipity before 1.6 backend XSS in karma plugin
oss-security - Re: CVE request: serendipity freetag plugin before 3.30 and probably others
oss-security - Re: CVE request: several SOGo issues (DOS, XSS, information leakage)
oss-security - Re: CVE request: simplemachinesforum
oss-security - Re: CVE request: simplesamlphp / Typo3
oss-security - Re: CVE request: simplesamlphp / Typo3
oss-security - Re: CVE request: simplesamlphp / Typo3
oss-security - Re: CVE request: sudo TZ issue
oss-security - Re: CVE request: surf
oss-security - Re: CVE request: surf
oss-security - Re: CVE request: surf
oss-security - Re: CVE request: thttpd: Denial of Service (App. crash, local)
oss-security - Re: CVE request: tikiwiki <= 5.2 XSS, CSRF, file inclusion
oss-security - Re: CVE request: tomcat privilege escalations in Debian packaging
oss-security - Re: CVE request: tucan insecure plugin update mechanism
oss-security - Re: CVE request: two advisories for GnuTLS GNUTLS-SA-2017-1, GNUTLS-SA-2017-2, fixed in 3.3.26, 3.5.8
oss-security - Re: CVE request: two vulnerabilities in ktsuss 1.4 and earlier
oss-security - Re: CVE request: unsafe use of /tmp in multiple CPAN modules
oss-security - Re: CVE request: v86d: Failure to validate netlink message sender
oss-security - Re: CVE request: vanilla forums before 2.0.10, xss
oss-security - Re: CVE request: vanilla forums before 2.0.10, xss
oss-security - Re: CVE request: vanilla forums before 2.0.10, xss
oss-security - Re: CVE request: vanilla forums cookie theft, plugin access control
oss-security - Re: CVE request: various NodeJS module vulnerabilities
oss-security - Re: CVE request: virtualbox-ose guest can trigger denial of service at host, mem consumption
oss-security - Re: CVE request: vulnerabilities in libcsoap
oss-security - Re: CVE request: w3m - multiple vulnerabilities
oss-security - Re: CVE request: webcalendar before 1.2.5 XSS
oss-security - Re: CVE request: webcalendar before 1.2.5 XSS
oss-security - Re: CVE request: webcalendar before 1.2.7
oss-security - Re: CVE request: websitebaker 2.8.1 and earlier: authentication error in backup module
oss-security - Re: CVE request: xcfa: Insecure use of temporary files, subject to race conditions
oss-security - Re: CVE request: xpdf
oss-security - Re: CVE request: xzgrep 4.999.9beta arbitrary code execution vulnerability
oss-security - Re: CVE request:Heap overflow vulns in MuPDF
oss-security - Re: CVE request:Lynx invalid URL parsing with '?'
oss-security - Re: CVE requested: two stack exhaustation parsing xml files using mxml
oss-security - Re: CVE requested: two stack exhaustation parsing xml files using mxml
oss-security - Re: CVE requests / Advisory: Codestyling Localization (Wordpress plugin) - multiple RCE via CSRF, multiple XSS
oss-security - Re: CVE requests / Advisory: Codestyling Localization (Wordpress plugin) - multiple RCE via CSRF, multiple XSS
oss-security - Re: CVE requests / Advisory: phpMyBackupPro
oss-security - Re: CVE requests / Advisory: phpMyBackupPro
oss-security - Re: CVE requests for 2 separate vulns in torrentflux 2.4.5-1 (debian stable)
oss-security - Re: CVE requests for Ajaxplorer
oss-security - Re: CVE requests for Drupal Core - Moderately Critical - Multiple Vulnerabilities - SA-CORE-2015-001
oss-security - Re: CVE requests for Drupal Core - SA-CORE-2016-002
oss-security - Re: CVE requests for MediaWiki 1.26.1, 1.25.4, 1.24.5 and 1.23.12
oss-security - Re: CVE requests for Review Board
oss-security - Re: CVE requests for Review Board
oss-security - Re: CVE requests for various ImageMagick issues
oss-security - Re: CVE requests: Drupal contributed modules
oss-security - Re: CVE requests: Multiple vulnerabilities in GraphicsMagick parsing and processing SVG files
oss-security - Re: CVE requests: OpenBSD httpd - 2 DoS
oss-security - Re: CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel
oss-security - Re: CVE requests: POE::Component::IRC, Alien Arena, Babiloo, Typo3, abcm2ps, ModSecurity, Linux kernel
oss-security - Re: CVE requests: Pacemaker, Python Imaging Library, eyeD3, 9base, rc, Gamera, RPLY - insecure use of /tmp
oss-security - Re: CVE requests: Tahoe-LAFS and atop
oss-security - Re: CVE requests: Typo3
oss-security - Re: CVE requests: code injection in rubygem espeak-ruby and code injection in rubygem festivaltts4r
oss-security - Re: CVE requests: ffmpeg/widelands/jifty::db/lilo/libpcap
oss-security - Re: CVE requests: ffmpeg/widelands/jifty::db/lilo/libpcap
oss-security - Re: CVE requests: ffmpeg/widelands/jifty::db/lilo/libpcap
oss-security - Re: CVE requests: freebsd kernel/tesseract/xinha/proftpd
oss-security - Re: CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3
oss-security - Re: CVE requests: maradns, freeciv, rbot, gitolite, gource, shib, kvirc
oss-security - Re: CVE requests: some issues in gif2webp
oss-security - Re: CVE-2011-4924 assignment notification -- Zope2, Zope3: Incomplete upstream fix for CVE-2010-1104 issue
oss-security - Re: CVE-2011-4924 assignment notification -- Zope2, Zope3: Incomplete upstream fix for CVE-2010-1104 issue
oss-security - Re: CVE-2011-4924 assignment notification -- Zope2, Zope3: Incomplete upstream fix for CVE-2010-1104 issue
oss-security - Re: CVE-2012-2248: isc-dhcp, Debian-specific: build path included in PATH
oss-security - Re: CVE-2012-2248: isc-dhcp, Debian-specific: build path included in PATH
oss-security - Re: CVE-2012-2248: isc-dhcp, Debian-specific: build path included in PATH
oss-security - Re: CVE-2012-2248: isc-dhcp, Debian-specific: build path included in PATH
oss-security - Re: CVE-2012-2248: isc-dhcp, Debian-specific: build path included in PATH
oss-security - Re: CVE-2012-2248: isc-dhcp, Debian-specific: build path included in PATH
oss-security - Re: CVE-2012-2248: isc-dhcp, Debian-specific: build path included in PATH
oss-security - Re: CVE-2012-2248: isc-dhcp, Debian-specific: build path included in PATH
oss-security - Re: CVE-2012-2248: isc-dhcp, Debian-specific: build path included in PATH
oss-security - Re: CVE-2012-2248: isc-dhcp, Debian-specific: build path included in PATH
oss-security - Re: CVE-2012-2248: isc-dhcp, Debian-specific: build path included in PATH
oss-security - Re: CVE-2013-2097: zPanel themes remote command execution as root
oss-security - Re: CVE-2013-2097: zPanel themes remote command execution as root
oss-security - Re: CVE-2013-4578 OpenJDK: jarsigner does not detect unsigned bytecode injected into signed jars
oss-security - Re: CVE-2014-0021: chrony traffic amplification in cmdmon protocol
oss-security - Re: CVE-2014-0021: chrony traffic amplification in cmdmon protocol
oss-security - Re: CVE-2014-0021: chrony traffic amplification in cmdmon protocol
oss-security - Re: CVE-2014-0021: chrony traffic amplification in cmdmon protocol
oss-security - Re: CVE-2014-0234 Installer: OpenShift Enterprise: openshift.sh default password creation
oss-security - Re: CVE-2014-0234 Installer: OpenShift Enterprise: openshift.sh default password creation
oss-security - Re: CVE-2014-0234 Installer: OpenShift Enterprise: openshift.sh default password creation
oss-security - Re: CVE-2014-8166 cups: code execution via unescape ANSI escape sequences
oss-security - Re: CVE-2014-8166 cups: code execution via unescape ANSI escape sequences
oss-security - Re: CVE-2015-0854: Insecure use of system() in shutter
oss-security - Re: CVE-2015-1328: incorrect permission checks in overlayfs, ubuntu local root
oss-security - Re: CVE-2015-1328: incorrect permission checks in overlayfs, ubuntu local root
oss-security - Re: CVE-2015-1416: vulnerability in patch(1)
oss-security - Re: CVE-2015-1416: vulnerability in patch(1)
oss-security - Re: CVE-2015-1416: vulnerability in patch(1)
oss-security - Re: CVE-2015-1416: vulnerability in patch(1)
oss-security - Re: CVE-2015-1850: OpenStack Cinder/Nova: Format-guessing and file disclosure in image convert
oss-security - Re: CVE-2015-1850: OpenStack Cinder/Nova: Format-guessing and file disclosure in image convert
oss-security - Re: CVE-2015-3217: PCRE Library Call Stack Overflow Vulnerability in match()
oss-security - Re: CVE-2015-3243 rsyslog: some log files are created world-readable
oss-security - Re: CVE-2015-5155 - openslp 1.2.1 ParseExtension() DoS vulnerability
oss-security - Re: CVE-2015-5239 Qemu: vnc infinite loop issue
oss-security - Re: CVE-2015-5239 Qemu: vnc infinite loop issue
oss-security - Re: CVE-2015-5239 Qemu: vnc infinite loop issue
oss-security - Re: CVE-2015-7266
oss-security - Re: CVE-2015-7266
oss-security - Re: CVE-2015-7266
oss-security - Re: CVE-2015-7266
oss-security - Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME
oss-security - Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME
oss-security - Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME
oss-security - Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME
oss-security - Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME
oss-security - Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME
oss-security - Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME
oss-security - Re: CVE-2016-3619 libtiff: Out-of-bounds Read in the bmp2tiff tool
oss-security - Re: CVE-2016-3619 libtiff: Out-of-bounds Read in the bmp2tiff tool
oss-security - Re: CVE-2016-3619 libtiff: Out-of-bounds Read in the bmp2tiff tool
oss-security - Re: CVE-2016-4484: - Cryptsetup Initrd root Shell
oss-security - Re: CVE-2016-4484: - Cryptsetup Initrd root Shell
oss-security - Re: CVE-2016-4484: - Cryptsetup Initrd root Shell
oss-security - Re: CVE-2016-4484: - Cryptsetup Initrd root Shell
oss-security - Re: CVE-2016-4484: - Cryptsetup Initrd root Shell
oss-security - Re: CVE-2016-4484: - Cryptsetup Initrd root Shell
oss-security - Re: CVE-2016-4484: - Cryptsetup Initrd root Shell
oss-security - Re: CVE-2016-4484: - Cryptsetup Initrd root Shell
oss-security - Re: CVE-2016-4484: - Cryptsetup Initrd root Shell - Update: Dracut is also vulnerable
oss-security - Re: CVE-2016-5011: util-linux: Extended partition loop in MBR partition table leads to DoS
oss-security - Re: CVE-2016-5011: util-linux: Extended partition loop in MBR partition table leads to DoS
oss-security - Re: CVE-2016-5011: util-linux: Extended partition loop in MBR partition table leads to DoS
oss-security - Re: CVE-2016-5011: util-linux: Extended partition loop in MBR partition table leads to DoS
oss-security - Re: CVE-2016-5317: GNOME nautilus: crash occurs when generating a thumbnail for a crafted TIFF image
oss-security - Re: CVE-2016-5320: libtiff 4.0.6 rgb2ycbcr: command excution
oss-security - Re: CVE-2016-5321: libtiff 4.0.6 DumpModeDecode(): Ddos
oss-security - Re: CVE-2016-5323: libtiff 4.0.6 tiffcrop _TIFFFax3fillruns(): divide by zero
oss-security - Re: CVE-2016-5323: libtiff 4.0.6 tiffcrop _TIFFFax3fillruns(): divide by zero
oss-security - Re: CVE-2016-5389: linux kernel - challange ack information leak.
oss-security - Re: CVE-2016-5400 - linux kernel: denial of service in airspy USB driver.
oss-security - Re: CVE-2016-5404 freeipa: Insufficient privileges check in certificate revocation
oss-security - Re: CVE-2016-6327 | Linux kernel crash in infiniband subsystem.
oss-security - Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day )
oss-security - Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day )
oss-security - Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day )
oss-security - Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day )
oss-security - Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day )
oss-security - Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day )
oss-security - Re: CVE-2016-7039 Kernel: net: unbounded recursion in the vlan GRO processing
oss-security - Re: CVE-2016-7056 ECDSA P-256 timing attack key recovery (OpenSSL, LibreSSL, BoringSSL)
oss-security - Re: CVE-2016-7056 ECDSA P-256 timing attack key recovery (OpenSSL, LibreSSL, BoringSSL)
oss-security - Re: CVE-2016-7056 ECDSA P-256 timing attack key recovery (OpenSSL, LibreSSL, BoringSSL)
oss-security - Re: CVE-2016-7543 -- bash SHELLOPTS+PS4
oss-security - Re: CVE-2016-7545 -- SELinux sandbox escape
oss-security - Re: CVE-2016-7545 -- SELinux sandbox escape
oss-security - Re: CVE-2016-7545 -- SELinux sandbox escape
oss-security - Re: CVE-2016-7545 -- SELinux sandbox escape
oss-security - Re: CVE-2016-7545 -- SELinux sandbox escape
oss-security - Re: CVE-2016-7545 -- SELinux sandbox escape
oss-security - Re: CVE-2016-7545 -- SELinux sandbox escape
oss-security - Re: CVE-2016-7545 -- SELinux sandbox escape
oss-security - Re: CVE-2016-7545 -- SELinux sandbox escape
oss-security - Re: CVE-2016-7545 -- SELinux sandbox escape - Firejail is CVE-2016-9016
oss-security - Re: CVE-2016-7545 -- SELinux sandbox escape - Firejail is CVE-2016-9016
oss-security - Re: CVE-2016-9297 LibTIFF regression
oss-security - Re: CVE-2016-9602 Qemu: 9p: virtfs allows guest to access host filesystem
oss-security - Re: CVE-2017-0358 ntfs-3g: modprobe influence vulnerability via environment variables
oss-security - Re: CVE-2017-0358 ntfs-3g: modprobe influence vulnerability via environment variables
oss-security - Re: CVE-2017-1000083: evince: Command injection vulnerability in CBT handler
oss-security - Re: CVE-2017-1000083: evince: Command injection vulnerability in CBT handler
oss-security - Re: CVE-2017-1000083: evince: Command injection vulnerability in CBT handler
oss-security - Re: CVE-2017-12847: nagios-core privilege escalation via PID file manipulation
oss-security - Re: CVE-2017-14160: libvorbis-1.3.5 bark_noise_hybridmp() integer signedness bug
oss-security - Re: CVE-2017-2620 Qemu: display: cirrus: out-of-bounds access issue while in cirrus_bitblt_cputovideo
oss-security - Re: CVE-2017-2885 libsoup - stack based buffer overflow with HTTP Chunked Encoding
oss-security - Re: CVE-2017-3305 - The Riddle vulnerability in MySQL client (public disclosure)
oss-security - Re: CVE-2017-3305 - The Riddle vulnerability in MySQL client (public disclosure)
oss-security - Re: CVE-2017-8291 ghostscript remote code execution
oss-security - Re: CVE-2017-8291 ghostscript remote code execution
oss-security - Re: CVE-2017-9772: OCaml release 4.04.2
oss-security - Re: CVE-2017-9772: OCaml release 4.04.2
oss-security - Re: CVE-Request - pen issues
oss-security - Re: CVE-Request -- Zeuscart v. 4 -- Multiple reflecting XSS-, SQLi and InformationDisclosure-vulnerabilities
oss-security - Re: CVE-Request -- phpBugTracker v. 1.6.0 -- Multiple SQLi, stored/reflecting XSS- and CSRF-vulnerabilities
oss-security - Re: CVE-Request Buffer overflow ImageMagick
oss-security - Re: CVE-Request: TYPO3 Extbase Missing Access Check
oss-security - Re: CVE-request WordPress pretty-link plugin 1.5.2 XSS
oss-security - Re: CVE-request for three 2009 Joomla issues
oss-security - Re: CVE-request: Ariadne 2.7.6 XSS
oss-security - Re: CVE-request: FreeBSD/NetBSD/OpenBSD(?) ftpd remote crash (2010)
oss-security - Re: CVE-request: ImpressPages CMS Unspecified Remote Code Execution
oss-security - Re: CVE-request: Joomla 20111001 Core - Information Disclosure
oss-security - Re: CVE-request: Joomla com_mailto automated mail timeout bypass (2009)
oss-security - Re: CVE-request: Joomla core information disclosure 1.7.1
oss-security - Re: CVE-request: Joomla core information disclosure 1.7.1
oss-security - Re: CVE-request: Joomla core information disclosure 1.7.1
oss-security - Re: CVE-request: LabWiki <= 1.1 Multiple Vulnerabilities
oss-security - Re: CVE-request: SMF index.php msg parameter SQL-injection (2005)
oss-security - Re: CVE-request: Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerability
oss-security - Re: CVE-request: Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerability
oss-security - Re: CVE-request: Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerability
oss-security - Re: CVE-request: Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerability
oss-security - Re: CVE-request: Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerability
oss-security - Re: CVE-request: Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerability
oss-security - Re: CVE-request: WordPress-plugin bSuite <=4.0.7 permanent XSS
oss-security - Re: CVE-request: XSS in Tiki Wiki CMS Groupware (HTB23027)
oss-security - Re: CVE-request: clamav floating point exception in OLE2 scanner DoS (2007)
oss-security - Re: CVE-request: phxEventManager search.php search_terms Parameter SQL Injection
oss-security - Re: CVE-request: pithos symlink vulnerability CWE-61
oss-security - Re: CVE-request: plow buffer overflow vulnerability
oss-security - Re: CVE-request: systemd local denial of login or local users can create arbitrary services
oss-security - Re: CVE-request: ~/.t_coffee/ is world-writable
oss-security - Re: CVE:Request - Path Traversal Barebone.jsp - Liferay 5.1.0
oss-security - Re: CVEs for public Kibana / logstash issues
oss-security - Re: Chef: knife bootstrap leaks validator privkey into system logs
oss-security - Re: Clear text password in process list when using MySQL GUI tools
oss-security - Re: Cross-Site Request Forgery in Spina CMS
oss-security - Re: Debian Bug#746579: libwww-perl: HTTPS_CA_DIR or HTTPS_CA_FILE disables peer certificate verification for IO::Socket::SSL
oss-security - Re: Did this ArchLinux/shaman thing ever get a CVE?
oss-security - Re: DoS in libtiff
oss-security - Re: DoS in libtiff
oss-security - Re: Double free corruption in JasPer JPEG-2000 implementation (CVE-2015-5203)
oss-security - Re: Double free corruption in JasPer JPEG-2000 implementation (CVE-2015-5203)
oss-security - Re: Double free corruption in JasPer JPEG-2000 implementation (CVE-2015-5203)
oss-security - Re: Double free corruption in JasPer JPEG-2000 implementation (CVE-2015-5203)
oss-security - Re: Double free corruption in JasPer JPEG-2000 implementation (CVE-2015-5203)
oss-security - Re: Double free corruption in JasPer JPEG-2000 implementation (CVE-2015-5203)
oss-security - Re: Double free corruption in JasPer JPEG-2000 implementation (CVE-2015-5203)
oss-security - Re: Duplicate CVE: CVE-2015-7703 in NTP
oss-security - Re: Duplicate CVE: CVE-2015-7703 in NTP
oss-security - Re: Features 0.3.0 Ruby gem /tmp file injection vulnerability
oss-security - Re: Firejail local root exploit
oss-security - Re: Firejail local root exploit
oss-security - Re: Firejail local root exploit
oss-security - Re: Firejail local root exploit
oss-security - Re: Firejail local root exploit
oss-security - Re: Firejail local root exploit
oss-security - Re: FreeNAS default blank password
oss-security - Re: Fuzzing findings (and maybe CVE requests) - Image/GraphicsMagick, elfutils, GIMP, gdk-pixbuf, file, ndisasm, less
oss-security - Re: Fuzzing jasper
oss-security - Re: Fuzzing jasper
oss-security - Re: Fuzzing jasper
oss-security - Re: Fwd Joomla! Security News 2012-01
oss-security - Re: Fwd Joomla! Security News 2012-01
oss-security - Re: Fwd: CVE for PHP 5.5.36 issues
oss-security - Re: Fwd: IPv6 DOS vulnerabilities
oss-security - Re: Fwd: Insecure file upload in Berta CMS
oss-security - Re: Fwd: PHP-FPM fpm_log.c memory leak and buffer overflow
oss-security - Re: Fwd: XSS vulnerability in Joomla 1.6.3
oss-security - Re: Fwd: XSS vulnerability in Joomla 1.6.3
oss-security - Re: Fwd: XSS vulnerability in Joomla 1.6.3
oss-security - Re: Fwd: out of bound write in libdwarf -20151114
oss-security - Re: Fwd: out-of-bounds read in MagickCore/property.c:1396 could lead to memory leak/ Integer overflow read to RCE - ImageMagick
oss-security - Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235)
oss-security - Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235)
oss-security - Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235)
oss-security - Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235)
oss-security - Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235)
oss-security - Re: Gentoo: order of installed packages may result in vary directories permissions, leading to crontab not requiring cron group membership as example.
oss-security - Re: GraphicsMagick 1.3.25 fixes some security issues
oss-security - Re: GraphicsMagick CVE Request - WPG Reader Issues
oss-security - Re: GraphicsMagick CVE request: 8BIM/8BIMW unsigned underflow leads to heap overflow
oss-security - Re: Handful of libass issues
oss-security - Re: Handful of libass issues
oss-security - Re: Heap Overflow in PCRE
oss-security - Re: Heap Overflow in PCRE
oss-security - Re: Heap Overflow in PCRE
oss-security - Re: Heap buffer overflow in fgetwln function of libbsd
oss-security - Re: Heap overflow and endless loop in exfatfsck / exfat-utils
oss-security - Re: ISC announces two BIND vulnerabilities
oss-security - Re: ISC announces two BIND vulnerabilities
oss-security - Re: ISC announces two BIND vulnerabilities
oss-security - Re: ImageMagick CVEs
oss-security - Re: ImageMagick Is On Fire -- CVE-2016-3714
oss-security - Re: ImageMagick Is On Fire -- CVE-2016-3714
oss-security - Re: ImageMagick identify \"d:\" hangs
oss-security - Re: ImageMagick identify \"d:\" hangs
oss-security - Re: ImageMagick identify \"d:\" hangs
oss-security - Re: Imagemagick heap overflow
oss-security - Re: Important vulnerability in Dovecot (CVE-2016-8652)
oss-security - Re: Information on CVE-2014-0158, openjpeg
oss-security - Re: Information on CVE-2014-0158, openjpeg
oss-security - Re: Insecure file upload in Berta CMS
oss-security - Re: Integer overflow in the JasPer's jas_matrix_create() function
oss-security - Re: Is CVE-2015-4650 a duplicate, leak, or just a typo?
oss-security - Re: Is CVE-2015-4650 a duplicate, leak, or just a typo?
oss-security - Re: Isearch insecure temporary files
oss-security - Re: Isearch insecure temporary files
oss-security - Re: Issue with PYTHON_EGG_CACHE
oss-security - Re: Jara 1.6 SQL injection and XSS
oss-security - Re: Joomla! Security News 2012-03-16
oss-security - Re: KDE Paste Applet
oss-security - Re: KDE Paste Applet
oss-security - Re: KDE Paste Applet
oss-security - Re: KDE Paste Applet
oss-security - Re: KDE Plasma vulnerability: need CVE
oss-security - Re: KDE Plasma vulnerability: need CVE
oss-security - Re: KMail vulnerabilites: need 3 CVE
oss-security - Re: LMS-2014-06-16-3: Libav LZO
oss-security - Re: LXDM X authentication issues
oss-security - Re: Libarchive/bsdtar: multiple crashes
oss-security - Re: Libgcrypt and GnuPG 1.4 RNG output prediction
oss-security - Re: Libgcrypt and GnuPG 1.4 RNG output prediction
oss-security - Re: Linux tcp_xmit_retransmit_queue use after free on 4.8-rc1 / master
oss-security - Re: Local privileges escalation in rubygem open-uri-cached
oss-security - Re: MITRE is adding data intake to its CVE ID process
oss-security - Re: Malicious primary DNS servers can crash secondaries
oss-security - Re: MantisBT weakened CSP when using bundled Gravatar plugin
oss-security - Re: MantisBT: XSS in custom fields management
oss-security - Re: MantisBT: XSS in custom fields management
oss-security - Re: MantisBT: XSS in view_all_bug_page.php
oss-security - Re: Many invalid memory access issues in libarchive
oss-security - Re: MatrixSSL Bignum bugs
oss-security - Re: Memcached 1.4.32 and earlier buffer overflow.
oss-security - Re: Missing fixes for CVEs in upstream dcraw
oss-security - Re: Mono TLS vulnerabilities
oss-security - Re: Multiple Bugs in OpenBSD Kernel
oss-security - Re: Multiple CVE requests for MantisBT
oss-security - Re: Multiple CVE requests for MantisBT
oss-security - Re: Multiple disputed issues in util-vserver
oss-security - Re: Multiple disputed issues in util-vserver
oss-security - Re: Multiple issues in GnuPG found through keyring fuzzing (TFPA 001/2015)
oss-security - Re: Multiple memory access issues in gstreamer
oss-security - Re: Multiple vulnerabilities in BOINC
oss-security - Re: Multiple vulnerabilities in LibTIFF and associated tools
oss-security - Re: Nagios Core < 4.2.2 Curl Command Injection leading to Remote Code Execution [CVE-2016-9565]
oss-security - Re: OS command injection vulnerability in Chicken Scheme
oss-security - Re: OS command injection vulnerability in Chicken Scheme
oss-security - Re: OS command injection vulnerability in Chicken Scheme
oss-security - Re: Old CVE ids, public, but still \"RESERVED\"
oss-security - Re: OpenX Ad Server Backdoor CVE?
oss-security - Re: Out of bounds read and signed integer overflow in libarchive
oss-security - Re: PEP-466 common compatible implementation. (was ... CVE-2015-1777)
oss-security - Re: Path traversal vulnerability in WordPress Core Ajax handlers
oss-security - Re: Persistent Cross-Site Scripting vulnerability in WordPress due to unsafe processing of file names
oss-security - Re: Physical access vulnerabilities and auto-mounting
oss-security - Re: Please reject duplicate CVE for libxml2
oss-security - Re: Possible CVE Request: Multiple stack overflows in squashfs-tools and sasquatch
oss-security - Re: Possible CVE Request: dulwich: does not prevent to write files in commits with invalid paths to working tree
oss-security - Re: Possible CVE Requests: several issues fixed in Jenkins (Advisory 2014-02-14)
oss-security - Re: Possible CVE Requests: several issues fixed in Jenkins (Advisory 2014-02-14)
oss-security - Re: Possible CVE Requests: several issues fixed in Jenkins (Advisory 2014-02-14)
oss-security - Re: Pre-advisory for Konqueror 4.7.3 (other versions may be affected)
oss-security - Re: Pre-advisory for Konqueror 4.7.3 (other versions may be affected)
oss-security - Re: Problems in automatic crash analysis frameworks
oss-security - Re: Problems in automatic crash analysis frameworks
oss-security - Re: Problems in automatic crash analysis frameworks
oss-security - Re: Problems in automatic crash analysis frameworks
oss-security - Re: Problems in automatic crash analysis frameworks
oss-security - Re: Problems in automatic crash analysis frameworks
oss-security - Re: Problems in automatic crash analysis frameworks
oss-security - Re: Qt QXmlSimpleReader
oss-security - Re: Qualys Security Advisory - LibreSSL (CVE-2015-5333 and CVE-2015-5334)
oss-security - Re: Qualys Security Advisory - LibreSSL (CVE-2015-5333 and CVE-2015-5334)
oss-security - Re: Qualys Security Advisory - LibreSSL (CVE-2015-5333 and CVE-2015-5334)
oss-security - Re: Qualys Security Advisory - OpenSMTPD Audit Report
oss-security - Re: Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778
oss-security - Re: Qualys Security Advisory - The Stack Clash
oss-security - Re: RCE in Zabbix 2.2 to 3.0.3
oss-security - Re: RCE, XSS and HTTP header injection in fli4l web interface
oss-security - Re: RESEND: CVE Request: pwgen
oss-security - Re: Re: 2012 CVE request: XXE in nokogiri ruby gem
oss-security - Re: Re: Announce: Portable OpenSSH 7.2p2 released
oss-security - Re: Re: Announce: Portable OpenSSH 7.2p2 released
oss-security - Re: Re: Ansible CVE requests
oss-security - Re: Re: CVE Request - Go net/http library - HTTP smuggling
oss-security - Re: Re: CVE Request - Go net/http library - HTTP smuggling
oss-security - Re: Re: CVE Request - Go net/http library - HTTP smuggling
oss-security - Re: Re: CVE Request - Go net/http library - HTTP smuggling
oss-security - Re: Re: CVE Request - Go net/http library - HTTP smuggling
oss-security - Re: Re: CVE Request - HMS Testimonials 2.0.10 WP plugin
oss-security - Re: Re: CVE Request - OpenStack Designate mDNS DoS through incorrect handling of large RecordSets
oss-security - Re: Re: CVE Request - multiple ghostscript -dSAFER sandbox problems
oss-security - Re: Re: CVE Request -- OfflineIMAP -- 1), failed to validate remote SSL server certificate 2), allows SSLv2 protocol
oss-security - Re: Re: CVE Request : IPv6 Hop limit lowering via RA messages
oss-security - Re: Re: CVE Request Qemu: net: e1000 infinite loop issue
oss-security - Re: Re: CVE Request Qemu: net: e1000 infinite loop issue
oss-security - Re: Re: CVE Request: Dolibarr - Multiple Vulnerabilities
oss-security - Re: Re: CVE Request: MCabber: remote attackers can modify the roster and intercept messages via a crafted roster-push IQ stanza
oss-security - Re: Re: CVE Request: MCabber: remote attackers can modify the roster and intercept messages via a crafted roster-push IQ stanza
oss-security - Re: Re: CVE Request: OpenJPEG Heap Buffer Overflow Issue(Internet mail)
oss-security - Re: Re: CVE Request: Write out-of-bounds in gdk-pixbuf 2.30.7
oss-security - Re: Re: CVE Request: glibc getaddrinfo() stack overflow
oss-security - Re: Re: CVE Request: glibc getaddrinfo() stack overflow
oss-security - Re: Re: CVE Request: icoutils: exploitable crash in wrestool programm
oss-security - Re: Re: CVE Request: libgd: Invalid color index is not properly handled leading to denial of service (crash)
oss-security - Re: Re: CVE Request: util-linux runuser tty hijacking via TIOCSTI ioctl
oss-security - Re: Re: CVE for Wordpress plugin Portable-phpmyadmin
oss-security - Re: Re: CVE for Wordpress plugin Portable-phpmyadmin
oss-security - Re: Re: CVE for Wordpress plugin Portable-phpmyadmin
oss-security - Re: Re: CVE oops in GLSA 201308-05 (wireshark)
oss-security - Re: Re: CVE request - mujs Heap-Buffer-Overflow write and OOB Read
oss-security - Re: Re: CVE request - slock, all versions NULL pointer dereference
oss-security - Re: Re: CVE request for Calibre
oss-security - Re: Re: CVE request for code execution via gem name collission in bundler (was Re: CVE Request)
oss-security - Re: Re: CVE request for keepassx password database export
oss-security - Re: Re: CVE request for keepassx password database export
oss-security - Re: Re: CVE request for vulnerabilities fixed in roundcubemail 1.1.2 and 1.0.6
oss-security - Re: Re: CVE request for vulnerability in OpenStack Glance
oss-security - Re: Re: CVE request: Dovecot remote DoS on TLS connections
oss-security - Re: Re: CVE request: Heap-based buffer overflow in LibTIFF when using the PixarLog compression format
oss-security - Re: Re: CVE request: Joomla Google Maps Plugin
oss-security - Re: Re: CVE request: LetoDMS, more issues
oss-security - Re: Re: CVE request: RubyGem omniauth-facebook access token security vulnerability
oss-security - Re: Re: CVE request: Simple Machines Forum (SMF) <= 2.0.5 - multiple vulnerabilities
oss-security - Re: Re: CVE request: TYPO3-EXT-SA-2014-014 and TYPO3-EXT-SA-2014-015
oss-security - Re: Re: CVE request: X server crash by client
oss-security - Re: Re: CVE request: icu: stack-based buffer overflow in uloc_getDisplayName
oss-security - Re: Re: CVE request: mongodb: world-readable .dbshell history file
oss-security - Re: Re: CVE request: openjpeg: incorrect fix for CVE-2013-6045 (was Re: openjpeg CVE-2016-3181, CVE-2016-3182 .. and CVE-2013-6045)
oss-security - Re: Re: CVE request: python-pysaml2 XML external entity attack
oss-security - Re: Re: CVE request: python-pysaml2 XML external entity attack
oss-security - Re: Re: CVE request: remote code execution vulnerability in gollum < 3.1.1
oss-security - Re: Re: CVE request: webcalendar before 1.2.7
oss-security - Re: Re: CVE-2014-0234 Installer: OpenShift Enterprise: openshift.sh default password creation
oss-security - Re: Re: CVE-2014-0234 Installer: OpenShift Enterprise: openshift.sh default password creation
oss-security - Re: Re: CVE-2015-3217: PCRE Library Call Stack Overflow Vulnerability in match()
oss-security - Re: Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME
oss-security - Re: Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME
oss-security - Re: Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME
oss-security - Re: Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME
oss-security - Re: Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME
oss-security - Re: Re: CVE-2016-5400 - linux kernel: denial of service in airspy USB driver.
oss-security - Re: Re: CVE-2016-5400 - linux kernel: denial of service in airspy USB driver.
oss-security - Re: Re: CVE-2016-5400 - linux kernel: denial of service in airspy USB driver.
oss-security - Re: Re: CVE-2016-5400 - linux kernel: denial of service in airspy USB driver.
oss-security - Re: Re: CVE-2016-9602 Qemu: 9p: virtfs allows guest to access host filesystem
oss-security - Re: Re: CVE-Request - pen issues
oss-security - Re: Re: Duplicate CVE: CVE-2015-7703 in NTP
oss-security - Re: Re: Duplicate CVE: CVE-2015-7703 in NTP
oss-security - Re: Re: Firejail local root exploit
oss-security - Re: Re: Firejail local root exploit
oss-security - Re: Re: Firejail local root exploit
oss-security - Re: Re: FreeNAS default blank password
oss-security - Re: Re: Fuzzing jasper
oss-security - Re: Re: Handful of libass issues
oss-security - Re: Re: Handful of libass issues
oss-security - Re: Re: Handful of libass issues
oss-security - Re: Re: Heap Overflow in PCRE
oss-security - Re: Re: Heap Overflow in PCRE
oss-security - Re: Re: Integer overflow in the JasPer's jas_matrix_create() function
oss-security - Re: Re: Issue with PYTHON_EGG_CACHE
oss-security - Re: Re: Issue with PYTHON_EGG_CACHE
oss-security - Re: Re: Issue with PYTHON_EGG_CACHE
oss-security - Re: Re: Issue with PYTHON_EGG_CACHE
oss-security - Re: Re: Issue with PYTHON_EGG_CACHE
oss-security - Re: Re: MantisBT weakened CSP when using bundled Gravatar plugin
oss-security - Re: Re: Multiple CVE requests for MantisBT
oss-security - Re: Re: Multiple CVE requests for MantisBT
oss-security - Re: Re: Problems in automatic crash analysis frameworks
oss-security - Re: Re: Problems in automatic crash analysis frameworks
oss-security - Re: Re: Problems in automatic crash analysis frameworks
oss-security - Re: Re: Problems in automatic crash analysis frameworks
oss-security - Re: Re: Problems in automatic crash analysis frameworks
oss-security - Re: Re: Problems in automatic crash analysis frameworks
oss-security - Re: Re: Problems in automatic crash analysis frameworks
oss-security - Re: Re: Problems in automatic crash analysis frameworks
oss-security - Re: Re: Problems in automatic crash analysis frameworks
oss-security - Re: Re: Problems in automatic crash analysis frameworks
oss-security - Re: Re: Problems in automatic crash analysis frameworks
oss-security - Re: Re: Problems in automatic crash analysis frameworks
oss-security - Re: Re: Problems in automatic crash analysis frameworks
oss-security - Re: Re: RCE in Zabbix 2.2 to 3.0.3
oss-security - Re: Re: Re: CVE-2015-3217: PCRE Library Call Stack Overflow Vulnerability in match()
oss-security - Re: Re: Re: Multiple CVE requests for MantisBT
oss-security - Re: Re: Re: Re: CVE-2015-3217: PCRE Library Call Stack Overflow Vulnerability in match()
oss-security - Re: Re: Re: Re: Re: CVE-2015-3217: PCRE Library Call Stack Overflow Vulnerability in match()
oss-security - Re: Re: Re: Re: Re: Re: CVE-2015-3217: PCRE Library Call Stack Overflow Vulnerability in match()
oss-security - Re: Re: Re: Re: cryptocat/decryptocat - needs a cve?
oss-security - Re: Re: SWFUpload <= (Object Injection/CSRF) Vulnerabilities Multiple flaws
oss-security - Re: Re: SWFUpload <= (Object Injection/CSRF) Vulnerabilities Multiple flaws
oss-security - Re: Re: TTY handling when executing code in different lower-privileged context (su, virt containers)
oss-security - Re: Re: Umbraco - The open source ASP.NET CMS Multiple Vulnerabilities
oss-security - Re: Re: Umbraco - The open source ASP.NET CMS Multiple Vulnerabilities
oss-security - Re: Re: Use after free in my_login() function of DBD::mysql (Perl module)
oss-security - Re: Re: [CVE assignment notification] CVE-2012-2142 poppler, xpdf: Insufficient sanitization of escape sequences in the error
oss-security - Re: Re: [CVE assignment notification] CVE-2012-2142 poppler, xpdf: Insufficient sanitization of escape sequences in the error
oss-security - Re: Re: [CVE request] Array allocation fixes in libgfortran
oss-security - Re: Re: [FD] CVE-2016-4484: - Cryptsetup Initrd root Shell
oss-security - Re: Re: [Full-disclosure] File Disclosure in SimpleMachines Forum <= 2.0.3
oss-security - Re: Re: [OSVDB Mods] [New Vulnerability] File Disclosure in SimpleMachines Forum <= 2.0.3 (CVE-2013-0192) (fwd)
oss-security - Re: Re: [PATCH 1/3] virtio-pci: properly validate address before accessing config
oss-security - Re: Re: [PATCH 1/3] virtio-pci: properly validate address before accessing config
oss-security - Re: Re: [PATCH] acpi: debugfs: fix buffer overflows, double free
oss-security - Re: Re: [PATCH] acpi: debugfs: fix buffer overflows, double free
oss-security - Re: Re: [PATCH] acpi: debugfs: fix buffer overflows, double free
oss-security - Re: Re: [Pkg-shadow-devel] subuid security patches for shadow package
oss-security - Re: Re: [Pkg-shadow-devel] subuid security patches for shadow package
oss-security - Re: Re: [klibc] CVE request: klibc: ipconfig sh script with unescaped DHCP options
oss-security - Re: Re: [klibc] CVE request: klibc: ipconfig sh script with unescaped DHCP options
oss-security - Re: Re: [security] Drupal CORE and Drupal Contrib
oss-security - Re: Re: [security] Drupal CORE and Drupal Contrib
oss-security - Re: Re: cve request: docker swarmkit Dos occurs by repeatly joining and quitting swam cluster as a node
oss-security - Re: Re: cve request: docker swarmkit Dos occurs by repeatly joining and quitting swam cluster as a node
oss-security - Re: Re: cve request: docker swarmkit Dos occurs by repeatly joining and quitting swam cluster as a node
oss-security - Re: Re: cve request: docker swarmkit Dos occurs by repeatly joining and quitting swam cluster as a node
oss-security - Re: Re: cve request: docker swarmkit Dos occurs by repeatly joining and quitting swam cluster as a node
oss-security - Re: Re: cve request: local DoS by overflowing kernel mount table using shared bind mount
oss-security - Re: Re: cve request: local DoS by overflowing kernel mount table using shared bind mount
oss-security - Re: Re: cve request: local DoS by overflowing kernel mount table using shared bind mount
oss-security - Re: Re: cve request: local DoS by overflowing kernel mount table using shared bind mount
oss-security - Re: Re: cve request: systemd-machined: information exposure for docker containers
oss-security - Re: Re: cve request: systemd-machined: information exposure for docker containers
oss-security - Re: Re: cve request: systemd-machined: information exposure for docker containers
oss-security - Re: Re: e1000e/82574L hardware erratum
oss-security - Re: Re: ecryptfs headsup
oss-security - Re: Re: ecryptfs headsup
oss-security - Re: Re: ecryptfs headsup
oss-security - Re: Re: imagemagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h) (Incomplete fix for CVE-2016-9556)
oss-security - Re: Re: jasper: invalid memory read in jas_matrix_asl (jas_seq.c)
oss-security - Re: Re: jasper: invalid memory read in jpc_undo_roi (jpc_dec.c)
oss-security - Re: Re: jasper: invalid memory write in dec_clnpass (jpc_t1dec.c)
oss-security - Re: Re: jasper: invalid memory write in dec_clnpass (jpc_t1dec.c)
oss-security - Re: Re: jasper: memory allocation failure in jas_malloc (jas_malloc.c)
oss-security - Re: Re: jasper: multiple crashes with UBSAN
oss-security - Re: Re: libav: NULL pointer dereference in put_no_rnd_pixels8_xy2_mmx (rnd_template.c)
oss-security - Re: Re: lightdm issues
oss-security - Re: Re: linux kernel do_blockdev_direct_IO invalid memory access
oss-security - Re: Re: unassigning CVE-2015-2104
oss-security - Re: Remote file download in Wordpress Plugin mdc-youtube-downloader v2.1.0
oss-security - Re: Remote file download vulnerability in Wordpress Plugin image-export v1.1
oss-security - Re: Remote file download vulnerability in wordpress plugin wp-ecommerce-shop-styling v2.5
oss-security - Re: Remote file inclusion by office applications
oss-security - Re: Remote file upload vulnerability & SQLi in wordpress plugin wp-powerplaygallery v3.3
oss-security - Re: Request CVE for LinuxNode - DoS vulnerability
oss-security - Re: Request cve for imagemagick security problem
oss-security - Re: Request cve for imagemagick security problem (DOS)
oss-security - Re: Request for CVE assignment for tigervnc affected by similar flaws as in CVE-2014-6051 and CVE-2014-6052 of libvncserver
oss-security - Re: Request for CVE for Vulnerability in Tahoe-LAFS 1.9.0
oss-security - Re: Request for CVE for Vulnerability in Tahoe-LAFS 1.9.0
oss-security - Re: Request for CVE for Vulnerability in Tahoe-LAFS 1.9.0
oss-security - Re: Request for CVE: Bytemark Symbiosis
oss-security - Re: Request for a CVE identifier: XML-RPC SAX Parser Information Exposure
oss-security - Re: Requesting CVE for ImageMagick DoS
oss-security - Re: Requesting CVE for calibre file disclosure
oss-security - Re: Requesting four (4) CVE identifiers for GitLab
oss-security - Re: Requesting four (4) CVE identifiers for GitLab
oss-security - Re: Retroactive CVE request for Ruby 1.9.2-p330
oss-security - Re: Ruby 1.9.2-p290 WEBrick::HTTPRequest X-Forwarded-*
oss-security - Re: Ruby CVEs
oss-security - Re: Ruby gem rack-mini-profiler CVE-2016-4442
oss-security - Re: Ruby:HTTP Header injection in 'net/http'
oss-security - Re: Ruining the Magic of Magento's Encryption Library
oss-security - Re: SELinux troubles
oss-security - Re: SPIP vulnerabilities: request for 5 CVE
oss-security - Re: SPIP vulnerabilities: request for 5 CVE
oss-security - Re: SQLite Tempdir Selection Vulnerability
oss-security - Re: SSRF issue in the svgsalamander library
oss-security - Re: SWFUpload <= (Object Injection/CSRF) Vulnerabilities Multiple flaws
oss-security - Re: Samsung S4 (GT-I9500) multiple kernel vulnerabilities
oss-security - Re: Samsung S4 (GT-I9500) multiple kernel vulnerabilities
oss-security - Re: Samsung S4 (GT-I9500) multiple kernel vulnerabilities
oss-security - Re: Samsung S4 (GT-I9500) multiple kernel vulnerabilities
oss-security - Re: Security advisory: local DOS attack affecting non updated PaX patched kernels.
oss-security - Re: Security advisory: local DOS attack affecting non updated PaX patched kernels.
oss-security - Re: Security issue in gitweb
oss-security - Re: Security issues addressed in GraphicsMagick SVG reader
oss-security - Re: Security issues addressed in GraphicsMagick SVG reader
oss-security - Re: Security issues in GOsa
oss-security - Re: Simple Machines Forums - PHP Object Injection
oss-security - Re: Socat security advisory 6 - Possible DoS with fork
oss-security - Re: Socat security advisory 7 - Created new 2048bit DH modulus
oss-security - Re: Stack smashing in libjpeg-turbo
oss-security - Re: Status of two Linux kernel issues w/o CVE assignments
oss-security - Re: Status of two Linux kernel issues w/o CVE assignments
oss-security - Re: Strange CVE situation (at least one ID should come of this)
oss-security - Re: Strange CVE situation (at least one ID should come of this)
oss-security - Re: Strange CVE situation (at least one ID should come of this)
oss-security - Re: Strange CVE situation (at least one ID should come of this)
oss-security - Re: SyntaxHighlight MediaWiki extension allows injection of arbitrary Pygments options
oss-security - Re: TMP flaw in rackspace jclouds?
oss-security - Re: TYPO3 extensions
oss-security - Re: TrueCrypt audit report
oss-security - Re: Twisted Security Issue
oss-security - Re: USBCreator D-Bus service
oss-security - Re: Umbraco - The open source ASP.NET CMS Multiple Vulnerabilities
oss-security - Re: Umbraco - The open source ASP.NET CMS Multiple Vulnerabilities
oss-security - Re: Upcoming security release of fish 2.1.1
oss-security - Re: Upcoming security release of fish 2.1.1
oss-security - Re: Upcoming security release of fish 2.1.1
oss-security - Re: Update on MatrixSSL miscalculation (incomplete fix for CVE-2016-6887)
oss-security - Re: Use after free in my_login() function of DBD::mysql (Perl module)
oss-security - Re: User man Local Root Exploit/Linux Kernel setgid Directory Privilege Escalation/PAM Owner Check Weakness
oss-security - Re: Various invalid memory reads in ImageMagick (WPG, DDS, DCM)
oss-security - Re: Vulnerabilities in VLC 2.1.5
oss-security - Re: Vulnerabilities in VLC 2.1.5
oss-security - Re: Vulnerabilities in WordPress Database Manager v2.7.1
oss-security - Re: Vulnerabilities in WordPress Database Manager v2.7.1
oss-security - Re: Vulnerability Report for Ruby Gem codders-dataset-1.3.2.1 (etc.)
oss-security - Re: WP-Super-Cache XSS and Remote Code Exec
oss-security - Re: WP-Super-Cache XSS and Remote Code Exec
oss-security - Re: WP-Super-Cache XSS and Remote Code Exec
oss-security - Re: Wordpress Pinboard theme XSS
oss-security - Re: Wordpress Plugin: FTP To Zip 1.8
oss-security - Re: X.Org security advisory: Protocol handling issues in X Window System client libraries
oss-security - Re: X.Org security advisory: Protocol handling issues in X Window System client libraries
oss-security - Re: XSS In Zope
oss-security - Re: Xen Security Advisory 201 - ARM guests may induce host asynchronous abort
oss-security - Re: Xen Security Advisory 209 (CVE-2017-2620) - cirrus_bitblt_cputovideo does not check if memory region is safe
oss-security - Re: YingZhi Python Programming Language for iOS ftp .. bug & httpd arbitrary upload
oss-security - Re: YingZhi Python Programming Language for iOS ftp .. bug & httpd arbitrary upload
oss-security - Re: YingZhi Python Programming Language for iOS ftp .. bug & httpd arbitrary upload
oss-security - Re: Zend Framework CVEs
oss-security - Re: Zimbra XSS in aspell.php, CVE request
oss-security - Re: Zimbra XSS in aspell.php, CVE request
oss-security - Re: [ANNOUNCE] Apache Directory LDAP API 1.0.0-M31 released
oss-security - Re: [ANNOUNCE] CVE-2016-0782: ActiveMQ Web Console - Cross-Site Scripting
oss-security - Re: [ANNOUNCE] CVE-2016-0782: ActiveMQ Web Console - Cross-Site Scripting
oss-security - Re: [CVE assignment notification] CVE-2012-2142 poppler, xpdf: Insufficient sanitization of escape sequences in the error
oss-security - Re: [CVE assignment notification] CVE-2012-2142 poppler, xpdf: Insufficient sanitization of escape sequences in the error message {AKA request for feedback if CVE to be marked as disputed / rejected}
oss-security - Re: [CVE request] Array allocation fixes in libgfortran
oss-security - Re: [CVE-2011-2186] XSS security issue in gitweb for 'blob_plain' view with HTML files
oss-security - Re: [CVE-2011-2186] XSS security issue in gitweb for 'blob_plain' view with HTML files
oss-security - Re: [CVE-2015-0839] hp-plugin binary driver verification
oss-security - Re: [CVE-2016-5697] signature wrapping attack vulnerability in ruby-saml prior to version 1.3.0
oss-security - Re: [CVE-2016-6316] Possible XSS Vulnerability in Action View
oss-security - Re: [CVE-2017-9608] null-point-exception happened when ffmpeg using dnxhd decoder to parsing a crafted mv file.
oss-security - Re: [FD] CVE-2016-4484: - Cryptsetup Initrd root Shell
oss-security - Re: [FOXMOLE SA 2016-07-05] ZoneMinder - Multiple Issues
oss-security - Re: [OSSA 2015-011] Cinder host file disclosure through qcow2 backing file (CVE-2015-1850)
oss-security - Re: [OSSA 2015-011] Cinder host file disclosure through qcow2 backing file (CVE-2015-1851)
oss-security - Re: [OSSN-0076] Glance Image service v1 and v2 api image-create vulnerability
oss-security - Re: [OSVDB Mods] [New Vulnerability] File Disclosure in SimpleMachines Forum <= 2.0.3 (CVE-2013-0192) (fwd)
oss-security - Re: [Openvas-devel] CVE Request -- openvas-scanner -- Insecure temporary file use by generation of an OVAL system characteristics document, when ovaldi support enabled
oss-security - Re: [PATCH] acpi: debugfs: fix buffer overflows, double free
oss-security - Re: [PATCH] acpi: debugfs: fix buffer overflows, double free
oss-security - Re: [PATCH] acpi: debugfs: fix buffer overflows, double free
oss-security - Re: [PATCH] acpi: debugfs: fix buffer overflows, double free
oss-security - Re: [PATCH] acpi: debugfs: fix buffer overflows, double free
oss-security - Re: [SECURITY ADVISORY] IDNA 2003 makes curl use wrong host
oss-security - Re: [Security] Qt QXmlSimpleReader
oss-security - Re: [Ticket#2013081510000021] CVE request: TYPO3 remote code execution by arbitrary file creation
oss-security - Re: [Xen-devel] Xen Security Advisory 209 (CVE-2017-2620) - cirrus_bitblt_cputovideo does not check if memory region is safe
oss-security - Re: [Xen-devel] [Xen-users] Xen Security Advisory 208 (CVE-2017-2615) - oob access in cirrus bitblt copy
oss-security - Re: [Xen-users] Xen Security Advisory 208 (CVE-2017-2615) - oob access in cirrus bitblt copy
oss-security - Re: [exact-image] Missing fixes for CVEs in upstream dcraw
oss-security - Re: [klibc] CVE request: klibc: ipconfig sh script with unescaped DHCP options
oss-security - Re: [notification] CVE-2013-6888: uscan: remote code execution
oss-security - Re: [saltstack-security] CVE Request / Saltstack SSL verification disabling for alibabab cloud module
oss-security - Re: [security] CVE request: CKEditor module for Drupal access bypass SA-CONTRIB-2011-054
oss-security - Re: [tigervnc-announce] TigerVNC 1.7.1
oss-security - Re: akpop3d review
oss-security - Re: ark vulnerability: need CVE
oss-security - Re: autotrace: out-of-bounds write
oss-security - Re: autotrace: out-of-bounds write
oss-security - Re: bash - popd controlled free
oss-security - Re: blkid command injection
oss-security - Re: bubblewrap LPE
oss-security - Re: caml-light insecure temporary files
oss-security - Re: contao vulnerability - CVE assigned?
oss-security - Re: coreutils sort heap overflow
oss-security - Re: cracklib: Stack-based buffer overflow when parsing large GECOS field
oss-security - Re: curiosity for CVE-2016-10000
oss-security - Re: curiosity for CVE-2016-10000
oss-security - Re: curiosity for CVE-2016-10000
oss-security - Re: curiosity for CVE-2016-10000
oss-security - Re: cve request for smoothwall & openfiler
oss-security - Re: cve request: docker swarmkit Dos occurs by repeatly joining and quitting swam cluster as a node
oss-security - Re: cve request: docker swarmkit Dos occurs by repeatly joining and quitting swam cluster as a node
oss-security - Re: cve request: insecure temporary file usage - xbindkeys-config
oss-security - Re: cve request: local DoS by overflowing kernel mount table using shared bind mount
oss-security - Re: cve request: local DoS by overflowing kernel mount table using shared bind mount
oss-security - Re: cve request: miniunzip directory traversal
oss-security - Re: cve request: overlayfs: Fix dentry reference leak
oss-security - Re: cve request: systemd-machined: information exposure for docker containers
oss-security - Re: cve request: systemd-machined: information exposure for docker containers
oss-security - Re: cve request: systemd-machined: information exposure for docker containers
oss-security - Re: cve request: systemd-machined: information exposure for docker containers
oss-security - Re: cve request: systemd-machined: information exposure for docker containers
oss-security - Re: cve request: xpdf: insecure tempfile usage in zxpdf script
oss-security - Re: cve-request: linux kernel - memory leak in xfs attribute mechanism.
oss-security - Re: cvs request: local DoS using rename syscall on overlayfs on top of xfs to crash the kernel - Linux kernel
oss-security - Re: dcraw and CVE-2015-8366 + CVE-2015-8367
oss-security - Re: details about Tahoe-LAFS security problem #1654
oss-security - Re: e1000e/82574L hardware erratum
oss-security - Re: echor 0.1.6 Ruby Gem exposes login credentials
oss-security - Re: gajim otr plugin cleartext leak
oss-security - Re: git-hub: missing sanitization of data received from GitHub
oss-security - Re: gksu-polkit
oss-security - Re: gnome-keyring does not discard stored secrets in some cases
oss-security - Re: gnusound 0.7.5 file name handling format string issue
oss-security - Re: gpw password generator giving short password at low rate
oss-security - Re: graphicsmagick: memory allocation failure in MagickMalloc (memory.c)
oss-security - Re: graphicsmagick: memory allocation failure in MagickRealloc (memory.c)
oss-security - Re: graphicsmagick: memory allocation failure in ReadPCXImage (pcx.c)
oss-security - Re: graphicsmagick: stack-based buffer overflow in ReadSCTImage (sct.c)
oss-security - Re: gstreamer multiple issues
oss-security - Re: hardlink(1) has buffer overflows, is unsafe on changing trees
oss-security - Re: hardlink(1) has buffer overflows, is unsafe on changing trees
oss-security - Re: hardlink(1) has buffer overflows, is unsafe on changing trees
oss-security - Re: imagemagick mogrify global buffer overflow
oss-security - Re: imagemagick mogrify use after free
oss-security - Re: imagemagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h)
oss-security - Re: imagemagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h) (Incomplete fix for CVE-2016-9556)
oss-security - Re: imagemagick: heap-based buffer overflow in IsPixelMonochrome (pixel-accessor.h)
oss-security - Re: imagemagick: heap-based buffer overflow in IsPixelMonochrome (pixel-accessor.h)
oss-security - Re: imagemagick: memory allocate failure in AcquireQuantumPixels (quantum.c)
oss-security - Re: imagemagick: memory allocation failure in AcquireMagickMemory (memory.c)
oss-security - Re: imagemagick: memory allocation failure in AcquireMagickMemory (memory.c) (incomplete fix for CVE-2016-8862)
oss-security - Re: imagemagick: memory allocation failure in AcquireMagickMemory (memory.c) (incomplete fix for CVE-2016-8862)
oss-security - Re: imagemagick: null pointer must never be null (tiff.c)
oss-security - Re: information on \"ImageMagick PSD Images Processing RLE Decoding Buffer Overflow Vulnerability\"
oss-security - Re: information on \"ImageMagick PSD Images Processing RLE Decoding Buffer Overflow Vulnerability\"
oss-security - Re: information on \"ImageMagick PSD Images Processing RLE Decoding Buffer Overflow Vulnerability\"
oss-security - Re: information on \"ImageMagick PSD Images Processing RLE Decoding Buffer Overflow Vulnerability\"
oss-security - Re: information on \"ImageMagick PSD Images Processing RLE Decoding Buffer Overflow Vulnerability\"
oss-security - Re: invalid free in GNU ed before 1.14.1
oss-security - Re: ircd-ratbox and Derivatives OOM by MONITOR Command
oss-security - Re: jasper: NULL pointer dereference in jp2_colr_destroy (jp2_cod.c)
oss-security - Re: jasper: invalid memory read in jas_matrix_asl (jas_seq.c)
oss-security - Re: jasper: invalid memory read in jpc_undo_roi (jpc_dec.c)
oss-security - Re: jasper: invalid memory write in dec_clnpass (jpc_t1dec.c)
oss-security - Re: jasper: memory allocation failure in jas_malloc (jas_malloc.c)
oss-security - Re: jasper: multiple assertion failures
oss-security - Re: jasper: multiple crashes with UBSAN
oss-security - Re: jasper: signed integer overflow in jas_image.c
oss-security - Re: jasper: stack-based buffer overflow in jpc_tsfb_getbands2 (jpc_tsfb.c)
oss-security - Re: jasper: two NULL pointer dereference in bmp_getdata (bmp_dec.c) (Incomplete fix for CVE-2016-8690)
oss-security - Re: jasper: two NULL pointer dereference in bmp_getdata (bmp_dec.c) (Incomplete fix for CVE-2016-8690)
oss-security - Re: jasper: two NULL pointer dereference in bmp_getdata (bmp_dec.c) (Incomplete fix for CVE-2016-8690)
oss-security - Re: jasper: use after free in jas_realloc (jas_malloc.c)
oss-security - Re: kamailio: multiple /tmp file vulnerabilities
oss-security - Re: kdesu vulnerability: need CVE
oss-security - Re: kernel: Stack corruption while reading /proc/keys (CVE-2016-7042)
oss-security - Re: kernel: Stack corruption while reading /proc/keys (CVE-2016-7042)
oss-security - Re: kernel: Stack corruption while reading /proc/keys (CVE-2016-7042)
oss-security - Re: kernel: Stack corruption while reading /proc/keys (CVE-2016-7042)
oss-security - Re: kernel: Stack corruption while reading /proc/keys (CVE-2016-7042)
oss-security - Re: kernel: Stack corruption while reading /proc/keys (CVE-2016-7042)
oss-security - Re: kernel: Stack corruption while reading /proc/keys (CVE-2016-7042)
oss-security - Re: kernel: Stack corruption while reading /proc/keys (CVE-2016-7042)
oss-security - Re: kernel: gfs2 acl issue
oss-security - Re: kernel: v4l: videobuf: hotfix a bug on multiple calls to mmap() - Linux kernel
oss-security - Re: kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images
oss-security - Re: kgb-bot can be crashed by some network traffic
oss-security - Re: libav: NULL pointer dereference in ff_put_pixels8_xy2_mmx (rnd_template.c)
oss-security - Re: libav: NULL pointer dereference in put_no_rnd_pixels8_xy2_mmx (rnd_template.c)
oss-security - Re: libav: divide-by-zero in sbr_make_f_master (aacsbr.c)
oss-security - Re: libav: heap-based buffer overflow in ff_audio_resample (resample.c)
oss-security - Re: libav: multiple crashes from the Undefined Behavior Sanitizer
oss-security - Re: libav: multiple crashes from the Undefined Behavior Sanitizer
oss-security - Re: libav: null pointer dereference in get_vlc2 (get_bits.h)
oss-security - Re: libav: out-of-bounds stack read
oss-security - Re: libdwarf: heap-based buffer overflow in _dwarf_get_abbrev_for_code (dwarf_util.c)
oss-security - Re: libdwarf: heap-based buffer overflow in _dwarf_get_abbrev_for_code (dwarf_util.c) (ANOTHER ONE)
oss-security - Re: libdwarf: heap-based buffer overflow in _dwarf_get_size_of_val (dwarf_util.c)
oss-security - Re: libdwarf: heap-based buffer overflow in _dwarf_skim_forms (dwarf_macro5.c)
oss-security - Re: libdwarf: heap-based buffer overflow in dwarf_get_aranges_list (dwarf_arange.c)
oss-security - Re: libdwarf: negation overflow in dwarf_leb.c
oss-security - Re: libical 0.47 SEGV on unknown address
oss-security - Re: libming: listmp3: divide-by-zero in printMP3Headers (listmp3.c)
oss-security - Re: libming: listmp3: global-buffer-overflow in printMP3Headers (listmp3.c)
oss-security - Re: libming: listmp3: left shift in listmp3.c
oss-security - Re: libming: listswf: NULL pointer dereference in dumpBuffer (read.c)
oss-security - Re: libming: listswf: heap-based buffer overflow in _iprintf (outputtxt.c)
oss-security - Re: libming: listswf: heap-based buffer overflow in parseSWF_DEFINEFONT (parser.c)
oss-security - Re: libming: listswf: heap-based buffer overflow in parseSWF_RGBA (parser.c)
oss-security - Re: librsvg and cairo are causing libpng to write out-of-bounds
oss-security - Re: libtiff: multiple heap-based buffer overflow
oss-security - Re: libtiff: stack-based buffer overflow in _TIFFVGetField (tif_dir.c)
oss-security - Re: libupnp write files via POST
oss-security - Re: libwmf: memory allocation failure in wmf_malloc (api.c)
oss-security - Re: linux kernel SCSI arcmsr driver: buffer overflow in arcmsr_iop_message_xfer()
oss-security - Re: linux kernel do_blockdev_direct_IO invalid memory access
oss-security - Re: linux-distros subscription
oss-security - Re: linux-distros subscription
oss-security - Re: mp3splt: NULL pointer dereference in free_options (options_manager.c)
oss-security - Re: mp3splt: NULL pointer dereference in splt_cue_export_to_file (cue.c)
oss-security - Re: mp3splt: invalid free in free_options (options_manager.c)
oss-security - Re: mpack 1.6 allows eavesdropping on mails sent by other users
oss-security - Re: mpack 1.6 allows eavesdropping on mails sent by other users
oss-security - Re: mpg123 CVE Assignment?
oss-security - Re: multiple memory corruption issues in lepton
oss-security - Re: mupdf library use after free
oss-security - Re: mupdf: heap-based buffer overflow in fz_subsample_pixmap
oss-security - Re: mupdf: use-after-free in pdf_to_num (pdf-object.c)
oss-security - Re: nginx http proxy module does not verify peer identity of https origin server
oss-security - Re: ntp security release today
oss-security - Re: openjpeg CVE-2016-3181, CVE-2016-3182 .. and CVE-2013-6045
oss-security - Re: openjpeg CVE-2016-3181, CVE-2016-3182 .. and CVE-2013-6045
oss-security - Re: operator new[] overflow checking in G++
oss-security - Re: perdition: ssl_outgoing_ciphers not applied to STARTTLS connections
oss-security - Re: ping on CVE Request for jenkins-tomcat: Secure and HttpOnly flags are not, set for cookies with Jenkins on Tomcat
oss-security - Re: podofo: NULL pointer dereference in PdfOutputStream.cpp
oss-security - Re: podofo: NULL pointer dereference in PoDoFo::PdfParser::ReadXRefSubsection (PdfParser.cpp)
oss-security - Re: podofo: heap-based buffer overflow in PoDoFo::PdfTokenizer::GetNextToken (PdfTokenizer.cpp)
oss-security - Re: podofo: infinite loop in PoDoFo::PdfPage::GetInheritedKeyFromObject (PdfPage.cpp)
oss-security - Re: podofo: multiple crashes
oss-security - Re: podofo: signed integer overflow in PdfParser.cpp
oss-security - Re: possible CVE request for rpath issues fixed via slackware updates
oss-security - Re: possible CVE request: smb4k credentials cache leak
oss-security - Re: possible CVE requests: perltidy insecure temporary file usage
oss-security - Re: potrace: invalid memory access in findnext (decompose.c)
oss-security - Re: potrace: memory allocation failure
oss-security - Re: potrace: multiple crashes
oss-security - Re: predictable /tmp filename in git-extras
oss-security - Re: race condition checking digests/checksums in sudoers
oss-security - Re: request CVE for weborf
oss-security - Re: request for CVEs for git clients
oss-security - Re: request for CVEs for git clients
oss-security - Re: request for CVEs for git clients
oss-security - Re: request for CVEs for git clients
oss-security - Re: server and cl ient side remote code execution through a buffer overflow in a
oss-security - Re: subuid security patches for shadow package
oss-security - Re: unassigning CVE-2015-2104
oss-security - Re: unassigning CVE-2015-2104
oss-security - Re: unshield directory traversal
oss-security - Re: util-linux 2.29.2 fixes CVE-2017-2616
oss-security - Re: util-linux 2.29.2 fixes CVE-2017-2616
oss-security - Re: util-linux 2.29.2 fixes CVE-2017-2616
oss-security - Re: util-linux 2.29.2 fixes CVE-2017-2616
oss-security - Re: util-linux 2.29.2 fixes CVE-2017-2616
oss-security - Re: util-linux 2.29.2 fixes CVE-2017-2616
oss-security - Re: util-linux 2.29.2 fixes CVE-2017-2616
oss-security - Re: util-linux 2.29.2 fixes CVE-2017-2616
oss-security - Re: util-linux 2.29.2 fixes CVE-2017-2616
oss-security - Re: various sddm vulnerabilities
oss-security - Re: vsftpd download backdoored
oss-security - Re: wavpack: multiple out of bounds memory reads
oss-security - Re: why many CVEs are ** RESERVED ** on Mitre
oss-security - Re: xfe: directory masks ignored when creating new files on Samba and NFS
oss-security - Reflected XSS & SQLi in HugeIT slideshow v1.0.4
oss-security - Reflected XSS and SQLi in Huge IT Joomla Slider v1.0.9 extension
oss-security - Reject CVE-2012-3878?
oss-security - Ruby CVEs
oss-security - Ruby gem rack-mini-profiler CVE-2016-4442
oss-security - Ruby:HTTP Header injection in 'net/http'
oss-security - SQLi and Reflected XSS in Huge IT catalog extension v1.0.4 for Joomla
oss-security - SQLi and Reflected XSS in Huge IT catalog extension v1.0.4 for Joomla
oss-security - SWFUpload <= (Object Injection/CSRF) Vulnerabilities Multiple flaws
oss-security - Samsung S4 (GT-I9500) multiple kernel vulnerabilities
oss-security - Security advisory for musl libc - remote stack-based buffer overflow in DNS response parsing [CVE-2014-3484]
oss-security - Security advisory for musl libc - stack-based buffer overflow in ipv6 literal parsing [CVE-2015-1817]
oss-security - Security issue in LXC (CVE-2016-8649) with additional Linux kernel implications
oss-security - Security issue in OpenStack (nova)
oss-security - Security issues addressed in GraphicsMagick SVG reader
oss-security - Security release for mod_wsgi (version 3.5)
oss-security - Security release of fish shell 2.1.1
oss-security - Several low impact ntp.org ntpd issues
oss-security - Socat security advisory 6 - Possible DoS with fork (update: CVE-Id: CVE-2015-1379; fix for version 2)
oss-security - Summer bug cleaning - some Hash DoS stuff
oss-security - SyntaxHighlight MediaWiki extension allows injection of arbitrary Pygments options
oss-security - TeX Live: CVE-2016-10243: whitelists a insecure binary/utility to be run as external program
oss-security - TigerVNC 1.3.1 fixes ZRLE decoding bounds checking issue
oss-security - Two new security advisories released for Apache WSS4J
oss-security - Upcoming security release of fish 2.1.1
oss-security - Update on MatrixSSL miscalculation (incomplete fix for CVE-2016-6887)
oss-security - Updated: XSS and SQLi in huge IT gallery v1.1.5 for Joomla
oss-security - Use-after-free (and double-free) in Jasper JPEG-200 (CVE-2015-5221)
oss-security - Vulnerabilities in Apache Archiva
oss-security - W3 Total Cache 0.9.2.8 Remote Code Exec
oss-security - WP-Super-Cache 1.3.1 Remote Code Exec - properly fixed?
oss-security - WP-Super-Cache XSS and Remote Code Exec
oss-security - WebKitGTK+ Security Advisory WSA-2015-0002
oss-security - WebKitGTK+ Security Advisory WSA-2016-0006
oss-security - WebKitGTK+ Security Advisory WSA-2017-0001
oss-security - X.Org security advisory: Protocol handling issues in X Window System client libraries
oss-security - XSS and SQLi in huge IT gallery v1.1.5 for Joomla
oss-security - Xen Security Advisory 162 (CVE-2015-7504) - heap buffer overflow vulnerability in pcnet emulator
oss-security - Xen Security Advisory 182 (CVE-2016-6258) - x86: Privilege escalation in PV guests
oss-security - Xen Security Advisory 183 (CVE-2016-6259) - x86: Missing SMAP whitelisting in 32-bit exception / event delivery
oss-security - Xen Security Advisory 184 (CVE-2016-5403) - virtio: unbounded memory allocation issue
oss-security - Xen Security Advisory 190 (CVE-2016-7777) - CR0.TS and CR0.EM not always honored for x86 HVM guests
oss-security - Xen Security Advisory 191 (CVE-2016-9386) - x86 null segments not always treated as unusable
oss-security - Xen Security Advisory 192 (CVE-2016-9382) - x86 task switch to VM86 mode mis-handled
oss-security - Xen Security Advisory 193 (CVE-2016-9385) - x86 segment base write emulation lacking canonical address checks
oss-security - Xen Security Advisory 194 (CVE-2016-9384) - guest 32-bit ELF symbol table load leaking host data
oss-security - Xen Security Advisory 195 (CVE-2016-9383) - x86 64-bit bit test instruction emulation broken
oss-security - Xen Security Advisory 196 (CVE-2016-9377,CVE-2016-9378) - x86 software interrupt injection mis-handled
oss-security - Xen Security Advisory 197 (CVE-2016-9381) - qemu incautious about shared ring processing
oss-security - Xen Security Advisory 198 (CVE-2016-9379,CVE-2016-9380) - delimiter injection vulnerabilities in pygrub
oss-security - Xen Security Advisory 199 (CVE-2016-9637) - qemu ioport array overflow
oss-security - Xen Security Advisory 200 (CVE-2016-9932) - x86 CMPXCHG8B emulation fails to ignore operand size override
oss-security - Xen Security Advisory 201 (CVE-2016-9815,CVE-2016-9816,CVE-2016-9817,CVE-2016-9818) - ARM guests may induce host asynchronous abort
oss-security - Xen Security Advisory 208 (CVE-2017-2615) - oob access in cirrus bitblt copy
oss-security - Xen Security Advisory 208 (CVE-2017-2615) - oob access in cirrus bitblt copy
oss-security - Xen Security Advisory 209 (CVE-2017-2620) - cirrus_bitblt_cputovideo does not check if memory region is safe
oss-security - Xen Security Advisory 209 (CVE-2017-2620) - cirrus_bitblt_cputovideo does not check if memory region is safe
oss-security - Xen Security Advisory 211 (CVE-2016-9603) - Cirrus VGA Heap overflow via display refresh
oss-security - [ANNOUNCE] CVE-2014-3579 - ActiveMQ Apollo vulnerability
oss-security - [ANNOUNCE] CVE-2014-3600, CVE-2014-3612 and CVE-2014-8110 - Apache ActiveMQ vulnerabilities
oss-security - [ANNOUNCE] CVE-2015-7559 - DoS in client via shutdown command
oss-security - [ANNOUNCE] CVE-2016-0782: ActiveMQ Web Console - Cross-Site Scripting
oss-security - [ANNOUNCE] CVE-2016-6810: ActiveMQ Web Console - Cross-Site Scripting
oss-security - [ANNOUNCE] CVE-2017-5635 and CVE-2017-5636
oss-security - [ANNOUNCE][CVE-2016-0779] Apache TomEE 1.7.4 and 7.0.0-M3 releases
oss-security - [CVE assignment notification] CVE-2012-2142 poppler, xpdf: Insufficient sanitization of escape sequences in the error message {AKA
oss-security - [CVE assignment notification] Multiple vulnerabilities in POSH
oss-security - [CVE-2011-2186] [PATCH] gitweb: Enable $prevent_xss by default
oss-security - [CVE-2015-0839] hp-plugin binary driver verification
oss-security - [CVE-2015-1866] Ember.js XSS Vulnerability With {{view \"select\"}} Options
oss-security - [CVE-2015-3188] Apache Storm remote code execution vulnerability
oss-security - [CVE-2015-3271] Apache Tika information disclosure vulnerability
oss-security - [CVE-2015-5191] local privilege escalation in Open VMware Tools
oss-security - [CVE-2015-5215] Ipsilon: XSS in multiple pages
oss-security - [CVE-2016-1000007] Pagure: XSS in raw file endpoint
oss-security - [CVE-2016-1281] NOT FIXED: VeraCrypt*Setup*.exe still vulnerable to DLL hijacking
oss-security - [CVE-2016-3089] Apache OpenMeetings XSS in SWF panel
oss-security - [CVE-2016-3403] [Zimbra] Multiple CSRF in Administration interface - all versions
oss-security - [CVE-2016-4434] Apache Tika XML External Entity vulnerability
oss-security - [CVE-2016-5000] XML External Entity (XXE) Vulnerability in Apache POI's XLSX2CSV Example
oss-security - [CVE-2016-5697] signature wrapping attack vulnerability in ruby-saml prior to version 1.3.0
oss-security - [CVE-2016-6316] Possible XSS Vulnerability in Action View
oss-security - [CVE-2016-6317] Unsafe Query Generation Risk in Active Record
oss-security - [CVE-2016-6582] Doorkeeper gem does not revoke tokens & uses wrong auth/auth method
oss-security - [CVE-2016-6671] ffmpeg buffer overflow when decoding swf
oss-security - [CVE-2016-6814] Apache Groovy Information Disclosure
oss-security - [CVE-2016-6881] ffmpeg endless loop when dealing with craft swf file.
oss-security - [CVE-2016-8595] ffmpeg crashes with an assert
oss-security - [CVE-2016-8736] Apache Openmeetings RMI Registry Java Deserialization RCE
oss-security - [CVE-2016-8741] Apache Qpid Broker for Java - Information Leakage
oss-security - [CVE-2016-9561] ffmpeg crashes on decoding MOV file
oss-security - [CVE-2017-6086] Multiple CSRF vulnerabilities in ViMbAdmin version 3.0.15
oss-security - [CVE-2017-9608] null-point-exception happened when ffmpeg using dnxhd decoder to parsing a crafted mv file.
oss-security - [OSSA 2013-017] Issues in Keystone middleware memcache signing/encryption feature (CVE-2013-2166, CVE-2013-2167)
oss-security - [OSSA 2015-011.1] Cinder host file disclosure through qcow2 backing file (CVE-2015-1851) ERRATA 1
oss-security - [OSSA 2015-011] Cinder host file disclosure through qcow2 backing file (CVE-2015-1850)
oss-security - [OSSA 2016-012] Malicious qemu-img input may exhaust resources in Cinder, Glance, Nova (CVE-2015-5162)
oss-security - [OSSA 2016-013] Network information disclosure through Heat template source URL (CVE-2016-9185)
oss-security - [OSSA-2017-001] CatchErrors leaks sensitive values in oslo.middleware (CVE-2017-2592)
oss-security - [OSSA-2017-004] federated user gets wrong role (CVE-2017-2673)
oss-security - [OSSN-0078] Ceph credentials included in logs using older versions of libvirt/qemu
oss-security - [SECURITY ADVISORY] IDNA 2003 makes curl use wrong host
oss-security - [SECURITY ADVISORY] curl OOB write via unchecked multiplication
oss-security - [SECURITY ADVISORY] curl URL unescape heap overflow via integer truncation
oss-security - [SECURITY ADVISORY] curl case insensitive password comparison
oss-security - [SECURITY ADVISORY] curl cookie injection for other servers
oss-security - [SECURITY ADVISORY] curl double-free in curl_maprintf
oss-security - [SECURITY ADVISORY] curl double-free in krb5 code
oss-security - [SECURITY ADVISORY] curl glob parser write/read out of bounds
oss-security - [SECURITY ADVISORY] curl invalid URL parsing with '#'
oss-security - [SECURITY ADVISORY] curl use-after-free via shared cookies
oss-security - [SECURITY ADVISORY] curl: TLS session resumption client cert bypass (again)
oss-security - [SECURITY ADVISORY] curl: printf floating point buffer overflow
oss-security - [SECURITY ADVISORY] curl: uninitialized random
oss-security - [SECURITY ADVISORY] curl_getdate read out of bounds
oss-security - [SECURITY ADVISORY]: curl SSL_VERIFYSTATUS ignored
oss-security - [SECURITY ISSUES] CVE-2016-3691 and CVE-2016-3114
oss-security - [SECURITY VULNERABILITY] curl escape and unescape integer overflows
oss-security - [SECURITY] CVE-2016-0762 Apache Tomcat Realm Timing Attack
oss-security - [SECURITY] CVE-2016-3086: Apache Hadoop YARN NodeManager vulnerability
oss-security - [SECURITY] CVE-2016-4467: Apache Qpid Proton: Failure to verify that the server host name matches the certificate host name on Windows
oss-security - [SECURITY] CVE-2016-5001: Apache Hadoop Information Disclosure
oss-security - [SECURITY] CVE-2016-5018 Apache Tomcat Security Manager Bypass
oss-security - [SECURITY] CVE-2016-6794 Apache Tomcat Security System Property Disclosure
oss-security - [SECURITY] CVE-2016-6796 Apache Tomcat Security Manager Bypass
oss-security - [SECURITY] CVE-2016-6797 Apache Tomcat Unrestricted Access to Global Resources
oss-security - [SECURITY] CVE-2016-6808 Apache Tomcat JK ISAPI Connector buffer overflow
oss-security - [SECURITY] CVE-2016-6816 Apache Tomcat Information Disclosure
oss-security - [SECURITY] CVE-2016-6817 Apache Tomcat Denial of Service
oss-security - [SECURITY] CVE-2016-8735 Apache Tomcat Remote Code Execution
oss-security - [SECURITY] CVE-2016-8745 Apache Tomcat Information Disclosure
oss-security - [SECURITY][UPDATE] CVE-2016-8745 Apache Tomcat Information Disclosure
oss-security - [oCERT 2015-011] PyAMF input sanitization errors (XXE)
oss-security - [oCERT 2015-012] Ganeti multiple issues
oss-security - [oCERT 2016-001] Jetty path sanitization issues
oss-security - [oCERT-2014-004] Ansible input sanitization errors
oss-security - [oCERT-2014-005] LPAR2RRD input sanitization errors
oss-security - [oCERT-2014-011] UnZip input sanitization errors
oss-security - [oCERT-2015-008] FreeRADIUS insufficent CRL application
oss-security - beaker vulns fixed in version 20.1
oss-security - busybox CVE-2014-9645
oss-security - chrony security release as well
oss-security - consolekit security flaw heads up
oss-security - cracklib: Stack-based buffer overflow when parsing large GECOS field
oss-security - curiosity for CVE-2016-10000
oss-security - dcraw and CVE-2015-8366 + CVE-2015-8367
oss-security - docker2aci: infinite loop in deps walking(CVE-2016-8579)
oss-security - ffmpeg before 3.1.4 [CVE-2016-7562] [CVE-2016-7122] [CVE-2016-7450] [CVE-2016-7502] [CVE-2016-7555] [CVE-2016-7785] [CVE-2016-7905]
oss-security - firewalld: Firewall configuration can be modified by any logged in user
oss-security - freeIPA CVEs CVE-2016-9575 (insufficient permission check) & CVE-2016-7030 (DoS)
oss-security - glibc: Per-thread memory leak in __res_vinit with IPv6 nameservers (CVE-2016-5417)
oss-security - hostapd/wpa_supplicant: EAP-pwd missing last fragment length validation
oss-security - ikiwiki: CVE-2016-9645 (incomplete fix for CVE-2016-10026), CVE-2016-9646 (commit metadata forgery)
oss-security - ikiwiki: CVE-2017-0356: Authentication bypass via repeated parameters
oss-security - imagemagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h) (Incomplete fix for CVE-2016-9556)
oss-security - imagemagick: memory allocation failure in AcquireMagickMemory (memory.c) (incomplete fix for CVE-2016-8862)
oss-security - ircd-ratbox and Derivatives OOM by MONITOR Command
oss-security - jasper: NULL pointer dereference in jp2_colr_destroy (jp2_cod.c) (incomplete fix for CVE-2016-8887)
oss-security - jasper: two NULL pointer dereference in bmp_getdata (bmp_dec.c) (Incomplete fix for CVE-2016-8690)
oss-security - kernel: ACPI table override is allowed when securelevel is enabled
oss-security - kernel: Stack corruption while reading /proc/keys (CVE-2016-7042)
oss-security - kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images
oss-security - libnsbmp: heap overflow (CVE-2015-7508) and out-of-bounds read (CVE-2015-7507)
oss-security - libnsgif: stack overflow (CVE-2015-7505) and out-of-bounds read (CVE-2015-7506)
oss-security - mailx issues (CVE-2004-2771, CVE-2014-7844)
oss-security - mod_nss FakeBasicAuth authentication bypass
oss-security - openjpeg CVE-2016-3181, CVE-2016-3182 .. and CVE-2013-6045
oss-security - ownCloud Security Advisories - 2013-001 & 2013-002
oss-security - pcs: CVE-2017-2661 Improper node name field validation when creating clusters leads to XSS
oss-security - pitivi: CVE-2015-0855: Insecure use of os.system()
oss-security - python-rope: pickle.load of remotely supplied data with no authentication required
oss-security - server and client side remote code execution through a bu ffer overflow in all git versions before 2.7.1 (unpublished
oss-security - spice-server: CVE-2016-9577, CVE-2016-9578: remote DoS and buffer overflow from crafted messages
oss-security - subscription-manager: CVE-2017-2663 unsafe dbus interface
oss-security - three issues in xorg (CVE-2016-2624, CVE-2016-2625, CVE-2016-2626)
oss-security - tty-hijacking & CVE-2005-4890 - redux
oss-security - two udhcpc (busybox) issues
oss-security - unassigning CVE-2015-2104
oss-security - util-linux 2.29.2 fixes CVE-2017-2616
oss-security - various vulnerabilities in Node.js packages
oss-security - why many CVEs are ** RESERVED ** on Mitre
oss-security - wpa_supplicant: EAP-pwd peer error path failure on unexpected Confirm message
oss-security - znc id: CVE-2010-2448 or CVE-2010-2488?