# $NetBSD: pkg-vulnerabilities,v 1.290 2024/12/20 10:27:01 wiz Exp $ # #FORMAT 1.0.0 # # Please read "Handling packages with security problems" in the pkgsrc # guide before editing this file. # # Note: NEVER remove entries from this file; this should document *all* # known package vulnerabilities so it is entirely appropriate to have # multiple entries in this file for a single package, and to contain # entries for packages which have been removed from pkgsrc. # # New entries should be added at the end of this file. # # Please ask pkgsrc-security to update the copy on ftp.NetBSD.org after # making changes to this file. # # The command to run for this update is "./pkg-vuln-update.sh", but it needs # access to the private GPG key for pkgsrc-security. # # If you have comments/additions/corrections, please contact # pkgsrc-security@NetBSD.org. # # Note: If this file format changes, please do not forget to update # pkgsrc/mk/scripts/genreadme.awk which also parses this file. # # package type of exploit URL cfengine<1.5.3nb3 remote-root-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-013.txt.asc navigator<4.75 remote-user-access http://www.cert.org/advisories/CA-2000-15.html navigator<4.74 remote-user-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-011.txt.asc communicator<4.75 remote-user-access http://www.cert.org/advisories/CA-2000-15.html communicator<4.74 remote-user-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-011.txt.asc pine<4.30 remote-user-shell http://www.securityfocus.com/bid/1709 pine<4.21nb1 denial-of-service http://www.securityfocus.com/advisories/2646 imap-uw<4.7c6 denial-of-service http://www.securityfocus.com/advisories/2646 screen<3.9.5nb1 local-root-shell http://www.securityfocus.com/advisories/2634 ntop<1.1 remote-root-shell http://www.securityfocus.com/advisories/2520 wu-ftpd<2.6.1 remote-root-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-010.txt.asc wu-ftpd<2.4.2b18.2 remote-root-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA1999-003.txt.asc xlockmore<4.17 local-root-file-view ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-003.txt.asc lsof<4.41 local-root-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA1999-005.txt.asc wu-ftpd<2.6.0 remote-root-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA1999-003.txt.asc racoon<20001004a local-root-file-view http://mail-index.NetBSD.org/tech-net/2000/09/24/0000.html global<3.56 remote-user-access http://www.NetBSD.org/cgi-bin/query-pr-single.pl?number=11165 apache<1.3.14 remote-user-access http://httpd.apache.org/dist/httpd/CHANGES_1.3 apache6<1.3.14 remote-user-access http://httpd.apache.org/dist/httpd/CHANGES_1.3 thttpd<2.20 remote-user-access http://www.dopesquad.net/security/advisories/20001002-thttpd-ssi.txt bind<8.2.2.7 denial-of-service http://www.isc.org/products/BIND/bind-security.html gnupg<1.0.4 weak-authentication http://www.gnupg.org/whatsnew.html#rn20001017 pine<=4.21 remote-root-shell ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:59.pine.asc navigator<4.76 remote-root-shell ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00%3A66.netscape.asc navigator3<4.76 remote-root-shell ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00%3A66.netscape.asc openssh<2.3.0 weak-authentication http://www.openbsd.org/errata27.html#sshforwarding ethereal<=0.8.13 remote-root-shell http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Ffromthread%3D1%26end%3D2000-11-25%26mid%3D145761%26start%3D2000-11-19%26list%3D1%26threads%3D0%26 php<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3 php-gd<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3 php-ldap<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3 php-mysql<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3 php-pgsql<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3 php-snmp<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3 racoon<20001211a denial-of-service http://www.kame.net/ LPRng<3.6.25 remote-root-shell http://www.cert.org/advisories/CA-2000-22.html jakarta-tomcat<3.1.1 remote-server-admin http://jakarta.apache.org/site/news.html jakarta-tomcat<3.2.3 cross-site-html http://www.securityfocus.com/bid/2982 fsh<1.1 local-root-file-view http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1135 bitchx<1.0.3.17nb1 remote-user-shell http://www.securityfocus.com/bid/2087 namazu<1.3.0.11 remote-file-creation http://www.namazu.org/security.html.en zope<2.2.5 weak-authentication http://www.zope.org/Products/Zope/ bind<8.2.3 remote-root-shell http://www.cert.org/advisories/CA-2001-02.html suse{,32}_base<6.4nb2 local-root-shell http://www.suse.com/de/support/security/2001_001_glibc_txt.txt ja-micq<0.4.6.1 remote-user-shell http://www.freebsd.org/security/#adv micq<0.4.6.1 remote-user-shell http://www.freebsd.org/security/#adv ssh<1.2.27nb1 remote-root-shell http://razor.bindview.com/publish/advisories/adv_ssh1crc.html ssh6<=1.2.31 remote-root-shell http://razor.bindview.com/publish/advisories/adv_ssh1crc.html openssh<2.3.0 remote-root-shell http://razor.bindview.com/publish/advisories/adv_ssh1crc.html camediaplay<20010211 local-user-shell ftp://ftp.itojun.org/pub/digi-cam/C-400/unix/README analog<4.16 remote-user-shell http://www.analog.cx/security2.html gnupg<1.0.4nb3 weak-authentication http://www.gnupg.org/whatsnew.html#rn20001130 xemacs<21.1.14 remote-user-shell http://list-archive.xemacs.org/xemacs-announce/200102/msg00000.html sudo<1.6.3p6 local-root-shell http://www.openbsd.org/errata36.html#sudo Mesa-glx<=20000813 local-root-shell http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-029.php3?dis=7.2 apache<1.3.19 remote-user-access http://httpd.apache.org/dist/httpd/Announcement.html apache6<1.3.19 remote-user-access http://httpd.apache.org/dist/httpd/Announcement.html exmh<2.3 local-symlink-race http://www.beedub.com/exmh/symlink.html samba<2.0.8 local-symlink-race http://www.securityfocus.com/templates/archive.pike?list=1&mid=177370 hylafax<4.1b3 local-root-shell http://www.securityfocus.com/archive/1/176716 squirrelmail<1.0.5 remote-user-access http://www.geocrawler.com/lists/3/SourceForge/599/500/5567091/ kdelibs-2.1 local-root-shell http://dot.kde.org/988663144/ icecast<1.3.10 remote-user-access http://www.securityfocus.com/bid/2264 joe<2.8nb1 local-file-write http://www.securityfocus.com/bid/1959 joe<2.8nb1 local-user-shell http://www.securityfocus.com/bid/2437 openssh<2.9.2 remote-file-write http://www.openbsd.org/errata.html#sshcookie w3m<0.2.1.0.19nb1 remote-user-shell http://mi.med.tohoku.ac.jp/~satodai/w3m-dev-en/200106.month/537.html samba<2.0.10 local-root-shell http://www.samba.org/samba/whatsnew/macroexploit.html samba-2.2.0 local-root-shell http://www.samba.org/samba/whatsnew/macroexploit.html samba-2.2.0nb1 local-root-shell http://www.samba.org/samba/whatsnew/macroexploit.html fetchmail<5.8.8 remote-user-access http://www.securityfocus.com/vdb/?id=2877 openldap<1.2.12 denial-of-service http://www.cert.org/advisories/CA-2001-18.html horde<1.2.6 remote-user-shell http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26mid%3D198495 imp<1.2.6 remote-user-shell http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26mid%3D198495 fetchmail<5.8.17 remote-user-shell http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26mid%3D203165 windowmaker<0.65.1 remote-user-shell http://www.debian.org/security/2001/dsa-074 sendmail<8.11.6 local-root-shell ftp://ftp.sendmail.org/pub/sendmail/RELEASE_NOTES gnut<0.4.27 remote-script-inject http://www.gnutelliums.com/linux_unix/gnut/ screen<3.9.10 local-root-shell http://lists.opensuse.org/opensuse-security-announce/2000-Sep/0005.html openssh<2.9.9.2 remote-user-access http://www.securityfocus.com/cgi-bin/archive.pl?id=1&mid=216702&start=2001-09-23&end=2001-09-29 w3m<0.2.1.0.19nb2 weak-authentication http://mi.med.tohoku.ac.jp/~satodai/w3m-dev/200109.month/2226.html procmail<3.20 local-root-shell http://www.somelist.com/mail.php/282/view/1200950 slrn<0.9.7.2nb1 remote-script-inject http://slrn.sourceforge.net/patches/index.html#subsect_decode nvi-m17n<1.79.19991117 local-user-shell http://www.securityfocus.com/archive/1/221880 mgetty<1.1.22 denial-of-service ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00%3A71.mgetty.asc kdeutils-2.2.1 local-root-shell http://lists.kde.org/?l=kde-announce&m=100535642201983&w=2 imp<2.2.7 remote-file-view http://www.securityfocus.com/archive/1/225686 libgtop<1.0.12nb1 remote-user-shell http://www.intexxia.com/ wu-ftpd<=2.6.1 remote-root-shell http://msgs.securepoint.com/cgi-bin/get/bugtraq0111/199.html radius-3.6B remote-user-shell http://xforce.iss.net/alerts/advise87.php exim<3.34 remote-user-shell http://www.exim.org/pipermail/exim-announce/2001q4/000048.html stunnel<3.22 remote-user-shell http://www.stunnel.org/patches/desc/formatbug_ml.html mutt<1.2.5.1 remote-user-shell http://www.mutt.org/announce/mutt-1.2.5.1-1.3.25.html mutt-1.3.1* remote-user-shell http://www.mutt.org/announce/mutt-1.2.5.1-1.3.25.html mutt-1.3.2[0-4]* remote-user-shell http://www.mutt.org/announce/mutt-1.2.5.1-1.3.25.html cyrus-sasl<1.5.27 remote-code-execution http://www.securityfocus.com/bid/3498 openldap<2.0.20 denial-of-service http://www.openldap.org/lists/openldap-announce/200201/msg00002.html xchat<1.8.7 remote-command-injection http://xchat.org/ enscript<1.6.1nb1 local-file-write http://www.securityfocus.com/bid/3920 rsync<2.5.2 remote-code-execution http://lists.samba.org/pipermail/rsync-announce/2002-January/000005.html squirrelmail-1.2.[0-3] remote-code-execution http://www.securityfocus.com/bid/3952 gnuchess<5.03 remote-user-shell http://linux.oreillynet.com/pub/a/linux/2002/01/28/insecurities.html ucd-snmp<4.2.3 weak-authentication http://www.cert.org/advisories/CA-2002-03.html ucd-snmp<4.2.3 denial-of-service http://www.cert.org/advisories/CA-2002-03.html ucd-snmp<4.2.3nb1 remote-user-shell http://www.securityfocus.com/archive/1/248141 squid<2.4.4 remote-user-shell http://www.squid-cache.org/Advisories/SQUID-2002_1.txt ap-php<3.0.18nb1 remote-code-execution http://security.e-matters.de/advisories/012002.html php<3.0.18nb1 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.1pl2 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.3pl1 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.3pl1nb1 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.4 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.4.1 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.4.1nb1 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.5 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.6 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.1.0 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.1.1 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.0.3pl1 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.0.4 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.0.4.1 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.0.4.1nb1 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.0.5 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.0.6 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.1.0 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.1.1 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.3.0 remote-code-execution http://www.php.net/release_4_3_1.php radiusd-cistron<1.6.6 denial-of-service http://www.kb.cert.org/vuls/id/936683 radiusd-cistron<1.6.6 remote-code-execution http://www.kb.cert.org/vuls/id/589523 openssh<3.0.2.1nb2 local-root-shell http://www.pine.nl/advisories/pine-cert-20020301.txt htdig<3.1.6 denial-of-service http://online.securityfocus.com/bid/3410 htdig<3.1.6 local-user-file-view http://online.securityfocus.com/bid/3410 fileutils<4.1.7 local-file-removal http://mail.gnu.org/pipermail/bug-fileutils/2002-March/002433.html zlib<1.1.4 denial-of-service http://www.zlib.org/advisory-2002-03-11.txt rsync<2.5.3 remote-user-file-view http://lists.samba.org/pipermail/rsync-announce/2002-March/000006.html suse{,32}_base<6.4nb5 denial-of-service http://www.zlib.org/advisory-2002-03-11.txt icecast<1.3.11 remote-root-shell http://www.debian.org/security/2001/dsa-089 sun-{jre,jdk}<1.3.1.0.2 remote-code-execution http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/218&type=0&nav=sec.sba analog<5.22 remote-script-inject http://www.analog.cx/docs/whatsnew.html jakarta-tomcat<3.2.3nb1 cross-site-scripting http://httpd.apache.org/info/css-security/ sudo<1.6.6 local-root-shell http://www.sudo.ws/sudo/alerts/prompt.html squirrelmail<1.2.6 remote-code-execution http://cert.uni-stuttgart.de/archive/bugtraq/2002/03/msg00414.html analog<5.23 denial-of-service http://www.analog.cx/security5.html icecast<1.3.12 denial-of-service http://online.securityfocus.com/bid/4415 qpopper<4.0.4 denial-of-service http://online.securityfocus.com/bid/4295 qpopper<4.0.4nb1 local-root-shell http://online.securityfocus.com/bid/4614 imap-uw<2001.1 local-root-shell http://online.securityfocus.com/bid/4713 fetchmail<5.9.10 remote-user-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0146 gaim<0.58 local-user-file-view http://online.securityfocus.com/archive/1/272180 mozilla<1.0rc3 remote-user-file-view http://groups.google.com/groups?as_umsgid=3CD095D4.9050003%40mozilla.org&hl=en ethereal<0.9.4 remote-user-access http://www.ethereal.com/appnotes/enpa-sa-00004.html bind-9.[01].* denial-of-service http://www.cert.org/advisories/CA-2002-15.html bind-9.2.0* denial-of-service http://www.cert.org/advisories/CA-2002-15.html bind-9.2.1rc* denial-of-service http://www.cert.org/advisories/CA-2002-15.html bind-8.3.0 denial-of-service http://www.isc.org/products/BIND/bind8.html xchat<1.8.9 remote-user-shell http://www.linuxsecurity.com/advisories/redhat_advisory-2107.html apache<1.3.26 remote-root-shell http://httpd.apache.org/info/security_bulletin_20020617.txt apache6<1.3.26 remote-root-shell http://httpd.apache.org/info/security_bulletin_20020617.txt apache-2.0.1? remote-root-shell http://httpd.apache.org/info/security_bulletin_20020617.txt apache-2.0.2? remote-root-shell http://httpd.apache.org/info/security_bulletin_20020617.txt apache-2.0.3[0-8]* remote-root-shell http://httpd.apache.org/info/security_bulletin_20020617.txt irssi<0.8.5 denial-of-service http://online.securityfocus.com/archive/1 #ap-ssl<2.8.10 remote-root-shell http://www.apache-ssl.org/advisory-20020620.txt ap-ssl<2.8.10 remote-root-shell http://www.modssl.org/news/changelog.html apache<1.3.26nb1 remote-root-shell http://www.apache-ssl.org/advisory-20020620.txt apache6<1.3.26nb1 remote-root-shell http://www.apache-ssl.org/advisory-20020620.txt bind<4.9.7nb1 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html #compat12<=1.2.1 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html #compat13<=1.3.3nb1 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html compat14<1.4.3.2 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html openssh<3.4 remote-root-shell https://nvd.nist.gov/vuln/detail/CVE-2002-0639 #bind<=9.2.1 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html bind<8.3.3 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html socks5<1.0.2nb2 remote-root-shell http://online.securityfocus.com/archive/1/9842 socks5-1.0.[3-9]* remote-root-shell http://online.securityfocus.com/archive/2/9842 socks5-1.0.1[0-1]* remote-root-shell http://online.securityfocus.com/archive/2/9842 ipa<1.2.7 local-access http://www.NetBSD.org/cgi-bin/query-pr-single.pl?number=17434 ethereal<0.9.5 remote-root-shell http://www.ethereal.com/appnotes/enpa-sa-00005.html squid<2.4.7 remote-user-shell http://www.squid-cache.org/Advisories/SQUID-2002_3.txt nn<6.6.4 remote-user-shell http://online.securityfocus.com/bid/5160 inn<2.3.0 remote-user-shell http://online.securityfocus.com/bid/2620 cvsup-gui<=16.1.d remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html cvsup<=16.1.d remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html xpilot<4.5.1 remote-user-shell http://online.securityfocus.com/bid/4534 gnut<0.4.28 remote-user-shell http://online.securityfocus.com/bid/3267/ wwwoffle<2.7c denial-of-service http://bespin.org/~qitest1/adv/wwwoffle-2.7b.asc png<1.2.4 remote-user-shell ftp://swrinde.nde.swri.edu/pub/png-group/archives/png-list.200207 php-4.2.[01] remote-user-shell http://security.e-matters.de/advisories/022002.html ap-php-4.2.[01] remote-user-shell http://security.e-matters.de/advisories/022002.html srp_client<1.7.5 unknown http://www-cs-students.stanford.edu/~tjw/srp/download.html hylafax<4.1.3 remote-root-shell http://www.securityfocus.com/bid/3357 openssl<0.9.6e remote-root-shell http://www.openssl.org/news/secadv_20020730.txt libmm<1.2.1 local-root-shell http://online.securityfocus.com/bid/5352 openssl<0.9.6f denial-of-service http://www.openssl.org/news/secadv_20020730.txt png<=1.0.12 remote-user-shell http://online.securityfocus.com/bid/5409 kdelibs-2.1.* weak-ssl-authentication http://online.securityfocus.com/archive/1/286290/2002-08-08/2002-08-14/2 kdelibs-2.2.1* weak-ssl-authentication http://online.securityfocus.com/archive/1/286290/2002-08-08/2002-08-14/2 kdelibs-2.2.2{,nb1} weak-ssl-authentication http://online.securityfocus.com/archive/1/286290/2002-08-08/2002-08-14/2 kdelibs-3.0.[12] weak-ssl-authentication http://online.securityfocus.com/archive/1/286290/2002-08-08/2002-08-14/2 arla<0.35.9 denial-of-service http://www.stacken.kth.se/lists/arla-drinkers/2002-08/msg00019.html arla<0.35.9 remote-root-shell http://www.stacken.kth.se/lists/arla-drinkers/2002-08/msg00019.html ethereal<0.9.6 remote-root-shell http://www.ethereal.com/appnotes/enpa-sa-00006.html bind<4.9.10 remote-root-shell http://www.kb.cert.org/vuls/id/738331 compat14<1.4.3.2 remote-root-shell http://www.kb.cert.org/vuls/id/738331 compat14-crypto<1.4.3.2 remote-root-shell http://www.kb.cert.org/vuls/id/738331 netbsd32_compat14<1.4.3.2 remote-root-shell http://www.kb.cert.org/vuls/id/738331 compat15<1.5.3.1 remote-root-shell http://www.kb.cert.org/vuls/id/738331 netbsd32_compat15<1.5.3.1 remote-root-shell http://www.kb.cert.org/vuls/id/738331 postgresql-server<7.2.2 remote-code-execution http://online.securityfocus.com/archive/1/288998 gaim<0.59.1 remote-code-execution http://sourceforge.net/tracker/index.php?func=detail&aid=584252&group_id=235&atid=100235 gaim-gnome<0.59.1 remote-code-execution http://sourceforge.net/tracker/index.php?func=detail&aid=584252&group_id=235&atid=100235 mozilla<1.1 remote-file-read http://archives.neohapsis.com/archives/bugtraq/2002-07/0259.html mozilla<1.1 remote-file-read http://www.geocities.co.jp/SiliconValley/1667/advisory03e.html freebsd_lib<=2.2.7 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html opera<6.03 remote-user-shell http://www.opera.com/linux/changelog/log603.html wmnet<1.06nb3 local-root-shell http://www.securiteam.com/unixfocus/5HP0F1P8AM.html apache-2.0.3[0-9]* denial-of-service http://www.apacheweek.com/issues/02-09-27#apache2042 apache-2.0.4[0-1]* denial-of-service http://www.apacheweek.com/issues/02-09-27#apache2042 fetchmail<6.1.0 remote-code-execution http://security.e-matters.de/advisories/032002.html unzip<=5.42 local-file-write http://online.securityfocus.com/archive/1/196445 apache-2.0.3[0-9]* remote-root-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0840 apache-2.0.4[0-2]* remote-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0840 net-snmp<5.0.5 denial-of-service http://sourceforge.net/forum/forum.php?forum_id=215540 sendmail<8.12.6nb1 local-user-shell http://www.sendmail.org/smrsh.adv.txt apache<1.3.27 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0843 apache<1.3.27 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0839 apache<1.3.27 local-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0840 apache6<1.3.27 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0843 apache6<1.3.27 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0839 apache6<1.3.27 local-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0840 gv<3.5.8nb2 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1569 logsurfer<1.5.2 local-user-shell http://www.cert.dfn.de/eng/team/wl/logsurf/ suse{,32}_base<7.3nb1 remote-code-execution http://www.suse.com/de/security/2002_031_glibc.html suse{,32}_devel<7.3nb1 remote-code-execution http://www.suse.com/de/security/2002_031_glibc.html kdegraphics<2.2.2nb2 remote-code-execution http://www.kde.org/info/security/advisory-20021008-1.txt kdegraphics-3.0.[123]* remote-code-execution http://www.kde.org/info/security/advisory-20021008-1.txt kdenetwork-3.0.[123]* remote-file-read http://www.kde.org/info/security/advisory-20021008-2.txt gtar-base<1.13.25 local-file-write http://online.securityfocus.com/archive/1/196445 kth-krb4<1.2.1 remote-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2002-002-kadm4.txt inn<2.3.3 local-user-shell http://online.securityfocus.com/bid/6049 inn<2.3.3 local-user-shell http://online.securityfocus.com/bid/4501 fetchmail<6.1.0 remote-user-shell http://online.securityfocus.com/bid/5825 fetchmail<6.1.0 denial-of-service http://online.securityfocus.com/bid/5826 fetchmail<6.1.0 remote-user-shell http://online.securityfocus.com/bid/5827 squirrelmail<1.2.8 remote-script-inject http://online.securityfocus.com/bid/5763 bind<4.9.10nb1 remote-root-shell http://www.isc.org/products/BIND/bind-security.html bind<8.3.3nb1 remote-root-shell http://www.isc.org/products/BIND/bind-security.html samba-2.2.[2-6]* remote-root-shell http://www.samba.org/samba/whatsnew/samba-2.2.7.html windowmaker<0.80.2 remote-user-shell http://www.windowmaker.org/ ssh<3.2.2 local-root-shell http://www.kb.cert.org/vuls/id/740619 w3m<0.3.2.1 remote-file-write http://mi.med.tohoku.ac.jp/%7Esatodai/w3m-dev/200211.month/3492.html w3m-img<0.3.2.1 remote-file-write http://mi.med.tohoku.ac.jp/%7Esatodai/w3m-dev/200211.month/3492.html Canna-server-bin<3.5.2nb3 remote-root-shell http://canna.sourceforge.jp/sec/Canna-2002-01.txt windowmaker<0.80.2 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1277 kdelibs-2.1.* remote-user-shell http://www.kde.org/info/security/advisory-20021111-1.txt kdelibs-2.2.1* remote-user-shell http://www.kde.org/info/security/advisory-20021111-1.txt kdelibs-2.2.2{,nb[123]} remote-user-shell http://www.kde.org/info/security/advisory-20021111-1.txt kdelibs-3.0.[123]* remote-user-shell http://www.kde.org/info/security/advisory-20021111-1.txt kdelibs-3.0.4 remote-user-shell http://www.kde.org/info/security/advisory-20021111-1.txt kdenetwork-2.[12]* remote-root-shell http://www.kde.org/info/security/advisory-20021111-2.txt kdenetwork-3.0.[123]* remote-root-shell http://www.kde.org/info/security/advisory-20021111-2.txt kdenetwork-3.0.4{,nb1} remote-root-shell http://www.kde.org/info/security/advisory-20021111-2.txt cyrus-imapd<2.0.17 remote-code-execution http://www.securityfocus.com/bid/6298 cyrus-imapd-2.1.9{,nb1} remote-code-execution http://www.securityfocus.com/bid/6298 imap-uw<2002.1rc1 remote-code-execution http://www.kb.cert.org/vuls/id/961489 cyrus-sasl-2.1.9{,nb[12]} remote-code-execution http://online.securityfocus.com/archive/1/302603 fetchmail<6.2.0 remote-code-execution http://security.e-matters.de/advisories/052002.html mysql-client<3.23.49nb2 remote-code-execution http://security.e-matters.de/advisories/042002.html mysql-server<3.23.49nb1 remote-code-execution http://security.e-matters.de/advisories/042002.html pine<4.50 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1320 w3m{,-img}<0.3.2.2 remote-file-read http://sourceforge.net/project/shownotes.php?group_id=39518&release_id=126233 ethereal<0.9.8 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00007.html wget<1.8.2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1344 wget<1.8.2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1345 ssh<=3.2.2 denial-of-service http://www.rapid7.com/advisories/R7-0009.txt cups<1.1.18 remote-root-shell http://www.idefense.com/advisory/12.19.02.txt png<1.2.5nb2 unknown ftp://swrinde.nde.swri.edu/pub/png-group/archives/png-implement.200212 leafnode<1.9.30 denial-of-service http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0123.html cups<1.1.18 local-code-execution http://online.securityfocus.com/bid/6475 xpdf<=2.01 local-code-execution http://online.securityfocus.com/bid/6475 mhonarc<2.5.14 cross-site-scripting http://www.mhonarc.org/archive/cgi-bin/mesg.cgi?a=mhonarc-users&i=200212220120.gBM1K8502180@mcguire.earlhood.com libmcrypt<2.5.5 remote-user-shell http://online.securityfocus.com/archive/1/305162/2003-01-01/2003-01-07/0 kdebase<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdegames<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdegraphics<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdelibs<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdemultimedia<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdenetwork<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdepim<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdesdk<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdeutils<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt cvs<1.11.4nb1 remote-file-write https://ccvs.cvshome.org/servlets/NewsItemView?newsItemID=51 gabber<0.8.7nb4 privacy-leak http://online.securityfocus.com/archive/1/307430 spamassassin<2.43nb2 remote-code-execution http://cert.uni-stuttgart.de/archive/bugtraq/2003/01/msg00254.html p5-Mail-SpamAssassin<2.43nb2 remote-code-execution http://cert.uni-stuttgart.de/archive/bugtraq/2003/01/msg00254.html squirrelmail<1.2.11 cross-site-scripting http://www.squirrelmail.org/ openssl<0.9.6gnb1 weak-encryption http://www.openssl.org/news/secadv_20030219.txt php-4.1.[3-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 php-4.2.[0-2]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 php-4.2.3{,nb1} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 sendmail<8.11.6nb3 remote-code-execution http://www.cert.org/advisories/CA-2003-07.html sendmail-8.12.[0-7] remote-code-execution http://www.cert.org/advisories/CA-2003-07.html sendmail-8.12.[0-7]nb* remote-code-execution http://www.cert.org/advisories/CA-2003-07.html snort<1.9.1 remote-code-execution http://www.kb.cert.org/vuls/id/916785 snort-pgsql<1.9.1 remote-code-execution http://www.kb.cert.org/vuls/id/916785 snort-mysql<1.9.1 remote-code-execution http://www.kb.cert.org/vuls/id/916785 hypermail<2.1.7 remote-code-execution http://www.hypermail.org/mail-archive/2003/Feb/0025.html zlib<1.1.4nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0107 ethereal-0.8.[7-9] remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00008.html ethereal-0.9.[0-9] remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00008.html qpopper<4.0.5 remote-user-shell http://archives.neohapsis.com/archives/bugtraq/2003-03/0152.html ircII<20030313 remote-code-execution http://eterna.com.au/ircii/ samba<2.2.8 remote-code-execution http://us1.samba.org/samba/whatsnew/samba-2.2.8.html openssl<0.9.6gnb2 remote-key-theft http://www.openssl.org/news/secadv_20030317.txt openssl<0.9.6gnb2 remote-use-of-secret http://www.openssl.org/news/secadv_20030319.txt mutt<1.4.1 remote-code-execution http://www.securityfocus.com/archive/1/315771/2003-03-19/2003-03-25/0 rxvt<2.7.10 remote-code-execution http://marc.theaimsgroup.com/?l=bugtraq&m=104612710031920&w=2 eterm<0.9.2 remote-code-execution http://marc.theaimsgroup.com/?l=bugtraq&m=104612710031920&w=2 apcupsd<3.8.6 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1396 apcupsd-3.10.[0-4] remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1396 ap-php-4.1.[3-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 ap-php-4.2.[0-2]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 ap-php-4.2.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 ja-samba<2.2.7.1.1.1 remote-code-execution http://www.samba.gr.jp/news-release/2003/20030317-2.html bitchx<1.0.3.19nb1 remote-code-execution http://www.securityfocus.com/archive/1/315057 apache-2.0.[0-3][0-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0132 apache-2.0.4[0-4] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0132 apcupsd<3.8.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0099 apcupsd-3.10.[0-4] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0099 setiathome<3.08 remote-code-execution http://spoor12.edup.tudelft.nl/SkyLined%20v4.2/?Advisories/Seti@home samba<=2.2.8 remote-root-access http://lists.samba.org/pipermail/samba-announce/2003-April/000065.html mgetty+sendfax<1.1.29 file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1392 mgetty+sendfax<1.1.29 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1391 ja-samba<2.2.7.2.1.0 remote-code-execution http://www.samba.gr.jp/news-release/2003/20030409-2.html kde<3.1.1nb1 remote-code-execution http://www.kde.org/info/security/advisory-20030409-1.txt kdelibs<3.1.1nb1 remote-code-execution http://www.kde.org/info/security/advisory-20030409-1.txt kdebase<3.1.1nb1 remote-code-execution http://www.kde.org/info/security/advisory-20030409-1.txt kdegraphics<3.1.1nb2 remote-code-execution http://www.kde.org/info/security/advisory-20030409-1.txt snort<2.0.0 remote-code-execution http://www.securityfocus.com/archive/1/318669 snort-pgsql<2.0.0 remote-code-execution http://www.securityfocus.com/archive/1/318669 snort-mysql<2.0.0 remote-code-execution http://www.securityfocus.com/archive/1/318669 poppassd<4.0.5nb1 local-root-shell http://www.securityfocus.com/archive/1/319811/2003-04-26/2003-05-02/0 ethereal<0.9.12 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00009.html gnupg<1.2.2 weak-authentication http://www.securityfocus.com/archive/1/320444 lv<4.49.5 local-code-execution http://bugs.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=190941 bitchx<1.0.3.19nb2 denial-of-service http://www.securityfocus.com/archive/1/321093 suse{,32}_libpng<7.3nb1 remote-user-shell http://www.suse.com/de/security/2003_004_libpng.html apache-2.0.3[7-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0245 apache-2.0.4[0-5] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0245 suse{,32}_base<7.3nb4 remote-code-execution http://www.suse.com/de/security/2003_027_glibc.html suse{,32}_devel<7.3nb2 remote-code-execution http://www.suse.com/de/security/2003_027_glibc.html cups<1.1.19 denial-of-service http://www.cups.org/str.php?L75 speakfreely<=7.5 remote-code-execution http://www.securityfocus.com/archive/1/324257/2003-06-06/2003-06-12/0 ethereal<0.9.13 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00010.html xpdf<2.02pl1 remote-code-execution http://lists.netsys.com/pipermail/full-disclosure/2003-June/010397.html acroread5<5.07 remote-code-execution http://lists.netsys.com/pipermail/full-disclosure/2003-June/010397.html acroread5<5.08 remote-user-shell http://lists.netsys.com/pipermail/full-disclosure/2003-July/006342.html ImageMagick<5.5.7.1 local-symlink-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0455 apache-2.0.3[7-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0253 apache-2.0.4[0-6] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0253 falcons-eye<1.9.3nb3 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0358 xconq<7.4.1nb1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0607 mhonarc<2.6.4 cross-site-scripting http://savannah.nongnu.org/bugs/?func=detailbug&bug_id=3128&group_id=1968 wu-ftpd<2.6.2nb1 remote-root-shell http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt lftp<2.5.3 remote-user-shell http://freshmeat.net/releases/87364/ postfix<1.1.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0468 postfix<1.1.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0540 xfstt<1.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0581 xfstt<1.5.1 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0625 stunnel<3.25 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1563 stunnel-4.0[0-3]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1563 ssh2<3.2.5 weak-authentication http://www.ssh.com/company/newsroom/article/454/ horde<2.2.4rc1 privacy-leak http://www.securityfocus.com/archive/1/333114/2003-08-13/2003-08-19/0 imp<3.2.2rc1 privacy-leak http://www.securityfocus.com/archive/1/333114/2003-08-13/2003-08-19/0 gopher<3.0.6 remote-root-shell http://www.securityfocus.com/archive/1/328843/2003-08-18/2003-08-24/2 unzip<5.50nb2 weak-path-validation http://www.securityfocus.com/archive/1/334070/2003-08-18/2003-08-24/2 xmule-[0-9]* remote-user-shell http://lists.netsys.com/pipermail/full-disclosure/2003-August/008449.html sendmail-8.12.[0-8]nb* denial-of-service http://www.sendmail.org/dnsmap1.html exim<3.36 remote-code-execution http://www.exim.org/pipermail/exim-announce/2003q3/000094.html exim>=4<4.22 remote-code-execution http://www.exim.org/pipermail/exim-announce/2003q3/000094.html leafnode<1.9.42 denial-of-service http://www.securityfocus.com/archive/1/336186 p5-Apache-Gallery<0.7 local-user-shell http://www.securityfocus.com/archive/1/336583/2003-09-06/2003-09-12/0 pine<4.58 remote-code-execution http://www.idefense.com/advisory/09.10.03.txt net-snmp<5.0.9 privacy-leak http://sourceforge.net/forum/forum.php?forum_id=308015 gtkhtml<1.1.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0541 sane-backends<1.0.11 weak-authentication http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0773 sane-backends<1.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0774 sane-backends<1.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0775 sane-backends<1.0.11 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0776 sane-backends<1.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0777 sane-backends<1.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0778 apache<1.3.28 denial-of-service http://www.kb.cert.org/vuls/id/379828 apache6<1.3.28 denial-of-service http://www.kb.cert.org/vuls/id/379828 mysql-server<3.23.49nb5 remote-code-execution http://lists.netsys.com/pipermail/full-disclosure/2003-September/009819.html openssh<3.7.1 denial-of-service http://www.openssh.org/txt/buffer.adv openssh+gssapi<3.6.1.2.20030430nb2 denial-of-service http://www.openssh.org/txt/buffer.adv sendmail<8.12.10 unknown http://www.sendmail.org/8.12.10.html thttpd<2.23.0.1nb1 remote-code-execution http://marc.theaimsgroup.com/?l=thttpd&m=106402145912879&w=2 openssh<3.7.1.2 remote-code-execution http://www.openssh.com/txt/sshpam.adv proftpd<1.2.8nb2 remote-root-shell http://xforce.iss.net/xforce/alerts/id/154 cfengine-2.0.[0-7]* remote-code-execution http://www.securityfocus.com/archive/1/339083/2003-09-22/2003-09-28/0 mplayer<1.0rc1nb1 remote-code-execution http://www.mplayerhq.hu/homepage/news.html#vuln01 gmplayer<1.0rc1nb1 remote-code-execution http://www.mplayerhq.hu/homepage/news.html#vuln01 marbles<1.0.2nb3 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0830 ncftp3<3.1.6 remote-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1345 openssl<0.9.6k remote-root-shell http://www.openssl.org/news/secadv_20030930.txt vmware3<3.2.1pl1 local-root-shell http://marc.theaimsgroup.com/?l=gentoo-announce&m=106181867621048&w=2 fetchmail<6.2.4nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0790 kdelibs<2.2.2 denial-of-service http://www.kde.org/info/security/ kdebase<2.2.2 remote-code-execution http://www.kde.org/info/security/ kdebase<2.2.2 denial-of-service http://www.kde.org/info/security/ kdebase<2.2.2 remote-code-execution http://www.kde.org/info/security/ silc-client<0.9.13 denial-of-service http://silcnet.org/txt/security_20031016_1.txt silc-server<0.9.14 denial-of-service http://silcnet.org/txt/security_20031016_1.txt sylpheed-claws-0.9.4{,nb1} denial-of-service http://www.guninski.com/sylph.html vtun<2.6nb1 privacy-leak ftp://ftp.netbsd.org/pub/NetBSD/packages/distfiles/LOCAL_PORTS/vtun-26to30.patch libnids<=1.17 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0850 apache<1.3.28nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0542 apache6<1.3.28nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0542 apache-2.0.[0-3][0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0254 apache-2.0.4[0-7] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0254 sun-{jre,jdk}13<1.0.9 privilege-escalation http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57221&zone_32=category%3Asecurity sun-{jre,jdk}14<2.0 privilege-escalation http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57221&zone_32=category%3Asecurity thttpd<2.24 remote-code-execution http://www.texonet.com/advisories/TEXONET-20030908.txt coreutils<5.0nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0853 coreutils<5.0nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0854 hylafax<4.1.8 remote-code-execution http://www.securiteam.com/unixfocus/6O00D0K8UI.html quagga<0.96.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0795 zebra<0.93bnb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0795 pan<0.13.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0855 ethereal<0.9.15 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00011.html mozilla{,-bin}<1.5 remote-code-execution http://www.mozilla.org/projects/security/known-vulnerabilities.html screen<4.0.1nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0972 gnupg<1.2.3nb2 weak-authentication http://lists.gnupg.org/pipermail/gnupg-announce/2003q4/000276.html rsync<2.5.7 remote-user-shell http://www.mail-archive.com/rsync@lists.samba.org/msg08782.html audit-packages<1.26 no-exploit-but-less-integrity-so-please-upgrade http://mail-index.netbsd.org/tech-pkg/2003/11/30/0001.html cvs<1.11.10 remote-file-write https://ccvs.cvshome.org/servlets/NewsItemView?newsItemID=84 lftp<2.6.10 remote-code-execution http://lists.netsys.com/pipermail/full-disclosure/2003-December/014824.html opera<7.23 remote-file-delete http://opera.rainyblue.org/modules/cjaycontent/index.php?id=1 mgetty+sendfax<=1.1.30 file-permissions http://mail-index.netbsd.org/tech-pkg/2003/11/18/0003.html cvs<1.11.11 privilege-escalation https://ccvs.cvshome.org/servlets/NewsItemView?newsItemID=88 ethereal<0.10.0 denial-of-service http://www.ethereal.com/appnotes/enpa-sa-00012.html bind<8.4.3 cache-poisoning http://www.kb.cert.org/vuls/id/734644 mpg321<0.2.10nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0969 mailman<2.1.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0965 racoon<20040116a remote-sa-delete http://www.securityfocus.com/archive/1/349756 gaim<0.75nb1 remote-code-execution http://security.e-matters.de/advisories/012004.html freeradius<0.9.3 denial-of-service http://www.freeradius.org/security.html#0.9.2 libtool-base<1.5.2nb3 local-symlink-race http://www.securityfocus.com/archive/1/352519 jitterbug<1.6.2nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0028 mpg123<0.59.18nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0865 mpg123-esound<0.59.18nb1 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0865 mpg123-nas<0.59.18nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0865 clamav<0.66 denial-of-service http://www.securityfocus.com/archive/1/353186 mutt<1.4.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0078 metamail<2.7nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0104 xboing<2.4nb2 privilege-escalation http://www.debian.org/security/2004/dsa-451 libxml2<2.6.6 remote-user-shell http://lists.gnome.org/archives/xml/2004-February/msg00070.html automake<1.8.3 privilege-escalation http://www.securityfocus.com/archive/1/356574/2004-03-05/2004-03-11/2 apache-2.0.? denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0113 apache-2.0.[0-3][0-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0113 apache-2.0.4[0-8] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0113 apache-2.0.? denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174 apache-2.0.[0-3][0-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174 apache-2.0.4[0-8] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174 apache-2.0.? remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020 apache-2.0.[0-3][0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020 apache-2.0.4[0-8] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020 apache<1.3.29nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020 apache6<1.3.29nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020 gdk-pixbuf<0.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0111 openssl<0.9.6l denial-of-service http://www.openssl.org/news/secadv_20031104.txt openssl<0.9.6m denial-of-service http://www.openssl.org/news/secadv_20040317.txt isakmpd<=20030903nb1 denial-of-service http://www.rapid7.com/advisories/R7-0018.html ghostscript-gnu<7.07 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0354 ghostscript-gnu-nox11<7.07 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0354 ghostscript-gnu-x11<7.07 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0354 python22<2.2.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0150 python22-pth<2.2.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0150 squid<2.5.5 weak-acl-enforcement http://www.squid-cache.org/Advisories/SQUID-2004_1.txt ethereal<0.10.3 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00013.html mplayer<1.0rc3nb2 remote-code-execution http://www.securityfocus.com/archive/1/359025 gmplayer<1.0rc3nb2 remote-code-execution http://www.securityfocus.com/archive/1/359025 mencoder<1.0rc3nb2 remote-code-execution http://www.securityfocus.com/archive/1/359025 heimdal<0.6.1 remote-trust http://www.pdc.kth.se/heimdal/advisory/2004-04-01/ uulib<0.5.20 archive-code-execution http://www.securityfocus.com/bid/9758 racoon<20040408a weak-authentication http://www.vuxml.org/freebsd/d8769838-8814-11d8-90d1-0020ed76ef5a.html xchat<1.8.11nb7 remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html xchat-2.0.[0-7] remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html xchat-2.0.[0-7]nb* remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html xchat-2.0.8 remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html xchat-2.0.8nb1 remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html xchat-gnome<1.8.11nb7 remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html cvs<1.11.15 remote-file-write https://ccvs.cvshome.org/servlets/NewsItemView?newsItemID=102 neon<0.24.5 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0179 tla<1.2.1rc1 remote-code-execution http://marc.theaimsgroup.com/?l=openpkg-announce&m=108213423102539&w=2 cadaver<0.22.1 remote-code-execution http://marc.theaimsgroup.com/?l=openpkg-announce&m=108213423102539&w=2 lha<1.14i local-code-execution http://www2m.biglobe.ne.jp/~dolphin/lha/lha-unix.htm mplayer>=1.0rc0<1.0rc4 remote-code-execution http://www.mplayerhq.hu/homepage/design6/news.html xine-lib-1rc[0-2]* remote-file-write http://www.xinehq.de/index.php/security/XSA-2004-1 xine-lib-1rc3[ab]* remote-file-write http://www.xinehq.de/index.php/security/XSA-2004-1 rsync<2.6.1 remote-file-write http://rsync.samba.org/#security_apr04 exim<3.36nb2 remote-code-execution http://www.guninski.com/exim1.html exim>=4<4.30 remote-code-execution http://www.guninski.com/exim1.html exim-exiscan-4.[0-2]* remote-code-execution http://www.guninski.com/exim1.html pine<4.58nb4 local-symlink-race http://www.NetBSD.org/cgi-bin/query-pr-single.pl?number=22226 xine-lib-1rc[0-3]* remote-file-write http://www.xinehq.de/index.php/security/XSA-2004-3 global<4.6 remote-exec http://savannah.gnu.org/forum/forum.php?forum_id=2029 opera<7.50 remote-file-write http://www.idefense.com/application/poi/display?id=104&type=vulnerabilities&flashstatus=true lha<114.9nb2 remote-code-execution http://www.securityfocus.com/bid/10243 apache<1.3.31 weak-authentication http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0987 apache<1.3.31 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0993 apache<1.3.31 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174 apache6<1.3.31 weak-authentication http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0987 apache6<1.3.31 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0993 apache6<1.3.31 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174 kdelibs<3.2.2nb2 remote-file-write http://www.kde.org/info/security/advisory-20040517-1.txt subversion-base<1.0.3 denial-of-service http://subversion.tigris.org/servlets/ReadMsg?list=announce&msgNo=125 subversion-base<1.0.3 remote-code-execution http://subversion.tigris.org/servlets/ReadMsg?list=announce&msgNo=125 ap{2,22}-subversion<1.0.3 denial-of-service http://subversion.tigris.org/servlets/ReadMsg?list=announce&msgNo=125 ap{2,22}-subversion<1.0.3 remote-code-execution http://subversion.tigris.org/servlets/ReadMsg?list=announce&msgNo=125 neon<0.24.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0398 cvs-1.11.[0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0396 cvs-1.11.1[0-5] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0396 cadaver<0.22.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0398 ap-ssl<2.8.18 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0488 squirrelmail<1.4.3 cross-site-scripting http://www.securityfocus.com/bid/10246/ ethereal<0.10.4 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00014.html apache-2.0.49{,nb1} remote-code-execution http://www.securityfocus.com/bid/10355 roundup<0.7.3 remote-file-read http://cvs.sourceforge.net/viewcvs.py/*checkout*/roundup/roundup/CHANGES.txt?rev=1.533.2.21 cvs-1.11.[0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0416 cvs-1.11.[0-9]nb* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0416 cvs-1.11.1[0-6]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0416 subversion-base<1.0.5 denial-of-service http://www.contactor.se/~dast/svn/archive-2004-06/0331.shtml racoon<20040617a weak-authentication http://www.securitytracker.com/alerts/2004/Jun/1010495.html mit-krb5<1.3.4 remote-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-001-an_to_ln.txt imp<3.2.4 cross-site-scripting http://securityfocus.com/bid/10501/info/ gmplayer<1.0rc4nb2 remote-code-execution http://www.open-security.org/advisories/5 ethereal<0.10.5 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00015.html courier-auth<0.45 remote-code-execution http://www.securityfocus.com/bid/9845 courier-imap<3.0.0 remote-code-execution http://www.securityfocus.com/bid/9845 sqwebmail<4.0.0 remote-code-execution http://www.securityfocus.com/bid/9845 ap-ssl<2.8.19 remote-code-execution http://www.mail-archive.com/modssl-users@modssl.org/msg16853.html ap{2,22}-subversion<1.0.6 weak-acl-enforcement http://www.contactor.se/~dast/svn/archive-2004-07/0814.shtml samba<2.2.10 remote-code-execution http://www.samba.org/samba/whatsnew/samba-2.2.10.html samba-3.0.[0-4]{,a*,nb?} remote-code-execution http://www.samba.org/samba/whatsnew/samba-3.0.5.html ja-samba<2.2.9.1.0nb1 remote-code-execution http://www.samba.org/samba/whatsnew/samba-2.2.10.html acroread5<5.09 arbitrary-code-execution http://kb2.adobe.com/cps/322/322914.html png<1.2.6rc1 remote-code-execution http://scary.beasts.org/security/CESA-2004-001.txt suse{,32}_libpng-7.3{,nb1} remote-code-execution http://scary.beasts.org/security/CESA-2004-001.txt suse{,32}_libpng-9.1 remote-code-execution http://scary.beasts.org/security/CESA-2004-001.txt suse{,32}_libpng<=6.4 remote-code-execution http://scary.beasts.org/security/CESA-2004-001.txt mozilla{,-gtk2}{,-bin}<1.7.2 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0763 mozilla{,-gtk2}{,-bin}<1.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0758 MozillaFirebird{,-gtk2}{,-bin}<0.9.3 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0763 firefox{,-gtk2}{,-bin}<0.9.3 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0763 MozillaFirebird{,-gtk2}{,-bin}<0.9.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0758 firefox{,-gtk2}{,-bin}<0.9.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0758 thunderbird{,-gtk2}{,-bin}<0.7.2 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0763 thunderbird{,-gtk2}{,-bin}<0.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0758 cfengine-2.0.* remote-code-execution http://www.securityfocus.org/advisories/7045 cfengine-2.1.[0-7] remote-code-execution http://www.securityfocus.org/advisories/7045 spamassassin<2.64 denial-of-service http://marc.theaimsgroup.com/?l=spamassassin-announce&m=109168121628767&w=2 kdelibs<3.2.3nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0689 kdelibs<3.2.3nb2 local-account-compromise http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0690 kdelibs<3.2.3nb2 http-frame-spoof http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721 kdebase<3.2.3nb1 http-frame-spoof http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721 opera<7.54 remote-file-read http://www.greymagic.com/security/advisories/gm008-op/ opera<7.54 www-address-spoof http://secunia.com/advisories/12162/ rsync<2.6.2nb1 remote-file-access http://samba.org/rsync/#security_aug04 lukemftpd-[0-9]* remote-root-access ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2004-009.txt.asc tnftpd<20040810 remote-root-access ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2004-009.txt.asc demime<1.1d denial-of-service http://scifi.squawk.com/demime.html kdelibs<3.2.3nb2 www-session-fixation http://www.kde.org/info/security/advisory-20040823-1.txt fidogate<4.4.9nb1 local-file-write http://sourceforge.net/tracker/index.php?func=detail&aid=1013726&group_id=10739&atid=310739 qt3-libs<3.3.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0691 gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=0 gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=1 gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=2 gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=3 gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=4 gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=5 gaim<0.82 denial-of-service http://gaim.sourceforge.net/security/index.php?id=6 zlib<1.2.1nb2 denial-of-service http://www.openpkg.org/security/OpenPKG-SA-2004.038-zlib.html imlib2<1.1.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0802 mit-krb5<1.3.4nb2 remote-code-execution http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-002-dblfree.txt mit-krb5<1.3.4nb2 denial-of-service http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-003-asn1.txt mpg123<0.59.18nb4 remote-user-shell http://www.securityfocus.com/archive/1/374433 mpg123-esound<0.59.18nb2 remote-user-shell http://www.securityfocus.com/archive/1/374433 mpg123-nas<0.59.18nb4 remote-user-shell http://www.securityfocus.com/archive/1/374433 apache-2.0.[0-4]* denial-of-service http://issues.apache.org/bugzilla/show_bug.cgi?id=29964 apache-2.0.50 denial-of-service http://issues.apache.org/bugzilla/show_bug.cgi?id=29964 apache-2.0.[0-4]* denial-of-service http://issues.apache.org/bugzilla/show_bug.cgi?id=30134 apache-2.0.50 denial-of-service http://issues.apache.org/bugzilla/show_bug.cgi?id=30134 samba-3.0.[0-6]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0807 samba-3.0.[0-6]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0808 heimdal<0.6.3 remote-root-access http://www.pdc.kth.se/heimdal/advisory/2004-09-13/ MozillaFirebird{,-gtk2}{,-bin}<0.10 remote-code-execution http://secunia.com/advisories/12526/ firefox<0.10 remote-code-execution http://secunia.com/advisories/12526/ firefox-bin<0.10 remote-code-execution http://secunia.com/advisories/12526/ firefox-gtk2<0.10 remote-code-execution http://secunia.com/advisories/12526/ firefox-gtk2-bin<0.10 remote-code-execution http://secunia.com/advisories/12526/ mozilla<1.7.3 remote-code-execution http://secunia.com/advisories/12526/ mozilla-bin<1.7.3 remote-code-execution http://secunia.com/advisories/12526/ mozilla-gtk2<1.7.3 remote-code-execution http://secunia.com/advisories/12526/ thunderbird<0.8 remote-code-execution http://secunia.com/advisories/12526/ thunderbird-bin<0.8 remote-code-execution http://secunia.com/advisories/12526/ thunderbird-gtk2<0.8 remote-code-execution http://secunia.com/advisories/12526/ xpm<3.4knb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687 xpm<3.4knb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688 XFree86-libs<4.4.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687 XFree86-libs<4.4.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688 xorg-libs<6.7.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687 xorg-libs<6.7.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688 openmotif<2.1.30nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687 openmotif<2.1.30nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688 sudo-1.6.8 local-file-read http://www.sudo.ws/sudo/alerts/sudoedit.html apache-2.0.[0-4]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0747 apache-2.0.50 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0747 apache-2.0.50nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0747 gdk-pixbuf<0.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0753 gtk2+<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0753 gdk-pixbuf<0.22 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0782 gtk2+<2.4.10 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0782 gdk-pixbuf<0.22 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0783 gtk2+<2.4.10 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0783 gdk-pixbuf<0.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0788 gtk2+<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0788 wv<=1.0.0nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0645 apache-2.0.51 weak-acl-enforcement http://nagoya.apache.org/bugzilla/show_bug.cgi?id=31315 apache-1.3.2[5-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache-1.3.30* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache-1.3.31{,nb[1-4]} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache<1.3.33 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0940 apache6-1.3.2[5-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache6-1.3.30* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache6-1.3.31{,nb[1-4]} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache6<1.3.33 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0940 ImageMagick<6.0.6.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0827 ap{2,22}-subversion<1.0.8 metadata-leak http://subversion.tigris.org/security/CAN-2004-0749-advisory.txt squid<2.5.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0832 MozillaFirebird{,-gtk2}{,-bin}<0.10.1 local-file-write http://www.mozilla.org/press/mozilla-2004-10-01-02.html firefox<0.10.1 local-file-write http://www.mozilla.org/press/mozilla-2004-10-01-02.html firefox-bin<0.10.1 local-file-write http://www.mozilla.org/press/mozilla-2004-10-01-02.html firefox-gtk2<0.10.1 local-file-write http://www.mozilla.org/press/mozilla-2004-10-01-02.html firefox-gtk2-bin<0.10.1 local-file-write http://www.mozilla.org/press/mozilla-2004-10-01-02.html gzip-base<1.2.4b remote-code-execution http://www.securityfocus.com/bid/3712 squid<2.5.7 denial-of-service http://www.idefense.com/application/poi/display?id=152&type=vulnerabilities tiff<3.6.1nb4 remote-code-execution http://scary.beasts.org/security/CESA-2004-006.txt tiff<3.6.1nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0804 tiff<3.6.1nb4 denial-of-service http://securitytracker.com/id?1011674 ap-ssl<2.8.20 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 sox<12.17.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0557 ssmtp<2.61 remote-user-access http://lists.debian.org/debian-security-announce-2004/msg00084.html kdegraphics-3.2.* denial-of-service http://www.kde.org/info/security/advisory-20041021-1.txt kdegraphics-3.3.{0,0nb1,1} denial-of-service http://www.kde.org/info/security/advisory-20041021-1.txt samba-2.2.[1-9] denial-of-service http://us1.samba.org/samba/history/samba-2.2.11.html samba-2.2.10 denial-of-service http://us1.samba.org/samba/history/samba-2.2.11.html samba-2.2.[1-9] remote-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0815 samba-2.2.{10,11} remote-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0815 ja-samba<2.2.12.0.9.1 remote-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0815 postgresql-server-7.3.[1-7]{,nb*} local-symlink-race http://www.postgresql.org/about/news.234 postgresql73-server-7.3.[1-7]{,nb*} local-symlink-race http://www.postgresql.org/about/news.234 postgresql74-server-7.4.[1-5]{,nb*} local-symlink-race http://www.postgresql.org/about/news.234 cabextract<1.1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0916 mpg123<0.59.18nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0982 mpg123-esound<0.59.18nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0982 mpg123-nas<0.59.18nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0982 socat<1.4.0.3 privilege-escalation http://www.nosystem.com.ar/advisories/advisory-07.txt ruby-base<1.6.8nb7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0983 gnats<4 privilege-escalation http://www.securityfocus.com/archive/1/326337 mozilla<1.7.3nb2 local-file-write http://secunia.com/advisories/12956/ mozilla-bin<1.7.3nb1 local-file-write http://secunia.com/advisories/12956/ mozilla-gtk2<1.7.3nb2 local-file-write http://secunia.com/advisories/12956/ MozillaFirebird{,-gtk2}{,-bin}<1.0 local-file-write http://secunia.com/advisories/12956/ firefox<1.0 local-file-write http://secunia.com/advisories/12956/ firefox-bin<1.0 local-file-write http://secunia.com/advisories/12956/ firefox-gtk2<1.0 local-file-write http://secunia.com/advisories/12956/ firefox-gtk2-bin<1.0 local-file-write http://secunia.com/advisories/12956/ thunderbird<0.8nb1 local-file-write http://secunia.com/advisories/12956/ thunderbird-gtk2<0.8nb1 local-file-write http://secunia.com/advisories/12956/ thunderbird-bin<0.8nb1 local-file-write http://secunia.com/advisories/12956/ sudo<1.6.8pl3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1051 gnats<4.0.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0623 freeradius<1.0.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0938 freeradius<1.0.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0960 freeradius<1.0.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0961 samba<2.2.12nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0930 samba<2.2.12nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0882 samba<2.2.12nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1154 samba-3.0.[0-6]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0930 samba-3.0.[0-7]{,nb*} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0882 samba-3.0.[0-9]{,nb*} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1154 ja-samba-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0930 ja-samba<2.2.12.0.9.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0882 ja-samba<2.2.12.0.9.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1154 squirrelmail<1.4.3anb1 cross-site-scripting http://article.gmane.org/gmane.mail.squirrelmail.user/21169 ja-squirrelmail<1.4.3anb3 cross-site-scripting http://article.gmane.org/gmane.mail.squirrelmail.user/21169 snownews<1.5 unsafe-umask http://kiza.kcore.de/software/snownews/changes#150 liferea<0.6.2 unsafe-umask http://sourceforge.net/project/shownotes.php?release_id=282434 libxml2<2.6.14 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0989 libxml<1.8.17nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0989 sun-{jre,jdk}14<2.6 remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1 sun-{jre,jdk}13<1.0.12nb1 remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1 xpdf<3.00pl1 remote-code-execution http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml php-curl<4.3.2 local-file-read http://www.securityfocus.com/bid/11557 jabberd-2.0s[23]* remote-code-execution http://www.securityfocus.com/archive/1/382250 jabberd-2.0s4 remote-code-execution http://www.securityfocus.com/archive/1/382250 jabberd<1.4.2nb4 denial-of-service http://www.securityfocus.com/archive/1/375955 imlib<1.9.15 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1025 imlib<1.9.15nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1026 kdelibs<3.3.2nb1 plain-text-password-exposure http://www.kde.org/info/security/advisory-20041209-1.txt kdegraphics<3.3.2 denial-of-service http://www.kde.org/info/security/advisory-20041209-2.txt kdelibs<3.3.2nb2 cross-site-scripting http://www.kde.org/info/security/advisory-20041213-1.txt kdebase<3.3.2nb1 cross-site-scripting http://www.kde.org/info/security/advisory-20041213-1.txt phpmyadmin-2.6.0-pl2 remote-code-execution http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4 phpmyadmin-2.6.0pl2 remote-code-execution http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4 phpmyadmin-2.[4-5]* remote-file-read http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4 phpmyadmin-2.6.0 remote-file-read http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4 phpmyadmin-2.6.0pl2 remote-file-read http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4 phpmyadmin-2.6.0-pl* remote-file-read http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4 namazu<2.0.14 cross-site-scripting http://www.namazu.org/security.html.en {ap-,}php<4.3.10 remote-code-execution http://www.hardened-php.net/advisories/012004.txt {ap-,}php-5.0.2* remote-code-execution http://www.hardened-php.net/advisories/012004.txt {ap-,}php<4.3.10 local-code-execution http://www.hardened-php.net/advisories/012004.txt {ap-,}php-5.0.2* local-code-execution http://www.hardened-php.net/advisories/012004.txt cyrus-imapd-2.2.[4-8]{,nb*} remote-code-execution http://security.e-matters.de/advisories/152004.txt cyrus-imapd-2.2.[0-5]{,nb*} remote-code-execution http://security.e-matters.de/advisories/152004.txt cyrus-imapd-2.2.[0-7]{,nb*} remote-code-execution http://security.e-matters.de/advisories/152004.txt cyrus-imapd-2.2.[7-8]{,nb*} remote-code-execution http://security.e-matters.de/advisories/152004.txt cyrus-imapd-2.2.[0-9]{,nb*} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0546 cyrus-imapd-2.2.1[0-1]{,nb*} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0546 cyrus-imapd<2.1.18 remote-code-execution http://security.e-matters.de/advisories/152004.txt cyrus-imapd<2.1.18 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0546 ethereal-0.9.* remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00016.html ethereal-0.10.[0-7]{,nb*} remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00016.html tcpdump<3.8.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0989 tcpdump<3.8.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0057 tcpdump<3.8.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0183 tcpdump<3.8.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0184 mc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0226 gmc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0226 mc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0231 gmc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0231 mc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0232 gmc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0232 netpbm<9.26 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0924 pwlib<1.6.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0097 leafnode<1.9.48 denial-of-service http://leafnode.sourceforge.net/leafnode-SA-2004-01 lbreakout<2.4beta2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0158 ap-python<2.7.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0973 logcheck<1.1.1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0404 zope<2.5.2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0688 flim<1.14.3 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0422 gnome-vfs<1.0.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0494 cups<1.1.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0558 openoffice<1.1.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0752 openoffice-linux<1.1.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0752 imlib<1.9.15 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0817 apache-2.0.51* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0811 mysql-server<3.23.59 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835 mysql-server-4.0.[0-9] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835 mysql-server-4.0.[0-9]nb* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835 mysql-server-4.0.1[0-8] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835 mysql-server-4.0.1[0-8]nb* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835 mysql-server-4.1.[01] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835 mysql-server-4.1.[01]nb* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835 mysql-server<3.23.49 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836 mysql-server-4.0.[0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836 mysql-server-4.0.[0-9]nb* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836 mysql-server-4.0.1[0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836 mysql-server-4.0.1[0-9]nb* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836 mysql-server-4.0.20 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836 mysql-server-4.0.20nb* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836 mysql-server<3.23.49 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837 mysql-server-4.0.[0-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837 mysql-server-4.0.[0-9]nb* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837 mysql-server-4.0.1[0-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837 mysql-server-4.0.1[0-9]nb* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837 mysql-server-4.0.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837 mysql-server-4.0.20nb* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837 cyrus-sasl<2.1.19 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0884 cups<1.1.21 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0888 cups<1.1.21 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0889 cups<1.1.21 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0923 apache-2.0.3[5-9] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 apache-2.0.3[5-9]nb* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 apache-2.0.4[0-9] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 apache-2.0.4[0-9]nb* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 apache-2.0.5[0-2] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 apache-2.0.5[0-2]nb[1-4] weak-cryptography http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 openmotif<2.1.30nb3 denial-of-service http://www.ics.com/developers/index.php?cont=xpm_security_alert catdoc<0.91.5-2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0193 gd<2.0.22 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0941 gd<2.0.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0990 ImageMagick<6.1.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0981 lesstif<0.93.96 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687 lesstif<0.93.96 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688 lesstif<0.94.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914 xorg-libs<6.8.1nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914 XFree86-libs<4.4.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914 xpm<3.4nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914 groff<1.19.1nb2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0969 zip<2.3nb3 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1010 openssl<0.9.6mnb2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0975 mplayer<1.0rc5pl2 remote-code-execution http://www.idefense.com/application/poi/display?id=166&type=vulnerabilities mplayer<1.0rc5pl2 remote-code-execution http://www.idefense.com/application/poi/display?id=167&type=vulnerabilities mplayer<1.0rc5pl2 remote-code-execution http://www.idefense.com/application/poi/display?id=168&type=vulnerabilities cscope<15.4nb4 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0996 acroread5<5.10 remote-code-execution http://www.adobe.com/support/techdocs/331153.html a2ps<4.13.0.2nb5 unsafe-shell-escape http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1170 a2ps<4.13.0.2nb7 local-symlink-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1377 mc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1023 tiff<3.6.1nb6 buffer-overrun http://www.idefense.com/application/poi/display?id=173&type=vulnerabilities xpdf<3.00pl2 remote-code-execution http://www.idefense.com/application/poi/display?id=172&type=vulnerabilities xzgv<0.8.0.1 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0994 xine-lib-1rc[2-5]* remote-code-execution http://www.xinehq.de/index.php/security/XSA-2004-4 xine-lib<1rc6 remote-code-execution http://www.xinehq.de/index.php/security/XSA-2004-5 gpdf<2.8.1 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0888 koffice<1.3.5 integer-overflow http://kde.org/areas/koffice/releases/1.3.4-release.php pdfTexinteTexbin=4<4.43nb2 remote-code-execution http://www.exim.org/mail-archives/exim-announce/2005/msg00000.html exim-exiscan<4.43nb2 remote-code-execution http://www.exim.org/mail-archives/exim-announce/2005/msg00000.html vim<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 vim-gtk<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 vim-gtk2<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 vim-kde<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 vim-motif<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 vim-xaw<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 pcal<4.7nb1 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1289 tnftp<20050103 remote-code-execution http://tigger.uic.edu/~jlongs2/holes/tnftp.txt napshare<1.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1286 yamt<0.5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1302 cups-1.1.2[12]* denial-of-service http://www.cups.org/str.php?L1042+P0+S-1+C0+I0+E0+Q1042 dillo<0.8.3nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0012 tiff<3.6.1nb6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1308 mpg123<0.59.18nb7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1284 mpg123-esound<0.59.18nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1284 mpg123-nas<0.59.18nb6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1284 mpg123<0.59.18nb7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0991 mpg123-esound<0.59.18nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0991 mpg123-nas<0.59.18nb6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0991 hylafax<4.2.1 weak-acl-enforcement http://www.hylafax.org/4.2.1.html teTeX-bin<2.0.2nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1125 teTeX-bin<2.0.2nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0888 awstats<6.3 local-code-execution http://www.idefense.com/application/poi/display?id=185&type=vulnerabilities ImageMagick<6.1.8.8 remote-code-execution http://www.idefense.com/application/poi/display?id=184&type=vulnerabilities xpdf<3.00pl3 remote-code-execution http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities cups<1.1.23nb1 remote-code-execution http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities kdegraphics<3.3.2nb3 remote-code-execution http://www.kde.org/info/security/advisory-20050119-1.txt mysql-client<3.23.58nb3 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.0.[0-9]{,nb*} local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.0.1[0-9]* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.0.2[0-2]* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.0.23 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.1.[0-8]{,nb*} local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.1.9 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 ethereal<0.10.9 denial-of-service http://ethereal.com/appnotes/enpa-sa-00017.html ethereal<0.10.9 remote-code-execution http://ethereal.com/appnotes/enpa-sa-00017.html koffice<1.3.5nb4 remote-code-execution http://www.kde.org/info/security/advisory-20050120-1.txt squid<2.5.7nb5 buffer-overrun http://www.squid-cache.org/Advisories/SQUID-2005_1.txt squid<2.5.7nb6 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0094 squid<2.5.7nb7 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2005_2.txt squid<2.5.7nb8 denial-of-service http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-response_splitting unarj<2.65nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0947 unarj<2.65nb1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1027 suse{,32}_libtiff<9.1nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1308 suse{,32}_x11<9.1nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914 suse{,32}_gtk2<9.1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0753 suse{,32}_gtk2<9.1nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0782 suse{,32}_gtk2<9.1nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0783 suse{,32}_gtk2<9.1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0788 webmin<1.160 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0559 teTeX-bin<2.0.2nb5 remote-code-execution http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities sun-{jre,jdk}14<2.6 remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57708-1 sun-{jre,jdk}13<1.0.13 remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57708-1 evolution12<1.2.4nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0102 evolution14<1.4.6nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0102 evolution<2.0.3nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0102 enscript<1.6.3nb1 remote-code-execution http://www.securityfocus.org/advisories/7879 bind-8.4.[4-5]{,nb*} denial-of-service http://www.kb.cert.org/vuls/id/327633 bind-9.3.0 denial-of-service http://www.kb.cert.org/vuls/id/938617 squid<2.5.7nb9 cache-poisoning http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-response_splitting p5-DBI<1.46nb2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0077 f2c<20001205nb8 local-file-write http://www.debian.org/security/2005/dsa-661 squid<2.5.7nb10 buffer-overrun http://www.squid-cache.org/Advisories/SQUID-2005_3.txt zope25-Silva<0.9.2.8 privilege-escalation http://mail.zope.org/pipermail/zope-announce/2005-February/001653.html postgresql-server-7.3.[1-8]{,nb*} privilege-escalation http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php postgresql73-server-7.3.[1-8]{,nb*} privilege-escalation http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php postgresql74-server-7.4.[1-6]{,nb*} privilege-escalation http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php postgresql80-server-8.0.0* privilege-escalation http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php perl{,-thread}-5.8.{[0-4]{,nb*},5{,nb[1-7]},6{,nb[12]}} local-root-exploit http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0155 perl{,-thread}-5.8.{[0-4]{,nb*},5{,nb[1-7]},6{,nb[12]}} buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0156 gpdf<2.8.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1125 gpdf<2.8.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0064 python22<2.2.3nb5 remote-code-execution http://www.python.org/security/PSF-2005-001/ python22-pth<2.2.3nb5 remote-code-execution http://www.python.org/security/PSF-2005-001/ python23<2.3.4nb7 remote-code-execution http://www.python.org/security/PSF-2005-001/ python23-pth<2.3.4nb7 remote-code-execution http://www.python.org/security/PSF-2005-001/ python23-nth<2.3.4nb2 remote-code-execution http://www.python.org/security/PSF-2005-001/ python24<2.4nb4 remote-code-execution http://www.python.org/security/PSF-2005-001/ python24-pth<2.4nb4 remote-code-execution http://www.python.org/security/PSF-2005-001/ py{15,20,21,22,23,24,25,26,27,31}-xmlrpc<=0.9.8 remote-code-execution http://www.python.org/security/PSF-2005-001/ opera<7.54pl2 remote-code-execution http://secunia.com/advisories/13818/ opera<=7.54pl2 www-address-spoof http://secunia.com/advisories/14154/ firefox{,-bin,-gtk2,-gtk2-bin}<=1.0 www-address-spoof http://secunia.com/advisories/14163/ mozilla{,-bin,-gtk2,-gtk2-bin}<=1.7.5 www-address-spoof http://secunia.com/advisories/14163/ kdebase<=3.3.2nb1 www-address-spoof http://secunia.com/advisories/14162/ apache-2.0.5[0-2]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0942 fprot-workstation-bin<4.5.3 local-code-execution http://www.f-secure.com/security/fsc-2005-1.shtml mailman<2.1.4nb3 remote-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0202 awstats<=6.3nb3 denial-of-service http://www.securityfocus.com/archive/1/390368 awstats<=6.3nb3 remote-code-execution http://www.securityfocus.com/archive/1/390368 sympa<=4.1.2nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0073 bidwatcher<1.3.17 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0158 kdeedu<=3.3.2 privilege-escalation http://www.kde.org/info/security/advisory-20050215-1.txt emacs-21.[0-2]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs-21.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs-21.3nb[0-6] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs-nox11-21.[0-2]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs-nox11-21.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs-nox11-21.3nb[0-1] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs<20.7nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 xemacs<21.4.17 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 xemacs-nox11<21.4.17 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 xview-lib<3.2.1nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0076 clamav<0.82 denial-of-service http://www.securityfocus.com/bid/12408?ref=rss phpmyadmin<2.6.1pl1 cross-site-scripting http://sourceforge.net/tracker/index.php?func=detail&aid=1149383&group_id=23067&atid=377408 phpmyadmin<2.6.1pl1 privacy-leak http://sourceforge.net/tracker/index.php?func=detail&aid=1149381&group_id=23067&atid=377408 curl<7.12.2nb1 remote-code-execution http://www.idefense.com/application/poi/display?id=202&type=vulnerabilities curl-7.1{2.3,2.3nb1,3.0} remote-code-execution http://www.idefense.com/application/poi/display?id=202&type=vulnerabilities gaim<1.0.2 denial-of-service http://gaim.sourceforge.net/security/index.php?id=7 gaim<1.0.2 denial-of-service http://gaim.sourceforge.net/security/index.php?id=8 gaim<1.0.2 buffer-overrun http://gaim.sourceforge.net/security/index.php?id=9 gaim<1.1.3 denial-of-service http://gaim.sourceforge.net/security/index.php?id=10 gaim<1.1.3 denial-of-service http://gaim.sourceforge.net/security/index.php?id=11 gaim<1.1.4 denial-of-service http://gaim.sourceforge.net/security/index.php?id=12 unzip<5.52 privilege-escalation http://www.securityfocus.com/archive/1/391677 kdebase<3.3.2 command-injection http://www.kde.org/info/security/advisory-20050101-1.txt kdebase<3.0.5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0078 squid<2.5.8nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0446 squirrelmail<1.4.4 cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-20 ja-squirrelmail<1.4.4 cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-20 squirrelmail-1.2.6* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0152 ja-squirrelmail-1.2.6* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0152 gcpio<2.5nb1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1572 squid<2.5.8 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0173 squid<2.5.8 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2479 squid<2.5.7nb4 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0194 squid<2.5.7nb12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0718 php<3.0.19 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0594 php<3.0.19 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0595 mailman<2.1.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1177 ap-python<2.7.9 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0088 squirrelmail<1.4.4 cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-19 ja-squirrelmail<1.4.4 cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-19 squirrelmail-1.4.3* cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-14 ja-squirrelmail-1.4.3* cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-14 mailman<2.1.5 weak-password-generator http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1143 htdig<3.1.6nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0085 postgresql-lib<7.3.9 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0245 postgresql73-lib<7.3.9 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0245 postgresql74-lib<7.4.7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0245 postgresql80-lib<8.0.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0245 # intagg not installed #postgresql73-lib-7.3.[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0246 #postgresql74-lib-7.4.[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0246 #postgresql80-lib-8.0.[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0246 postgresql-lib-7.3.[0-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0247 postgresql73-lib<7.3.9nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0247 postgresql74-lib<7.4.7nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0247 postgresql80-lib<8.0.1nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0247 gftp<2.0.18 remote-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0372 gftp-gtk1<2.0.18 remote-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0372 vim-share<6.3.046 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0069 imap-uw<2004b remote-user-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0198 unace<1.2.2nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0160 unace<1.2.2nb1 no-path-validation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0161 wu-ftpd<2.6.2nb3 denial-of-service http://www.idefense.com/application/poi/display?id=207&type=vulnerabilities cups<1.1.23nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0206 ImageMagick<6.2.0.3 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0397 cyrus-sasl<2.1.19 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0373 kdenetwork<=3.1.5 local-domain-spoofing http://www.kde.org/info/security/advisory-20050228-1.txt realplayer<10.6 remote-code-execution http://service.real.com/help/faq/security/050224_player RealPlayerGold<10.0.2 remote-code-execution http://service.real.com/help/faq/security/050224_player firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 window-injection-spoofing http://www.mozilla.org/security/announce/mfsa2005-13.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 ssl-icon-spoofing http://www.mozilla.org/security/announce/mfsa2005-14.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 heap-overflow http://www.mozilla.org/security/announce/mfsa2005-15.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 dialog-spoofing http://www.mozilla.org/security/announce/mfsa2005-16.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 source-spoofing http://www.mozilla.org/security/announce/mfsa2005-17.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-18.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 data-leak http://www.mozilla.org/security/announce/mfsa2005-19.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 possible-data-leak http://www.mozilla.org/security/announce/mfsa2005-20.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 download-source-spoofing http://www.mozilla.org/security/announce/mfsa2005-23.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-26.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-27.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 local-file-delete http://www.mozilla.org/security/announce/mfsa2005-28.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 domain-name-spoofing http://www.mozilla.org/security/announce/mfsa2005-29.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 window-injection-spoofing http://www.mozilla.org/security/announce/mfsa2005-13.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 ssl-icon-spoofing http://www.mozilla.org/security/announce/mfsa2005-14.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 heap-overflow http://www.mozilla.org/security/announce/mfsa2005-15.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 source-spoofing http://www.mozilla.org/security/announce/mfsa2005-17.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-18.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 possible-data-leak http://www.mozilla.org/security/announce/mfsa2005-20.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-26.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-27.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 local-file-delete http://www.mozilla.org/security/announce/mfsa2005-28.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 domain-name-spoofing http://www.mozilla.org/security/announce/mfsa2005-29.html thunderbird{,-bin,-gtk2}<1.0.1 source-spoofing http://www.mozilla.org/security/announce/mfsa2005-17.html thunderbird{,-bin,-gtk2}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-18.html sylpheed<1.0.3 buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24250 sylpheed-claws<1.0.3 buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24250 sylpheed-gtk2-[01].* buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24250 ethereal<0.10.10 remote-code-execution http://ethereal.com/appnotes/enpa-sa-00018.html xpm<3.4knb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605 openmotif<2.1.30nb4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605 lesstif<0.94.0nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605 libexif<0.6.11nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0664 putty<0.57 remote-code-execution http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-readdir.html putty<0.57 remote-code-execution http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-string.html mysql-server<4.0.24 remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0709 mysql-server<4.0.24 remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0710 mysql-server<4.0.24 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0711 mysql-server-4.1.[0-9]{nb*,} remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0709 mysql-server-4.1.[0-9]{nb*,} remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0710 mysql-server-4.1.[0-9]{nb*,} local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0711 mysql-server-4.1.10{nb*,} remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0709 mysql-server-4.1.10{nb*,} remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0710 mysql-server-4.1.10{nb*,} local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0711 kdelibs<3.3.2nb8 denial-of-service http://www.kde.org/info/security/advisory-20050316-1.txt kdelibs<3.3.2nb8 domain-name-spoofing http://www.kde.org/info/security/advisory-20050316-2.txt kdelibs<3.3.2nb8 local-file-write http://www.kde.org/info/security/advisory-20050316-3.txt sun-{jre,jdk}14<2.7 remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57740-1 xli<1.17.0nb2 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0638 xli<1.17.0nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0639 xli<1.17.0nb4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0775 wine>20000000<20050419 insecure-temp-file http://www.securityfocus.com/archive/1/393150/2005-03-14/2005-03-20/0 ImageMagick<6.1.8 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0005 ImageMagick<6.0 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0759 ImageMagick<6.0 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0760 ImageMagick<6.1.8 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0761 ImageMagick<6.0 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0762 ipsec-tools<0.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0398 firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.2 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-30.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.2 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-31.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.2 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-32.html sylpheed<1.0.4 buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24429 sylpheed-claws<1.0.4 buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24429 sylpheed-gtk2-[01].* buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24429 gnupg<1.4.1 information-leak http://lists.gnupg.org/pipermail/gnupg-announce/2005q1/000191.html mit-krb5<1.4nb1 remote-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2005-001-telnet.txt {g,}mc<4.5.56 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0763 {g,}mc<4.5.56 remote-unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1004 {g,}mc<4.5.56 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1005 {g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1009 {g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1090 {g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1091 {g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1092 {g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1093 {g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1174 {g,}mc<4.5.56 remote-unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1175 {g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1176 horde-3.0.[0-3]* cross-site-scripting http://secunia.com/advisories/14730/ gsharutils<4.2.1nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1772 gsharutils<4.2.1nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1773 squid<2.5.9nb1 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0626 gtk2+<2.6.4nb1 denial-of-service http://secunia.com/advisories/14775/ gdk-pixbuf<0.22.0nb5 denial-of-service http://secunia.com/advisories/14776/ phpmyadmin<2.6.2rc1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-3 gaim<1.2.1 denial-of-service http://gaim.sourceforge.net/security/?id=13 gaim<1.2.1 denial-of-service http://gaim.sourceforge.net/security/?id=14 gaim<1.2.1 denial-of-service http://gaim.sourceforge.net/security/?id=15 xorg-libs<6.8.2nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605 XFree86-libs<=4.5.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605 {ap-,}php<4.3.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0524 {ap-,}php<4.3.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0525 {ap-,}php-5.0.[0123]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0524 {ap-,}php-5.0.[0123]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0525 netscape7-[0-9]* privacy-leak http://secunia.com/advisories/14804/ netscape7-[0-9]* remote-code-execution http://secunia.com/advisories/14996/ gsharutils<4.2.1nb6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0990 mysql-server<3.23.59 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0957 sun-{jre,jdk}15-* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1080 sun-{jre,jdk}14-* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1080 kdelibs-3.4.0{,nb1,nb2} buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1046 kdelibs<3.3.2nb10 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1046 gnome-vfs2-cdda-2.10.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706 gnome-vfs2<2.6.0nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706 gnome-vfs2-cdda<2.8.4nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706 gnome-vfs<1.0.5nb8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706 libcdaudio<0.99.12nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706 gld<1.5 remote-code-execution http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0005.html pine<4.62nb2 local-file-write http://secunia.com/advisories/14899/ openoffice<1.1.4nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0941 openoffice-linux<1.1.5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0941 openoffice-bin<1.1.4nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0941 postgrey<1.21 denial-of-service http://secunia.com/advisories/14958/ php-exif<4.3.11 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1042 php-exif<4.3.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1043 cvs<1.11.20 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0753 realplayer<10.6 remote-code-execution http://www.service.real.com/help/faq/security/security041905.html RealPlayerGold<10.0.4 remote-code-execution http://www.service.real.com/help/faq/security/security041905.html heimdal<0.6.4 remote-code-execution http://www.pdc.kth.se/heimdal/advisory/2005-04-20/ mplayer<1.0rc6nb2 remote-code-execution http://www.mplayerhq.hu/homepage/design7/news.html#vuln10 mplayer<1.0rc6nb2 remote-code-execution http://www.mplayerhq.hu/homepage/design7/news.html#vuln11 gmplayer<1.0rc6nb3 remote-code-execution http://www.mplayerhq.hu/homepage/design7/news.html#vuln10 gmplayer<1.0rc6nb3 remote-code-execution http://www.mplayerhq.hu/homepage/design7/news.html#vuln11 quanta-3.1.* remote-code-execution http://www.kde.org/info/security/advisory-20050420-1.txt kdewebdev<3.3.2nb1 remote-code-execution http://www.kde.org/info/security/advisory-20050420-1.txt kdewebdev-3.4.0 remote-code-execution http://www.kde.org/info/security/advisory-20050420-1.txt firefox{-bin,-gtk2,-gtk2-bin}<1.0.3 privacy-leak http://www.mozilla.org/security/announce/mfsa2005-33.html firefox{,-gtk1}<1.0.2nb1 privacy-leak http://www.mozilla.org/security/announce/mfsa2005-33.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-34.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-35.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-35.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-36.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-36.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-37.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-37.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-38.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-38.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-39.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 missing-argument-check http://www.mozilla.org/security/announce/mfsa2005-40.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 missing-argument-check http://www.mozilla.org/security/announce/mfsa2005-40.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-41.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-41.html gzip-base<1.2.4anb1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1228 gzip-base<1.2.4anb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0988 xine-lib<1.0nb2 remote-code-execution http://xinehq.de/index.php/security/XSA-2004-8 imp<3.2.8 cross-site-scripting http://secunia.com/advisories/15077/ lsh<1.4.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0826 lsh<1.4.3nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0814 ImageMagick<6.2.2 heap-overflow http://www.overflow.pl/adv/imheapoverflow.txt netscape7-[0-9]* remote-code-execution http://secunia.com/advisories/15103/ ethereal<0.10.10nb1 denial-of-service http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2005-04/0447.html tcpdump-3.9.[0-1]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1280 tcpdump-3.9.[0-1]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1279 tcpdump<3.8.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1280 tcpdump<3.8.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1279 sqwebmail-[0-9]* cross-site-scripting http://secunia.com/advisories/15119/ php-curl<4.3.11 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1392 horde<2.2.8 cross-site-scripting http://secunia.com/advisories/14730/ netscape7-[0-9]* remote-code-execution http://www.networksecurity.fi/advisories/netscape-dom.html netscape7-[0-9]* authentication-spoofing http://secunia.com/advisories/15267/ p5-Convert-UUlib<1.05 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1349 gnutls<1.2.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1431 kdewebdev<3.3.2nb2 remote-code-execution http://www.kde.org/info/security/advisory-20050504-1.txt kdewebdev-3.4.0{,nb1} remote-code-execution http://www.kde.org/info/security/advisory-20050504-1.txt nasm<0.98.39nb1 remote-code-execution https://bugzilla.redhat.com/beta/show_bug.cgi?id=152963 leafnode<1.11.2 denial-of-service http://leafnode.sourceforge.net/leafnode-SA-2005-01.txt ethereal<0.10.11 denial-of-service http://www.ethereal.com/appnotes/enpa-sa-00019.html ethereal<0.10.11 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00019.html gaim<1.3.0 buffer-overflow http://gaim.sourceforge.net/security/index.php?id=16 gaim<1.3.0 denial-of-service http://gaim.sourceforge.net/security/index.php?id=17 squid<2.5.9nb11 domain-name-spoofing http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-dns_query firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.4 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-42.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.4 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-43.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.4 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-44.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.8 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-42.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.8 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-43.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.8 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-44.html tiff<3.7.2nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1544 bugzilla<2.18.1 information-leak http://www.bugzilla.org/security/2.16.8/ libexif<0.6.12nb1 denial-of-service http://secunia.com/advisories/15259/ maradns<1.0.27 weak-rng-source http://www.maradns.org/download/patches/maradns-1.0.26-rekey_rng.patch p5-Net-SSLeay<1.25 file-permissions http://secunia.com/advisories/15207/ evolution<2.0.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0806 postgresql-server<7.3.10 privilege-escalation http://www.postgresql.org/about/news.322 postgresql73-server<7.3.10 privilege-escalation http://www.postgresql.org/about/news.322 postgresql74-server<7.4.8 privilege-escalation http://www.postgresql.org/about/news.322 postgresql80-server<8.0.3 privilege-escalation http://www.postgresql.org/about/news.322 freeradius<=1.0.2nb1 remote-code-execution http://www.securityfocus.com/bid/13540/ freeradius<=1.0.2nb1 buffer-overflow http://www.securityfocus.com/bid/13541/ mysql-server>=4.1.0<4.1.12 sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1636 ImageMagick<6.2.2.3 denial-of-service http://www.gentoo.org/security/en/glsa/glsa-200505-16.xml netscape7-[0-9]* cross-site-scripting http://secunia.com/advisories/15437/ gxine<0.4.5 remote-code-execution http://secunia.com/advisories/15451/ net-snmp<5.1.2nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1740 net-snmp-5.2.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1740 gedit<2.10.3 remote-code-execution http://secunia.com/advisories/15454/ squid<2.5.9nb2 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1345 qpopper<4.0.6 privilege-escalation http://secunia.com/advisories/15475/ bzip2<1.0.3 denial-of-service http://scary.beasts.org/security/CESA-2005-002.txt openslp<1.2.1 remote-code-execution http://www.securityfocus.com/advisories/8224 mhonarc<2.6.11 cross-site-scripting https://savannah.nongnu.org/bugs/index.php?func=detailitem&item_id=12930 clamav<0.84 osx-privilege-escalation http://www.sentinelchicken.com/advisories/clamav/ ettercap-0.7.2 remote-code-execution http://secunia.com/advisories/15535/ qmail<1.03nb49 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2005-1513 gdb>6<6.2.1nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1704 gdb<5.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1704 gdb>6<6.2.1nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1705 gdb<5.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1705 binutils<2.16.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1704 kdbg<1.2.9 privilege-escalation http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0644 mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.10 http-frame-spoof http://secunia.com/advisories/15601/ mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.10 dialog-spoofing http://secunia.com/advisories/15489/ firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.5 http-frame-spoof http://secunia.com/advisories/15601/ firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.5 dialog-spoofing http://secunia.com/advisories/15489/ leafnode<1.11.3 denial-of-service http://leafnode.sourceforge.net/leafnode-SA-2005-02.txt xmysqladmin-[0-9]* remote-shell http://www.zataz.net/adviso/xmysqladmin-05292005.txt dbus<0.23.1 local-session-hijacking http://secunia.com/advisories/14119/ gaim<1.3.1 denial-of-service http://gaim.sourceforge.net/security/index.php?id=18 gaim<1.3.1 denial-of-service http://gaim.sourceforge.net/security/index.php?id=19 libextractor<0.3.11nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0064 libextractor<0.4.2 remote-code-execution http://secunia.com/advisories/15651/ tcpdump<3.8.3nb2 denial-of-service http://secunia.com/advisories/15634/ mikmod<3.1.7 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0427 postfix<2.1.5nb5 linux-unauthorised-mail-relaying http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0337 squirrelmail<1.4.4nb1 remote-code-execution http://www.squirrelmail.org/security/issue/2005-06-15 opera<8.01 cross-site-scripting http://secunia.com/advisories/15423/ opera<8.01 remote-security-bypass http://secunia.com/secunia_research/2005-4/advisory/ opera<8.01 cross-site-scripting http://secunia.com/secunia_research/2005-5/advisory/ opera<8.01 dialog-spoofing http://secunia.com/advisories/15488/ sun-{jdk,jre}15<5.0.2 remote-user-access http://secunia.com/advisories/15671/ acroread7<7.0.1 remote-information-exposure http://www.adobe.com/support/techdocs/331710.html acroread7<7.0.1 buffer-overflow http://www.adobe.com/support/techdocs/321644.html p5-razor-agents<2.72 denial-of-service http://secunia.com/advisories/15739/ spamassassin<3.0.4 denial-of-service http://secunia.com/advisories/15704/ heimdal<0.6.5 buffer-overflow http://www.pdc.kth.se/heimdal/advisory/2005-06-20/ trac<0.8.4 remote-code-execution http://secunia.com/advisories/15752/ sudo<1.6.8pl9 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1993 gcpio<2.6nb1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1111 gcpio<2.6nb1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1229 tor<0.0.9.10 information-leak http://archives.seul.org/or/announce/Jun-2005/msg00001.html ruby18-base<1.8.2nb2 remote-security-bypass http://secunia.com/advisories/15767/ ruby1{6,8}-xmlrpc4r<1.7.16nb2 remote-security-bypass http://secunia.com/advisories/15767/ asterisk<1.0.8 remote-code-execution http://www.bindshell.net/voip/advisory-05-013.txt p5-CGI<2.94 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0615 perl{,-thread}-5.6.[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0615 perl{,-thread}-5.6.[0-9]* access-validation-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1323 realplayer-[0-9]* remote-code-execution http://service.real.com/help/faq/security/050623_player/EN/ RealPlayerGold<10.0.5 remote-code-execution http://service.real.com/help/faq/security/050623_player/EN/ clamav<0.86.1 denial-of-service http://secunia.com/advisories/15811/ clamav<0.86 denial-of-service http://secunia.com/advisories/15835/ clamav<0.86 denial-of-service http://secunia.com/advisories/15859/ dillo<0.8.5 remote-code-execution http://www.dillo.org/ChangeLog.html p5-Net-Server<0.88 denial-of-service http://www.derkeiler.com/Mailing-Lists/Securiteam/2005-04/0147.html zlib<1.2.2nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2096 net-snmp<5.2.1.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2177 bugzilla<2.18.2 information-leak http://www.bugzilla.org/security/2.18.1/ unalz<0.40 buffer-overflow http://www.kipple.pe.kr/win/unalz/ mit-krb5<1.4.2 denial-of-service http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-002-kdc.txt mit-krb5<1.4.2 remote-code-execution http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-003-recvauth.txt squirrelmail<1.4.5 remote-file-write http://www.squirrelmail.org/security/issue/2005-07-13 polsms<2.0.2 privilege-escalation http://secunia.com/advisories/16038/ elmo<1.3.2 local-file-write http://secunia.com/advisories/15977/ audit-packages<1.35 no-vulnerability-but-missing-file-format-check-support http://mail-index.netbsd.org/pkgsrc-changes/2005/06/07/0036.html centericq<=4.20.0 local-file-write http://secunia.com/advisories/15913/ phppgadmin<3.5.4 remote-information-exposure http://secunia.com/advisories/15941/ cups<1.1.21rc1 acl-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2154 firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.5 cross-site-scripting http://secunia.com/advisories/15549/ firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.5 multiple-vulnerabilities http://secunia.com/advisories/16043/ ekg<1.6nb2 local-symlink-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1916 ekg<1.6nb2 insecure-temp-files http://www.debian.org/security/2005/dsa-760 ekg<1.6nb2 shell-command-injection http://www.debian.org/security/2005/dsa-760 kdebase-3.[2-3].[0-9]{,nb*} local-information-exposure http://www.kde.org/info/security/advisory-20050718-1.txt kdebase-3.4.0{,nb*} local-information-exposure http://www.kde.org/info/security/advisory-20050718-1.txt php<4.3.11nb1 remote-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1921 php<4.3.11nb1 remote-command-execution http://www.hardened-php.net/advisory_142005.66.html fetchmail<6.2.5nb5 remote-user-shell http://fetchmail.berlios.de/fetchmail-SA-2005-01.txt kdenetwork-3.3.* remote-code-execution http://www.kde.org/info/security/advisory-20050721-1.txt kdenetwork-3.4.{0,0nb*,1} remote-code-execution http://www.kde.org/info/security/advisory-20050721-1.txt rsnapshot<1.1.7 privilege-escalation http://www.rsnapshot.org/security/2005/001.html zlib<1.2.3 denial-of-service http://secunia.com/advisories/16137/ clamav<0.86.2 denial-of-service http://secunia.com/advisories/16180/ clamav<0.86.2 buffer-overflow http://secunia.com/advisories/16180/ vim{,-gtk,-gtk2,-kde,-motif,-xaw,-share}<6.3.082 local-code-execution http://secunia.com/advisories/16206/ vim<6.3.082 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2368 ethereal<0.10.12 denial-of-service http://www.ethereal.com/appnotes/enpa-sa-00020.html ethereal<0.10.12 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00020.html p5-Compress-Zlib<1.35 denial-of-service http://secunia.com/advisories/16137/ unzip<5.52nb2 local-symlink-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2475 rsync<2.6.6 null-pointer-dereference http://lists.samba.org/archive/rsync-announce/2005/000032.html msf<2.4nb2 remote-security-bypass http://secunia.com/advisories/16318/ proftpd<1.2.10nb4 format-string http://secunia.com/advisories/16181/ jabberd-2.0s[2-8]{,nb*} buffer-overflows http://secunia.com/advisories/16291/ gopher<3.0.8 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1853 gaim<1.4.0nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2370 kadu<0.4.1 denial-of-service http://secunia.com/advisories/16238/ opera<8.02 dialog-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2405 opera<8.02 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2406 suse{,32}_base<9.1nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1849 suse{,32}_base<9.1nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2096 netpbm<10.28 local-code-execution http://secunia.com/advisories/16184/ acroread5<5.0.11 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1625 acroread5<5.0.11 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1841 apache-2.0.[0-4][0-9]* cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2088 apache-2.0.5[0-3]* cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2088 apache-2.0.54{,nb[12]} cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2088 awstats<6.4nb1 remote-command-execution http://www.idefense.com/application/poi/display?id=290&type=vulnerabilities inkscape<0.42 insecure-temp-files http://secunia.com/advisories/16343/ mysql-server<4.0.25 local-code-execution http://www.appsecinc.com/resources/alerts/mysql/2005-001.html mysql-server<4.0.25 buffer-overflow http://www.appsecinc.com/resources/alerts/mysql/2005-002.html mysql-server-4.1.{0,1,2,3,4,5,6,7,8,9,10,11,12}{,nb*} local-code-execution http://www.appsecinc.com/resources/alerts/mysql/2005-001.html mysql-server-4.1.{0,1,2,3,4,5,6,7,8,9,10,11,12}{,nb*} buffer-overflow http://www.appsecinc.com/resources/alerts/mysql/2005-002.html xpdf<3.00pl3nb1 denial-of-service http://secunia.com/advisories/16374/ kdegraphics-3.3.[0-9]{,nb*} denial-of-service http://www.kde.org/info/security/advisory-20050809-1.txt kdegraphics-3.4.0{,nb*} denial-of-service http://www.kde.org/info/security/advisory-20050809-1.txt kdegraphics-3.4.1 denial-of-service http://www.kde.org/info/security/advisory-20050809-1.txt gaim<1.4.0nb2 denial-of-service http://secunia.com/advisories/16379/ gaim<1.4.0nb2 remote-command-execution http://secunia.com/advisories/16379/ cups<1.1.23nb3 denial-of-service http://secunia.com/advisories/16380/ wine>20000000<20050524nb1 insecure-temp-files http://secunia.com/advisories/16352/ wine-20050725 insecure-temp-files http://secunia.com/advisories/16352/ xv<3.10anb10 privilege-escalation http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1725 xv<3.10anb10 privilege-escalation http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1726 xv<3.10anb10 privilege-escalation http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0665 kdeedu-3.[0-3].* privilege-escalation http://www.kde.org/info/security/advisory-20050815-1.txt kdeedu-3.4.{0*,1,2} privilege-escalation http://www.kde.org/info/security/advisory-20050815-1.txt thunderbird{,-bin,-gtk1}<1.0.5 disabled-scripting-bypass http://www.mozilla.org/security/announce/mfsa2005-46.html netscape7-7.2{,nb*} cross-site-scripting http://secunia.com/advisories/15553/ netscape8<8.0.3.3 cross-site-scripting http://secunia.com/advisories/15553/ netscape8<8.0.3.3 arbitrary-code-execution http://secunia.com/advisories/16185/ netscape7-7.2{,nb*} arbitrary-code-execution http://secunia.com/advisories/16044/ netscape8<8.0.3.3 arbitrary-code-execution http://secunia.com/advisories/16044/ netscape7-7.2{,nb*} local-security-bypass http://secunia.com/advisories/16044/ netscape8<8.0.3.3 local-security-bypass http://secunia.com/advisories/16044/ centericq<4.20.0nb2 denial-of-service http://secunia.com/advisories/16240/ centericq<4.20.0nb2 shell-command-injection http://secunia.com/advisories/16240/ evolution<2.2.2nb2 arbitrary-code-execution http://www.sitic.se/eng/advisories_and_recommendations/sa05-001.html evolution-2.2.3 arbitrary-code-execution http://www.sitic.se/eng/advisories_and_recommendations/sa05-001.html gpdf-2.10.0 denial-of-service http://secunia.com/advisories/16400/ mantis<0.19.2 cross-site-scripting http://secunia.com/advisories/16506/ mantis<0.19.2 sql-injection http://secunia.com/advisories/16506/ elm<2.5.8 remote-user-shell http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-08/0692.html pcre<6.2 arbitrary-code-execution http://secunia.com/advisories/16502/ mplayer<1.0rc7nb2 remote-code-execution http://www.sven-tantau.de/public_files/mplayer/mplayer_20050824.txt gmplayer<1.0rc7nb1 remote-code-execution http://www.sven-tantau.de/public_files/mplayer/mplayer_20050824.txt tor<0.1.0.14 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2643 cvs<1.11.20nb2 local-privilege-escalation http://secunia.com/advisories/16553/ apache-2.0.[1-4][0-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491 apache-2.0.5[0-3]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491 apache-2.0.54{,nb[123]} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491 pam-ldap-169{,nb*} authentication-bypass http://secunia.com/advisories/16518/ pam-ldap-17[0-9]{,nb*} authentication-bypass http://secunia.com/advisories/16518/ gnats<4.1.0nb1 local-file-write http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2180 apache-2.0.[1-4][0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2728 apache-2.0.5[0-3]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2728 apache-2.0.54{,nb[123]} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2728 phpmyadmin<2.6.4rc1 cross-site-scripting http://secunia.com/advisories/16605/ sqwebmail<5.0.4nb1 cross-site-scripting http://secunia.com/advisories/16539/ sqwebmail<5.0.4nb1 cross-site-scripting http://secunia.com/advisories/16600/ ntp<4.2.0nb7 listener-permissions http://secunia.com/advisories/16602/ phpldapadmin<0.9.6cnb4 authentication-bypass http://secunia.com/advisories/16611/ gopher<3.0.11 buffer-overflow http://secunia.com/advisories/16614/ phpldapadmin<0.9.6cnb4 remote-code-execution http://secunia.com/advisories/16617/ php-5.0.[0-3]{,nb*} remote-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1921 php-5.0.[0-3]{,nb*} remote-command-execution http://www.hardened-php.net/advisory_142005.66.html php-5.0.4 remote-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1921 php-5.0.4 remote-command-execution http://www.hardened-php.net/advisory_142005.66.html gnumeric<1.2.13nb3 arbitrary-code-execution http://secunia.com/advisories/16584/ gnumeric-1.4.[0-2]{,nb*} arbitrary-code-execution http://secunia.com/advisories/16584/ gnumeric-1.4.3 arbitrary-code-execution http://secunia.com/advisories/16584/ apache-2.0.[1-4][0-9]* weak-authentication http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700 apache-2.0.5[0-3]* weak-authentication http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700 apache-2.0.54{,nb[1234]} weak-authentication http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700 ap-ssl<2.8.24 weak-authentication http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700 nikto<1.35nb1 cross-site-scripting http://secunia.com/advisories/16669/ kdebase-3.[23].* local-privilege-escalation http://www.kde.org/info/security/advisory-20050905-1.txt kdebase-3.[23].* local-privilege-escalation http://www.kde.org/info/security/advisory-20050905-1.txt kdebase-3.4.[01]{,nb*} local-privilege-escalation http://www.kde.org/info/security/advisory-20050905-1.txt kdebase-3.4.2{,nb1} local-privilege-escalation http://www.kde.org/info/security/advisory-20050905-1.txt squid<2.5.10nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2794 squid<2.5.10nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2796 gg2<2.2.8 denial-of-service http://secunia.com/advisories/16241/ gg2<2.2.8 remote-command-execution http://secunia.com/advisories/16241/ openttd<0.4.0.1nb1 denial-of-service http://secunia.com/advisories/16696/ openttd<0.4.0.1nb1 remote-command-execution http://secunia.com/advisories/16696/ freeradius<1.0.5 sql-injection http://www.freeradius.org/security.html freeradius<1.0.5 denial-of-service http://www.freeradius.org/security.html gcvs<1.0nb2 local-privilege-escalation http://secunia.com/advisories/16553/ netscape7-[0-9]* remote-command-execution http://secunia.com/advisories/16766/ netscape7-[0-9]* remote-command-execution http://secunia.com/advisories/16766/ sqwebmail<5.0.4nb2 cross-site-scripting http://secunia.com/advisories/16704/ silc-server<1.0nb1 local-privilege-escalation http://secunia.com/advisories/16659/ chmlib<0.36 remote-command-execution http://morte.jedrea.com/~jedwin/projects/chmlib/ chmlib<0.36 buffer-overflow http://morte.jedrea.com/~jedwin/projects/chmlib/ snort<2.4.0nb1 denial-of-service http://marc.theaimsgroup.com/?l=vuln-dev&m=112655297606335&w=2 xchat<2.4.5 unspecified http://www.xchat.org/ imake>=3<4.4.0nb2 insecure-temp-files ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-009.txt.asc xorg-imake<6.8.2nb2 insecure-temp-files ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-009.txt.asc clamav<0.87 buffer-overflow http://secunia.com/advisories/16848/ clamav<0.87 denial-of-service http://secunia.com/advisories/16848/ gtexinfo<4.8nb1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3011 rdiff-backup<1.0.1 information-disclosure http://secunia.com/advisories/16774/ arc<5.21enb2 insecure-temp-files http://www.zataz.net/adviso/arc-09052005.txt zebedee<2.5.3 denial-of-service http://sourceforge.net/mailarchive/forum.php?thread_id=8134987&forum_id=2055 openssh<4.2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2798 python24<2.4.1 buffer-overflow http://secunia.com/advisories/16793/ python24-pth<2.4.1 buffer-overflow http://secunia.com/advisories/16793/ python23<2.3.5nb3 buffer-overflow http://secunia.com/advisories/16793/ python23-pth<2.3.5nb1 buffer-overflow http://secunia.com/advisories/16793/ python23-nth<2.3.5nb2 buffer-overflow http://secunia.com/advisories/16793/ python22<2.2.3nb6 buffer-overflow http://secunia.com/advisories/16793/ python22-pth<2.2.3nb6 buffer-overflow http://secunia.com/advisories/16793/ xorg-libs<6.8.2nb2 buffer-overflow http://secunia.com/advisories/16790/ XFree86-libs<4.4.0nb4 buffer-overflow http://secunia.com/advisories/16777/ mit-krb5<1.8.3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0488 pam-ldap<180 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2069 nss_ldap<240 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2069 opera<8.50 cross-site-scripting http://secunia.com/advisories/16645/ opera<8.50 file-spoofing http://secunia.com/advisories/16645/ bacula<1.36.3nb1 insecure-temp-files http://secunia.com/advisories/16866/ firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.7 remote-command-execution http://www.frsirt.com/english/advisories/2005/1794 ruby16-base<1.6.8nb2 access-validation-bypass http://jvn.jp/jp/JVN%2362914675/index.html ruby18-base<1.8.2nb4 access-validation-bypass http://jvn.jp/jp/JVN%2362914675/index.html hylafax<4.2.1nb1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3069 hylafax<4.2.1nb1 insecure-socket http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3070 p7zip<4.27 remote-code-execution http://secunia.com/advisories/16664/ firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.7 remote-command-execution http://www.mozilla.org/security/announce/mfsa200 firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.7 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-58.html mozilla{,-bin,-gtk2}<1.7.12 remote-command-execution http://www.mozilla.org/security/announce/mfsa2005-57.html mozilla{,-bin,-gtk2}<1.7.12 remote-command-execution http://www.mozilla.org/security/announce/mfsa2005-58.html #poppassd-4.[0-9]* local-privilege-escalation http://secunia.com/advisories/16935/ abiword<2.2.10 buffer-overflow http://www.abisource.com/changelogs/2.2.10.phtml eric3<3.7.2 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3068 {ap-,}php<4.4.0nb1 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3054 realplayer<10.0.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2710 RealPlayerGold<10.0.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2710 uim<0.4.9.1 privilege-escalation http://lists.freedesktop.org/archives/uim/2005-September/001346.html netscape7-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/16944/ thunderbird{,-bin,-gtk1}<1.0.7 multiple-vulnerabilities http://www.mozilla.org/security/announce/mfsa2005-58.html thunderbird{,-bin,-gtk1}<1.0.7 remote-command-execution http://www.mozilla.org/security/announce/mfsa2005-57.html squid<2.5.10nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2917 mpeg_encode<1.5bnb3 privilege-escalation http://secunia.com/advisories/17008/ weex<2.6.1nb1 local-code-execution http://secunia.com/advisories/17028/ apachetop<0.12.5nb1 insecure-temp-files http://www.zataz.net/adviso/apachetop-09022005.txt blender<2.37anb2 local-code-execution http://secunia.com/advisories/17013/ blender-2.41 local-code-execution http://secunia.com/advisories/17013/ bugzilla<2.18.4 information-leak http://www.bugzilla.org/security/2.18.4/ imap-uw<2004enb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2933 openssl<0.9.7h information-leak http://www.openssl.org/news/secadv_20051011.txt koffice<1.4.2 local-code-execution http://www.kde.org/info/security/advisory-20051011-1.txt phpmyadmin<2.6.4pl2 information-leak http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-4 xine-lib<1.0.3 remote-users-shell http://xinehq.de/index.php/security/XSA-2005-1 unrar<3.5.4 remote-code-execution http://www.rarlabs.com/rarnew.htm curl<7.15.0 remote-code-execution http://curl.haxx.se/mail/lib-2005-10/0061.html wget-1.10 remote-code-execution http://www.mail-archive.com/wget%40sunsite.dk/msg08300.html wget-1.10.1 remote-code-execution http://www.mail-archive.com/wget%40sunsite.dk/msg08300.html abiword<2.4.1 arbitrary-code-execution http://scary.beasts.org/security/CESA-2005-006.txt clamav<0.87.1 denial-of-service http://secunia.com/advisories/17184/ clamav<0.87.1 denial-of-service http://secunia.com/advisories/17434/ clamav<0.87.1 remote-code-execution http://www.zerodayinitiative.com/advisories/ZDI-05-002.html lynx<2.8.5.3 remote-users-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3120 snort-2.4.[0-2]{,nb*} buffer-overflow http://secunia.com/advisories/17220/ snort-mysql-2.4.[0-2]{,nb*} buffer-overflow http://secunia.com/advisories/17220/ snort-pgsql-2.4.[0-2]{,nb*} buffer-overflow http://secunia.com/advisories/17220/ graphviz<2.6 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2965 squid<2.5.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3258 ethereal<0.10.13 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00021.html sudo<1.6.8pl9nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2959 chmlib<0.37.3 remote-code-execution http://66.93.236.84/~jedwin/projects/chmlib/ mantis<1.0.0rc3 sql-injection http://secunia.com/advisories/16818/ phpmyadmin<2.6.4pl3 information-leak http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-5 netpbm<10.25 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2978 xli<1.17.0nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0775 wget<1.10 remote-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1487 wget<1.10 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1488 wget-1.9{,nb*} symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2014 wget-1.9.1{,nb*} symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2014 php<4.4.1 remote-code-execution http://www.hardened-php.net/advisory_202005.79.html php<4.4.1 remote-code-execution http://www.hardened-php.net/advisory_202005.78.html php<4.4.1 remote-code-execution http://www.hardened-php.net/advisory_202005.77.html php-5.0.[0-5]* remote-code-execution http://www.hardened-php.net/advisory_202005.79.html php-5.0.[0-5]* remote-code-execution http://www.hardened-php.net/advisory_202005.78.html php-5.0.[0-5]* remote-code-execution http://www.hardened-php.net/advisory_202005.77.html openvpn<2.0.3 denial-of-service http://secunia.com/advisories/17376/ openvpn<2.0.3 remote-code-execution http://secunia.com/advisories/17376/ ethereal<0.10.13nb1 denial-of-service http://secunia.com/advisories/17370/ chmlib<0.36 remote-code-execution http://www.idefense.com/application/poi/display?id=332&type=vulnerabilities&flashstatus=true fetchmailconf<6.2.5nb3 insecure-file-permissions http://fetchmail.berlios.de/fetchmail-SA-2005-02.txt skype<1.2.0.18 remote-code-execution http://secunia.com/advisories/17305/ python21<2.1.3nb8 remote-code-execution http://secunia.com/advisories/16914/ python21-pth<2.1.3nb7 remote-code-execution http://secunia.com/advisories/16914/ rsaref<2.0p3 buffer-overrun http://www.cert.org/advisories/CA-1999-15.html libgda<1.2.2nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2958 libwww<5.4.0nb4 denial-of-service http://secunia.com/advisories/17119/ zope-2.6.[0-9]* remote-code-execution http://secunia.com/advisories/17173/ openvmps<=1.3 remote-code-execution http://www.security.nnov.ru/Jdocument889.html libungif<4.1.3nb3 denial-of-service http://secunia.com/advisories/17436/ libungif<4.1.3nb3 remote-code-execution http://secunia.com/advisories/17436/ {ns,moz-bin,firefox-bin}-flash<7.0.25 remote-code-execution http://secunia.com/advisories/17430/ sudo<1.6.8pl9nb2 privilege-escalation http://www.sudo.ws/sudo/alerts/perl_env.html emacs-21.2.1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1232 sylpheed<2.0.4 local-code-execution http://secunia.com/advisories/17492/ spamassassin<3.0.4nb2 denial-of-service http://secunia.com/advisories/17386/ sylpheed-2.1.[0-5]* local-code-execution http://secunia.com/advisories/17492/ phpmyadmin<2.6.4pl4 http-header-injection http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-6 opera<8.51 remote-user-shell http://secunia.com/advisories/16907/ opera<8.51 remote-user-shell http://secunia.com/advisories/17437/ ipsec-tools<0.6.3 denial-of-service http://secunia.com/advisories/17668/ horde-3.0.[0-6]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3759 horde<2.2.9 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3570 micq<0.4.10.4 denial-of-service http://www.micq.org/news.shtml.en gtk2+<2.6.10nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975 gtk2+-2.8.[0-6]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975 gtk2+<2.6.10nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186 gtk2+-2.8.[0-6]{,nb*} arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186 gdk-pixbuf<0.22.0nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975 gdk-pixbuf<0.22.0nb6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2976 gdk-pixbuf<0.22.0nb6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186 acid-[0-9]* cross-site-scripting http://secunia.com/advisories/17552/ acid-[0-9]* sql-injection http://secunia.com/advisories/17552/ thttpd<2.25bnb4 insecure-temp-files http://secunia.com/advisories/17454/ rar-linux<3.5.1 format-string http://secunia.com/advisories/17524/ rar-linux<3.5.1 buffer-overflow http://secunia.com/advisories/17524/ gaim-encryption<2.39 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4693 mailman<2.1.6nb1 denial-of-service http://secunia.com/advisories/17511/ ghostscript-afpl<8.51nb1 insecure-temp-files http://secunia.com/advisories/12903/ ghostscript-esp<8.15.1nb1 insecure-temp-files http://secunia.com/advisories/12903/ ghostscript-esp-nox11<8.15.1nb1 insecure-temp-files http://secunia.com/advisories/12903/ ghostscript-gnu<8.15nb1 insecure-temp-files http://secunia.com/advisories/12903/ ghostscript-gnu-nox11<8.15nb1 insecure-temp-files http://secunia.com/advisories/12903/ ghostscript<6.01nb6 insecure-temp-files http://secunia.com/advisories/12903/ ghostscript-nox11<6.01nb6 insecure-temp-files http://secunia.com/advisories/12903/ suse{,32}_gtk2<9.1nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975 suse{,32}_gtk2<9.1nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2976 suse{,32}_gtk2<9.1nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186 sun-{jre,jdk}13<1.0.16 local-file-write http://secunia.com/advisories/17748/ sun-{jre,jdk}14<2.9 local-file-write http://secunia.com/advisories/17748/ sun-{jre,jdk}15<5.0.4 local-file-write http://secunia.com/advisories/17748/ blackdown-{jre,jdk}13-* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1080 sun-{jre,jdk}13-* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1080 fastjar<0.93nb3 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3619 inkscape-0.4[1-2]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3737 webmin<1.170nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3912 webmin<1.170nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3912 unalz<0.53 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3862 kadu<0.4.2 denial-of-service http://secunia.com/advisories/17764/ centericq<4.20.0nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3694 centericq-4.21.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3694 xpdf<3.01pl1nb2 buffer-overflow http://secunia.com/advisories/17897/ kdegraphics<3.4.2nb1 buffer-overflow http://www.kde.org/info/security/advisory-20051207-1.txt kdegraphics-3.4.3 buffer-overflow http://www.kde.org/info/security/advisory-20051207-1.txt koffice<1.4.1nb1 buffer-overflow http://www.kde.org/info/security/advisory-20051207-1.txt koffice-1.4.2{,nb1} buffer-overflow http://www.kde.org/info/security/advisory-20051207-1.txt Ffmpeg<0.4.9pre1 buffer-overflow http://secunia.com/advisories/17892/ horde<3.1.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4080 phpmyadmin<2.7.0 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-8 phpmyadmin<2.7.0pl1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-9 curl<7.15.1 unknown http://www.hardened-php.net/advisory_242005.109.html php<4.4.1 cross-site-scripting http://www.hardened-php.net/advisory_182005.77.html php-5.0.[0-5]{,nb1} cross-site-scripting http://www.hardened-php.net/advisory_182005.77.html php<4.4.1 global-variables http://www.hardened-php.net/advisory_192005.78.html php-5.0.[0-5]{,nb1} global-variables http://www.hardened-php.net/advisory_192005.78.html php<4.4.1 remote-code-execution http://www.hardened-php.net/advisory_202005.79.html php-5.0.[0-5]{,nb1} remote-code-execution http://www.hardened-php.net/advisory_202005.79.html ethereal<0.10.13nb2 remote-code-execution http://www.idefense.com/application/poi/display?id=349&type=vulnerabilities mplayer<1.0rc7nb6 buffer-overflow http://secunia.com/advisories/17892/ gmplayer<1.0rc7nb4 buffer-overflow http://secunia.com/advisories/17892/ mencoder<1.0rc7nb2 buffer-overflow http://secunia.com/advisories/17892/ gpdf<2.10.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3191 gpdf<2.10.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3192 gpdf<2.10.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3193 poppler<0.3.3nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3191 poppler-0.4.2{,nb1} arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3191 poppler<0.3.3nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3192 poppler-0.4.2{,nb1} arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3192 poppler<0.3.3nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3193 poppler-0.4.2{,nb1} arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3193 dropbear<0.46nb1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2005-4178 mantis<1.0.0rc4 cross-site-scripting http://secunia.com/advisories/18181/ horde-3.0.[0-7]* cross-site-scripting http://secunia.com/advisories/17970/ turba<2.0.5 cross-site-scripting http://secunia.com/advisories/17968/ apache-2.0.[1-4][0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352 apache-2.0.5[0-4]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352 apache-2.0.55{,nb[12]} cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352 apache<1.3.34nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352 cups<1.1.23nb4 arbitrary-code-execution http://secunia.com/advisories/17976/ opera<8.02 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2407 opera<8.51 denial-of-service http://secunia.com/advisories/17963/ libextractor<0.5.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3191 libextractor<0.5.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3192 libextractor<0.5.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3193 trac<0.9.2 sql-injection http://projects.edgewall.com/trac/wiki/ChangeLog perl<5.8.7nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3962 sun-{jre,jdk}13-* denial-of-service http://secunia.com/advisories/17478/ sun-{jre,jdk}14-* denial-of-service http://secunia.com/advisories/17478/ sun-{jre,jdk}15-* denial-of-service http://secunia.com/advisories/17478/ blackdown-{jre,jdk}13-* remote-code-execution http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/218&type=0&nav=sec.sba blackdown-{jre,jdk}13-* privilege-escalation http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57221&zone_32=category%3Asecurity blackdown-{jre,jdk}13-* remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1 blackdown-{jre,jdk}13-* remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57708-1 blackdown-{jre,jdk}13-* local-file-write http://secunia.com/advisories/17748/ blackdown-{jre,jdk}13-* denial-of-service http://secunia.com/advisories/17478/ fetchmail<6.2.5.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2005-4348 realplayer<10.0.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2629 RealPlayerGold<10.0.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2629 bugzilla<2.20 insecure-temp-files http://secunia.com/advisories/18218/ scponly<4.0 arbitrary-command-execution http://www.securityfocus.com/archive/1/383046 rssh<2.2.2 arbitrary-command-execution http://www.pizzashack.org/rssh/security.shtml rssh<2.2.3 arbitrary-command-execution http://www.securityfocus.com/archive/1/383046 rssh<2.3.0 privilege-escalation http://www.pizzashack.org/rssh/security.shtml scponly<4.2 privilege-escalation http://www.sublimation.org/scponly/ scponly<4.2 arbitrary-command-execution http://www.sublimation.org/scponly/ ethereal<0.10.14 denial-of-service http://secunia.com/advisories/18229/ kdegraphics<3.5.0nb1 buffer-overflow http://www.kde.org/info/security/advisory-20051207-2.txt koffice<1.4.2nb4 buffer-overflow http://www.kde.org/info/security/advisory-20051207-2.txt openmotif<2.2.3nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3964 mantis<1.0.0rc4nb2 sql-injection http://secunia.com/advisories/18254/ mantis<1.0.0rc4nb2 information-disclosure http://secunia.com/advisories/18254/ adodb<4.70 sql-injection http://secunia.com/advisories/17418/ adodb<4.70 information-disclosure http://secunia.com/advisories/17418/ poppler<0.4.4 arbitrary-code-execution http://scary.beasts.org/security/CESA-2005-003.txt ytalk<3.2.0 denial-of-service http://www.impul.se/ytalk/ChangeLog trac<0.9.3 cross-site-scripting http://secunia.com/advisories/18048/ blender<2.37nb3 denial-of-service http://secunia.com/advisories/18176/ blender>=2.38<2.40 denial-of-service http://secunia.com/advisories/18176/ gcpio<2.6nb2 denial-of-service http://secunia.com/advisories/18251/ gcpio<2.6nb2 arbitrary-code-execution http://secunia.com/advisories/18251/ rxvt-unicode<6.3 local-privilege-escalation http://secunia.com/advisories/18301/ pine<4.64 buffer-overflow http://www.idefense.com/intelligence/vulnerabilities/display.php?id=313 clamav<0.88 heap-overflow http://secunia.com/advisories/18379/ bitlbee<1.0 denial-of-service http://get.bitlbee.org/devel/CHANGES hylafax-4.2.3{,nb*} privilege-escalation http://secunia.com/advisories/18314/ hylafax-4.2.[0-3]{,nb*} local-privilege-escalation http://secunia.com/advisories/18314/ hylafax-4.2.[2-3]{,nb*} local-command-execution http://secunia.com/advisories/18314/ ap-auth-ldap<1.6.1 arbitrary-code-execution http://secunia.com/advisories/18382/ sudo<1.6.8pl12nb1 privilege-escalation http://secunia.com/advisories/18358/ wine>20000000<20060000 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0106 wine<0.9.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0106 tor<=0.1.1.12-alpha information-disclosure http://archives.seul.org/or/announce/Jan-2006/msg00001.html mantis<1.0.0rc5 cross-site-scripting http://secunia.com/advisories/18434/ tuxpaint<0.9.14nb6 insecure-temp-file http://secunia.com/advisories/18475/ kdelibs<3.5.0nb2 buffer-overflow http://www.kde.org/info/security/advisory-20060119-1.txt php-5.0.[0-9]{,nb*} inject-http-headers http://secunia.com/advisories/18431/ php-5.1.[0-1]{,nb*} inject-http-headers http://secunia.com/advisories/18431/ php5-mysqli>=5.1.0<5.1.2 arbitrary-code-execution http://secunia.com/advisories/18431/ php-5.0.[0-9]{,nb*} cross-site-scripting http://secunia.com/advisories/18431/ php-5.1.[0-1]{,nb*} cross-site-scripting http://secunia.com/advisories/18431/ vmware<5.5.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4459 xpdf<3.01pl2 denial-of-service http://secunia.com/advisories/18303/ xpdf<3.01pl2 arbitrary-code-execution http://secunia.com/advisories/18303/ cups<1.1.23nb8 denial-of-service http://secunia.com/advisories/18332/ cups<1.1.23nb8 arbitrary-code-execution http://secunia.com/advisories/18332/ antiword<0.37nb1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3126 sun-{jdk,jre}15<5.0.4 arbitrary-code-execution http://secunia.com/advisories/17748/ sun-{jdk,jre}14<2.9 arbitrary-code-execution http://secunia.com/advisories/17748/ sun-{jdk,jre}13<1.0.16 arbitrary-code-execution http://secunia.com/advisories/17748/ mailman-2.1.[4-6]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4153 teTeX-bin-1.[0-9]* denial-of-service http://secunia.com/advisories/17916/ teTeX-bin-2.[0-9]* denial-of-service http://secunia.com/advisories/17916/ teTeX-bin<3.0nb6 denial-of-service http://secunia.com/advisories/17916/ teTeX-bin-1.[0-9]* arbitrary-code-execution http://secunia.com/advisories/17916/ teTeX-bin-2.[0-9]* arbitrary-code-execution http://secunia.com/advisories/17916/ teTeX-bin<3.0nb6 arbitrary-code-execution http://secunia.com/advisories/17916/ teTeX-bin-1.[0-9]* denial-of-service http://secunia.com/advisories/18329/ teTeX-bin-2.[0-9]* denial-of-service http://secunia.com/advisories/18329/ teTeX-bin<3.0nb6 denial-of-service http://secunia.com/advisories/18329/ teTeX-bin-1.[0-9]* arbitrary-code-execution http://secunia.com/advisories/18329/ teTeX-bin-2.[0-9]* arbitrary-code-execution http://secunia.com/advisories/18329/ teTeX-bin<3.0nb6 arbitrary-code-execution http://secunia.com/advisories/18329/ apache-2.0.[1-4][0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357 apache-2.0.5[0-4]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357 apache-2.0.55{,nb[1234]} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357 mod-auth-pgsql-[0-9]* format-string http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3656 xine-lib<1.0.3anb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4048 xine-lib<1.0.3anb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4048 mydns-{mysql,pgsql}<1.1.0 denial-of-service http://secunia.com/advisories/18532/ adodb<4.71 sql-injection http://secunia.com/advisories/18575/ ImageMagick<6.2.6.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4601 ImageMagick<6.2.6.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0082 libast<0.6.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0224 png-1.2.[67]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0481 png-1.0.1[67]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0481 p5-Mail-Audit<1.21nb2 privilege-escalation http://secunia.com/advisories/18656/ kdegraphics<3.5.0nb2 arbitrary-code-execution http://www.kde.org/info/security/advisory-20060202-1.txt kdegraphics-3.5.1 arbitrary-code-execution http://www.kde.org/info/security/advisory-20060202-1.txt heimdal<0.7.2 privilege-escalation http://www.pdc.kth.se/heimdal/advisory/2006-02-06/ firefox{,-bin,-gtk1}-1.5 remote-code-execution http://www.mozilla.org/security/announce/mfsa2006-04.html libtool-base<1.5.18nb7 insecure-temp-files http://lists.gnu.org/archive/html/libtool/2005-12/msg00076.html php>=5<5.1.0 inject-smtp-headers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3883 php<4.4.2 inject-smtp-headers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3883 openssh<4.3.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0225 gnutls<1.2.10 denial-of-service http://secunia.com/advisories/18794/ gnutls-1.3.[0-3]{,nb*} denial-of-service http://secunia.com/advisories/18794/ libtasn1<0.2.18 denial-of-service http://secunia.com/advisories/18794/ sun-{jdk,jre}15<5.0.6 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2006-0614 sun-{jdk,jre}14<2.10 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2006-0614 sun-{jdk,jre}13<1.0.17 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2006-0614 sun-{jdk,jre}15<5.0.6 remote-code-execution http://secunia.com/advisories/18762/ adzap<20060129 denial-of-service http://secunia.com/advisories/18771/ pam-mysql<0.6.2 arbitrary-code-execution http://secunia.com/advisories/18598/ exim<3.36nb6 arbitrary-code-execution http://secunia.com/advisories/16502/ exim>=4.0<4.53 arbitrary-code-execution http://secunia.com/advisories/16502/ noweb<2.9anb3 insecure-temp-files http://secunia.com/advisories/18809/ honeyd<1.0nb2 remote-information-exposure http://www.honeyd.org/adv.2006-01 honeyd>=1.1<1.5 remote-information-exposure http://www.honeyd.org/adv.2006-01 lighttpd<1.4.9 remote-information-exposure http://secunia.com/product/4661/ gnupg<1.4.2.1 verification-bypass http://secunia.com/advisories/18845/ dovecot>0.99.99<1.0beta3 denial-of-service http://secunia.com/advisories/18870/ tin<1.8.1 buffer-overflow ftp://ftp.tin.org/pub/news/clients/tin/stable/CHANGES opera<8.52 www-address-spoof http://secunia.com/advisories/17571/ bugzilla<2.20.1 sql-injection http://www.securityfocus.com/archive/1/425584/30/0/threaded bugzilla<2.20.1 cross-site-scripting http://www.securityfocus.com/archive/1/425584/30/0/threaded bugzilla<2.20.1 information-exposure http://www.securityfocus.com/archive/1/425584/30/0/threaded postgresql73-server<7.3.14 denial-of-service http://secunia.com/advisories/18890/ postgresql74-server<7.4.12 denial-of-service http://secunia.com/advisories/18890/ postgresql80-server<8.0.7 denial-of-service http://secunia.com/advisories/18890/ postgresql81-server<8.1.3 denial-of-service http://secunia.com/advisories/18890/ postgresql81-server<8.1.3 privilege-escalation http://secunia.com/advisories/18890/ bomberclone<0.11.6nb3 remote-code-execution http://secunia.com/advisories/18914/ libextractor<0.5.10 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3624 snort<2.4.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0839 snort-mysql<2.4.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0839 snort-pgsql<2.4.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0839 monotone<0.25.2 remote-code-execution http://venge.net/monotone/NEWS gnupg<1.4.2.2 incorrect-signature-verification http://lists.gnupg.org/pipermail/gnupg-announce/2006q1/000216.html p5-Crypt-CBC<2.17 weak-encryption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0898 namazu<2.0.16 directory-traversal http://www.namazu.org/security.html.en#dir-traversal base<1.2.2 sql-injection http://sourceforge.net/forum/forum.php?forum_id=529375 drupal<4.6.6 security-bypass http://drupal.org/files/sa-2006-001/advisory.txt drupal<4.6.6 cross-site-scripting http://drupal.org/files/sa-2006-002/advisory.txt drupal<4.6.6 session-fixation http://drupal.org/files/sa-2006-003/advisory.txt drupal<4.6.6 mail-header-injection http://drupal.org/files/sa-2006-004/advisory.txt horde<3.1 information-disclosure http://secunia.com/advisories/19246/ curl-7.15.[0-2]{,nb*} buffer-overflow http://curl.haxx.se/docs/adv_20060320.html xorg-server>=6.9.0<6.9.0nb7 privilege-escalation http://lists.freedesktop.org/archives/xorg/2006-March/013992.html xorg-server>=6.9.0<6.9.0nb7 denial-of-service http://lists.freedesktop.org/archives/xorg/2006-March/013992.html freeradius<1.1.1 denial-of-service http://secunia.com/advisories/19300/ sendmail>=8.13<8.13.5nb2 remote-code-execution http://www.kb.cert.org/vuls/id/834865 sendmail<8.12.11nb2 remote-code-execution http://www.kb.cert.org/vuls/id/834865 phpmyadmin<2.8.0.2 cross-site-scripting http://www.phpmyadmin.net/home_page/downloads.php?relnotes=0 horde>=3.0<3.1.1 remote-code-execution http://lists.horde.org/archives/announce/2006/000271.html {ns,moz-bin,firefox-bin}-flash<7.0.63 remote-code-execution http://www.us-cert.gov/cas/techalerts/TA06-075A.html RealPlayerGold<10.0.7 remote-code-execution http://service.real.com/realplayer/security/03162006_player/en/ p5-CGI-Session<4.09 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1279 p5-CGI-Session<4.09 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1280 samba<3.0.22 insecure-log-files http://www.samba.org/samba/security/CAN-2006-1059.html dia>=0.87<0.94nb6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1550 mantis<1.0.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1577 mysql-server>=3.0<4.1.20 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0903 mysql-server>=5.0<5.0.20nb1 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0903 php>=5.0<5.1.2nb1 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1490 php<4.4.2nb1 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1490 ap-php>=5.0<5.1.2nb6 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1490 ap-php<4.4.2nb6 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1490 freeciv-server<2.0.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0047 lsh<1.4.3nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0353 lsh>=2.0.0<2.0.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0353 lsh<1.4.3nb4 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0353 lsh>=2.0.0<2.0.2 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0353 clamav<0.88.1 denial-of-service http://secunia.com/advisories/19534/ clamav<0.88.1 remote-code-execution http://secunia.com/advisories/19534/ phpmyadmin<2.8.0.3 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-1 mailman<2.1.8rc1 cross-site-scripting http://secunia.com/advisories/19558/ mplayer<1.0rc7nb10 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0579 gmplayer<1.0rc7nb6 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0579 mencoder<1.0rc7nb4 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0579 xscreensaver<4.16 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1294 xscreensaver<4.16 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2655 php>=5.0<5.1.2nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0996 php<4.4.2nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0996 ap-php>=5.0<5.1.2nb6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0996 ap-php<4.4.2nb6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0996 php>=5.0<5.1.2nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 php<4.4.2nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 ap-php>=5.0<5.1.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 ap-php<4.4.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 ap{,13,2,22}-php{,5,53,54}>=5.0<5.1.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 ap{,13,2,22}-php{,4}<4.4.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 php>=5.0<5.1.2nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608 php<4.4.2nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608 ap-php>=5.0<5.1.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608 ap-php<4.4.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608 ap{,13,2,22}-php{,5,53,54}>=5.0<5.1.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608 ap{,13,2,22}-php{,4}<4.4.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608 firefox{,-bin,-gtk1}>=1.5<1.5.0.2 ui-spoofing http://www.mozilla.org/security/announce/2006/mfsa2006-29.html seamonkey{,-bin,-gtk1}<1.0.1 ui-spoofing http://www.mozilla.org/security/announce/2006/mfsa2006-29.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 security-bypass http://www.mozilla.org/security/announce/2006/mfsa2006-28.html seamonkey{,-bin,-gtk1}<1.0.1 security-bypass http://www.mozilla.org/security/announce/2006/mfsa2006-28.html thunderbird{,-bin,-gtk1}<1.5.0.2 security-bypass http://www.mozilla.org/security/announce/2006/mfsa2006-28.html firefox{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html thunderbird{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html thunderbird{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html seamonkey{,-bin,-gtk1}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html mozilla{,-bin,-gtk2}<1.7.13 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html firefox{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html thunderbird{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html thunderbird{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html seamonkey{,-bin,-gtk1}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html mozilla{,-bin,-gtk2}<1.7.13 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html firefox{,-bin,-gtk1}<1.0.8 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-23.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-23.html seamonkey{,-bin,-gtk1}<1.0.1 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-23.html mozilla{,-bin,-gtk2}<1.7.13 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-23.html firefox{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html thunderbird{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html thunderbird{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html seamonkey{,-bin,-gtk1}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html mozilla{,-bin,-gtk2}<1.7.13 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-20.html seamonkey{,-bin,-gtk1}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-20.html thunderbird{,-bin,-gtk1}<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-20.html phpmyadmin<2.8.0.4 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-2 amaya<9.5 remote-code-execution http://secunia.com/advisories/19670/ cy2-digestmd5<2.1.20nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1721 xzgv<0.8.0.1nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1060 xine-ui<0.99.2nb5 remote-code-execution http://secunia.com/advisories/19671/ xine-ui-0.99.4{,nb1} remote-code-execution http://secunia.com/advisories/19671/ ethereal<0.99.0 remote-code-execution http://www.ethereal.com/docs/release-notes/ethereal-0.99.0.html trac<0.9.5 cross-site-scripting http://jvn.jp/jp/JVN%2384091359/ ja-trac<0.9.5.1 cross-site-scripting http://jvn.jp/jp/JVN%2384091359/ i2cbd<2.0_BETA3 denial-of-service http://www.draga.com/~jwise/i2cb/ adodb<4.72 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0806 squirrelmail<1.4.6 cross-site-scripting http://secunia.com/advisories/18985/ squirrelmail<1.4.6 imap-injection http://secunia.com/advisories/18985/ unrealircd<3.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1214 firefox{,-gtk1}>=1.5<1.5.0.2nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1993 firefox-bin>=1.5<1.5.0.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1993 clamav<0.88.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1989 asterisk<1.2.7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1827 cgiirc<0.5.8 remote-code-execution http://secunia.com/advisories/19922/ miredo<0.8.2 security-bypass http://www.simphalempin.com/dev/miredo/mtfl-sa-0601.shtml.en xorg-server>=6.8.0<6.9.0nb10 remote-code-execution http://lists.freedesktop.org/archives/xorg/2006-May/015136.html nagios-base<2.3 remote-code-execution https://sourceforge.net/mailarchive/forum.php?thread_id=10297806&forum_id=7890 i2cbd<=2.0_BETA4 denial-of-service http://www.draga.com/~jwise/i2cb/ crossfire-server<1.9.0nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1236 dovecot>0.99.99<1.0beta8 remote-file-listing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2414 php<4.4.2nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1990 php>=5<5.1.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1990 php>=5<5.1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1991 php>=5.1<5.1.4 unknown http://secunia.com/advisories/19927/ phpldapadmin<0.9.8.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2016 mysql-server>=4.0<4.1.19 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1516 mysql-server>=5.0<5.0.21 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1516 mysql-server>=4.0<4.1.19 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517 mysql-server>=5.0<5.0.21 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517 mysql-server>=5.0<5.0.21 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1518 nagios-base<2.3.1 remote-code-execution http://secunia.com/advisories/20123/ quagga<0.98.6 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2223 quagga>0.99<0.99.4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2223 zebra-[0-9]* information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2223 quagga<0.98.6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2224 quagga>0.99<0.99.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2224 zebra-[0-9]* security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2224 quagga<0.98.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2276 quagga>0.99<0.99.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2276 zebra-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2276 tiff<3.8.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0405 tiff<3.8.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-2024 tiff<3.8.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2025 tiff<3.8.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2026 tiff<3.8.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-2120 xine-lib<1.0.3anb8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1664 awstats<6.6 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1945 awstats<6.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2237 quake3arena<1.32c remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2236 quake3arena<1.32c information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2236 quake3server<1.32c information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2236 quake3server-[0-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2875 abcmidi<2006-04-22 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1514 openldap<2.3.22 buffer-overflow http://secunia.com/advisories/20126/ libextractor<0.5.14 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2458 freetype2<2.1.10nb3 remote-code-execution http://secunia.com/advisories/20100/ dia<0.95.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2480 cscope<15.5nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2541 binutils<2.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2362 firefox{,-bin,-gtk1}<1.5.0.5 information-exposure http://secunia.com/advisories/20244/ mozilla{,-bin,-gtk2}-[0-9]* information-exposure http://secunia.com/advisories/20256/ netscape7-[0-9]* security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1942 netscape7-[0-9]* information-exposure http://secunia.com/advisories/20255/ postgresql73-server<7.3.15 sql-injection http://secunia.com/advisories/20231/ postgresql74-server<7.4.13 sql-injection http://secunia.com/advisories/20231/ postgresql80-server<8.0.8 sql-injection http://secunia.com/advisories/20231/ postgresql81-server<8.1.4 sql-injection http://secunia.com/advisories/20231/ drupal<4.6.7 sql-injection http://drupal.org/files/sa-2006-005/advisory.txt drupal<4.6.7 arbitrary-code-execution http://drupal.org/files/sa-2006-006/advisory.txt mpg123<0.59.18nb9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1655 mpg123-esound<0.59.18nb7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1655 mpg123-nas<0.59.18nb10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1655 tor<0.1.1.20 multiple-vulnerabilities http://secunia.com/advisories/20277/ awstats<6.6nb1 security-bypass http://secunia.com/advisories/20164/ drupal-4.7.[0-1]* arbitrary-code-execution http://drupal.org/node/66763 drupal-4.7.[0-1]* cross-site-scripting http://drupal.org/node/66767 drupal<4.6.8 arbitrary-code-execution http://drupal.org/node/66763 drupal<4.6.8 cross-site-scripting http://drupal.org/node/66767 firefox{,-bin,-gtk1}<1.5.0.4 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-31.html thunderbird{,-bin,-gtk1}<1.5.0.4 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-31.html seamonkey{,-bin,-gtk1}<1.0.2 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-31.html firefox{,-bin,-gtk1}<1.5.0.4 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-32.html thunderbird{,-bin,-gtk1}<1.5.0.4 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-32.html seamonkey{,-bin,-gtk1}<1.0.2 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-32.html firefox{,-bin,-gtk1}<1.5.0.4 http-response-smuggling http://www.mozilla.org/security/announce/2006/mfsa2006-33.html thunderbird{,-bin,-gtk1}<1.5.0.4 http-response-smuggling http://www.mozilla.org/security/announce/2006/mfsa2006-33.html seamonkey{,-bin,-gtk1}<1.0.2 http-response-smuggling http://www.mozilla.org/security/announce/2006/mfsa2006-33.html firefox{,-bin,-gtk1}<1.5.0.4 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-34.html seamonkey{,-bin,-gtk1}<1.0.2 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-34.html firefox{,-bin,-gtk1}<1.5.0.4 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-35.html thunderbird{,-bin,-gtk1}<1.5.0.4 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-35.html seamonkey{,-bin,-gtk1}<1.0.2 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-35.html firefox{,-bin,-gtk1}<1.5.0.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-36.html firefox{,-bin,-gtk1}<1.5.0.4 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-37.html thunderbird{,-bin,-gtk1}<1.5.0.4 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-37.html seamonkey{,-bin,-gtk1}<1.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-37.html firefox{,-bin,-gtk1}<1.5.0.4 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-38.html thunderbird{,-bin,-gtk1}<1.5.0.4 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-38.html seamonkey{,-bin,-gtk1}<1.0.2 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-38.html thunderbird{,-bin,-gtk1}<1.5.0.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-40.html seamonkey{,-bin,-gtk1}<1.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-40.html firefox{,-bin,-gtk1}<1.5.0.4 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-41.html seamonkey{,-bin,-gtk1}<1.0.2 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-41.html firefox{,-bin,-gtk1}<1.5.0.4 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-42.html thunderbird{,-bin,-gtk1}<1.5.0.4 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-42.html seamonkey{,-bin,-gtk1}<1.0.2 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-42.html firefox{,-bin,-gtk1}<1.5.0.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-43.html seamonkey{,-bin,-gtk1}<1.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-43.html {ja-,}squirrelmail<1.4.6nb3 remote-file-read http://www.squirrelmail.org/security/issue/2006-06-01 snort{,-mysql,-pgsql}<2.4.5 security-bypass http://secunia.com/advisories/20413/ mysql-server>=4.0<4.1.20 sql-injection http://secunia.com/advisories/20365/ mysql-server>=5.0<5.0.22 sql-injection http://secunia.com/advisories/20365/ base<1.2.5 remote-file-read http://secunia.com/advisories/20300/ asterisk<1.2.9.1 denial-of-service http://www.asterisk.org/node/95 spamassassin<3.1.3 arbitrary-code-execution http://secunia.com/advisories/20430/ tiff<3.8.2nb2 arbitrary-code-execution http://secunia.com/advisories/20488/ firefox{,2}{,-bin,-gtk1}<2.0.0.8 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894 seamonkey{,-bin,-gtk1}<1.1.5 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894 mozilla{,-bin,-gtk2}-[0-9]* remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894 netscape7-[0-9]* remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894 courier-mta<0.53.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2659 gdm<2.8.0.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2452 gdm>=2.14<2.14.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2452 sge<6.0.8 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0408 sge<6.0.8 security-bypass http://secunia.com/advisories/20518/ 0verkill<0.16nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2971 php<4.4.2 arbitrary-code-execution http://pear.php.net/advisory-20051104.txt pear-5.0.[0-9]* arbitrary-code-execution http://pear.php.net/advisory-20051104.txt kadu<0.5.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0768 irssi<0.8.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0458 crossfire-server<1.9.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1010 crossfire-server<1.9.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1010 dropbear<0.48 arbitrary-code-execution http://secunia.com/advisories/18964/ p5-libapreq2<2.07 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0042 amule<2.1.2 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2691 amule<2.1.2 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2692 openttd<0.4.8rc2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1998 openttd<0.4.8rc2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1999 jabberd>=2<2.0s11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1329 unalz<0.55 input-validation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0950 ap{2,22}-py{15,20,21,22,23,24,25,26,27,31}-python<3.2.8 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1095 zoo<2.10.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1269 sylpheed<2.2.6 security-bypass http://secunia.com/advisories/20577/ kiax<0.8.51 remote-code-execution http://secunia.com/advisories/20567/ acroread7<7.0.8 unknown http://www.adobe.com/support/techdocs/327817.html sendmail<8.12.11nb3 denial-of-service http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1173 sendmail>=8.13<8.13.6nb3 denial-of-service http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1173 gd<2.0.33nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2906 arts<1.5.1nb2 local-privilege-escalation http://www.kde.org/info/security/advisory-20060614-2.txt arts>=1.5.2<1.5.3nb1 local-privilege-escalation http://www.kde.org/info/security/advisory-20060614-2.txt kdebase<3.5.1nb4 local-information-exposure http://www.kde.org/info/security/advisory-20060614-1.txt kdebase>=3.5.2<3.5.3nb1 local-information-exposure http://www.kde.org/info/security/advisory-20060614-1.txt horde>=3.0<3.1.1nb2 cross-site-scripting http://secunia.com/advisories/20661/ mutt<1.4.2.1nb7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3242 mutt>=1.5<1.5.11nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3242 chmlib<0.38 remote-file-write http://secunia.com/advisories/20734/ netpbm<10.34 denial-of-service http://secunia.com/advisories/20729/ gnupg<1.4.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3082 gnupg-devel<1.9.20nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3082 opera<9.0 remote-code-execution http://secunia.com/advisories/20787/ opera<9.0 ssl-cert-spoofing http://secunia.com/secunia_research/2006-49/advisory/ php<4.4.2nb3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3011 php>=5.0<5.1.4nb2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3011 emech<3.0.2 denial-of-service http://secunia.com/advisories/20805/ hashcash<1.21 denial-of-service http://secunia.com/advisories/20800/ gftp<2.0.18nb5 buffer-overflow http://cvs.gnome.org/viewcvs/gftp/ChangeLog?rev=1.436&view=markup gftp<2.0.18nb4 buffer-overflow http://cvs.gnome.org/viewcvs/gftp/ChangeLog?rev=1.436&view=markup xine-lib<1.0.3anb10 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2802 php4-curl<4.4.3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2563 php5-curl<5.1.5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2563 sun-{jre,jdk}1{3,4,5}-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2426 png<1.2.12 arbitrary-code-execution http://www.securityfocus.com/bid/18698 openoffice2{,-bin}<2.0.3 security-bypass http://www.openoffice.org/security/CVE-2006-2199.html openoffice2{,-bin}<2.0.3 arbitrary-code-execution http://www.openoffice.org/security/CVE-2006-2198.html openoffice2{,-bin}<2.0.3 buffer-overflow http://www.openoffice.org/security/CVE-2006-3117.html geeklog<1.4.0.3nb2 remote-code-execution http://secunia.com/advisories/20886/ webmin<1.290 remote-information-exposure http://secunia.com/advisories/20892/ phpmyadmin<2.8.1 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1804 phpmyadmin<2.8.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-4 samba<3.0.22nb2 denial-of-service http://www.samba.org/samba/security/CAN-2006-3403.html trac<0.9.6 cross-site-scripting http://secunia.com/advisories/20958/ ja-trac<0.9.6.1 cross-site-scripting http://secunia.com/advisories/20958/ trac<0.9.6 remote-information-exposure http://secunia.com/advisories/20958/ ja-trac<0.9.6.1 remote-information-exposure http://secunia.com/advisories/20958/ {ja-,}squirrelmail<1.4.7 remote-information-exposure http://www.securityfocus.com/bid/17005 geeklog<1.4.0.5 cross-site-scripting http://secunia.com/advisories/21094/ hyperestraier>=0.5.0<1.3.3 cross-site-request-forgeries http://secunia.com/advisories/21049/ ruby18-base<1.8.4nb4 security-bypass http://secunia.com/advisories/21009/ gimp>=2<2.2.12 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3404 gimp>=2.3.0<2.3.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3404 asterisk<1.2.10 denial-of-service http://secunia.com/advisories/21071/ horde>=3.0<3.1.2 cross-site-scripting http://secunia.com/advisories/20954/ zoo<2.10.1nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0855 apache-tomcat>=5.5.0<5.5.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3510 pngcrush<1.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1849 ethereal-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3627 x11vnc<0.8.2 remote-authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2450 wv2<0.2.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2197 apache<1.3.35 cross-site-scripting http://secunia.com/advisories/21172/ apache>2.0<2.0.58 cross-site-scripting http://secunia.com/advisories/21172/ freeciv-server-2.0.[0-8]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3913 libmikmod-3.2.2 arbitrary-code-execution http://secunia.com/advisories/21196/ p5-Net-Server<0.88 denial-of-service http://secunia.com/advisories/21149/ firefox{,-bin,-gtk1}<1.5.0.5 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-44.html seamonkey{,-bin,-gtk1}<1.0.3 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-44.html firefox{,-bin,-gtk1}<1.5.0.5 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-45.html seamonkey{,-bin,-gtk1}<1.0.3 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-45.html firefox{,-bin,-gtk1}<1.5.0.5 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-46.html seamonkey{,-bin,-gtk1}<1.0.3 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-46.html thunderbird{,-bin,-gtk1}<1.5.0.5 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-46.html firefox{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-47.html seamonkey{,-bin,-gtk1}<1.0.3 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-47.html thunderbird{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-47.html firefox{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-48.html seamonkey{,-bin,-gtk1}<1.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-48.html thunderbird{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-48.html seamonkey{,-bin,-gtk1}<1.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-49.html thunderbird{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-49.html firefox{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-50.html seamonkey{,-bin,-gtk1}<1.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-50.html thunderbird{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-50.html firefox{,-bin,-gtk1}<1.5.0.5 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-51.html seamonkey{,-bin,-gtk1}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-51.html thunderbird{,-bin,-gtk1}<1.5.0.5 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-51.html firefox{,-bin,-gtk1}<1.5.0.5 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-52.html seamonkey{,-bin,-gtk1}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-52.html firefox{,-bin,-gtk1}<1.5.0.5 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-53.html seamonkey{,-bin,-gtk1}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-53.html thunderbird{,-bin,-gtk1}<1.5.0.5 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-53.html firefox{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-54.html seamonkey{,-bin,-gtk1}<1.0.3 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-54.html thunderbird{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-54.html firefox{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-55.html seamonkey{,-bin,-gtk1}<1.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-55.html thunderbird{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-55.html firefox{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-56.html seamonkey{,-bin,-gtk1}<1.0.3 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-56.html thunderbird{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-56.html apache<1.3.37 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747 apache>2.0<2.0.59 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747 postfix>=2.2.0<2.2.11 tls-enforcement-bypass http://mail-index.netbsd.org/pkgsrc-changes/2006/08/01/0000.html postfix>=2.3.0<2.3.1 tls-enforcement-bypass http://mail-index.netbsd.org/pkgsrc-changes/2006/07/25/0002.html gnupg<1.4.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3746 suse{,32}_libtiff<10.0nb3 remote-code-execution http://lists.suse.com/archive/suse-security-announce/2006-Aug/0001.html suse{,32}_freetype2<10.0nb3 remote-code-execution http://lists.suse.com/archive/suse-security-announce/2006-Aug/0002.html mysql-server<4.1.21 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4031 mysql-server<4.1.21 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4226 mysql-server>5.0<5.0.24 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4031 mysql-server>5.0<5.0.25 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4226 mysql-server>5.0<5.0.25 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4227 mysql-server>5.0<5.0.36 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1420 mysql-server>5.0<5.0.40 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2583 mysql-server<4.1.22nb1 authenticated-user-table-rename http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2691 mysql-server>5.0<5.0.40 authenticated-user-table-rename http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2691 mysql-server>5.0<5.0.40 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2692 tiff<3.8.2nb3 multiple-vulnerabilities http://secunia.com/advisories/21304/ drupal<4.6.9 cross-site-scripting http://drupal.org/files/sa-2006-011/advisory.txt drupal<4.7.3 cross-site-scripting http://drupal.org/files/sa-2006-011/advisory.txt cfs<1.4.1nb6 denial-of-service http://secunia.com/advisories/21310/ hobbit<4.0b6nb10 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4003 sge-5.[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3941 php>4.0<4.4.3 remote-unknown http://secunia.com/advisories/21328/ clamav<0.88.4 remote-code-execution http://secunia.com/advisories/21374/ php>4.0<4.4.3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4020 php>5.0<5.1.4nb3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4020 lesstif>=0.78<=0.85.3 privilege-escalation http://secunia.com/advisories/21428/ mit-krb5<1.4.2nb3 privilege-escalation http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-001-setuid.txt heimdal<0.7.2nb3 privilege-escalation http://secunia.com/advisories/21436/ bomberclone<0.11.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4005 bomberclone<0.11.7 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4006 {ja-,}squirrelmail<1.4.8 remote-information-exposure http://secunia.com/advisories/21354/ {ja-,}squirrelmail<1.4.8 remote-data-manipulation http://secunia.com/advisories/21354/ ImageMagick<6.2.9.0 arbitrary-code-execution http://secunia.com/advisories/21462/ horde<3.1.3 cross-site-scripting http://secunia.com/advisories/21500/ imp<4.1.3 cross-site-scripting http://secunia.com/advisories/21533/ miredo<0.9.7 denial-of-service http://www.simphalempin.com/dev/miredo/mtfl-sa-0603.shtml.en miredo<0.9.8 unknown http://mail-index.netbsd.org/pkgsrc-changes/2006/08/15/0026.html php<4.4.4 multiple-vulnerabilities http://secunia.com/advisories/21546/ php>5.0<5.1.5 multiple-vulnerabilities http://secunia.com/advisories/21546/ binutils<2.17 arbitrary-code-execution http://secunia.com/advisories/21508/ libwmf<0.2.8.4nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3376 honeyd<1.5b denial-of-service http://secunia.com/advisories/21591/ XFree86-libs<4.4.0nb8 arbitrary-code-execution http://secunia.com/advisories/21446/ xorg-libs<6.9.0nb7 arbitrary-code-execution http://secunia.com/advisories/21450/ xorg-server<6.9.0nb12 arbitrary-code-execution http://secunia.com/advisories/21450/ libtunepimp<0.4.2nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3600 mplayer<1.0rc8 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1502 gmplayer<1.0rc8 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1502 mencoder<1.0rc8 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1502 freetype2<2.2.1nb2 arbitrary-code-execution http://secunia.com/advisories/21450/ wireshark<0.99.3 denial-of-service http://www.wireshark.org/security/wnpa-sec-2006-02.html ethereal>=0.7.9 denial-of-service http://www.wireshark.org/security/wnpa-sec-2006-02.html ImageMagick<6.2.9.1 arbitrary-code-execution http://secunia.com/advisories/21615/ asterisk<1.2.11 remote-code-execution http://secunia.com/advisories/21600/ cscope<15.5nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4262 streamripper<1.61.26 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3124 sendmail>8.13<8.13.8 denial-of-service http://secunia.com/advisories/21637/ musicbrainz<2.1.4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4197 cube-[0-9]* denial-of-service http://aluigi.altervista.org/adv/evilcube-adv.txt cube-[0-9]* remote-code-execution http://aluigi.altervista.org/adv/evilcube-adv.txt zope25-CMFPlone>2.0<2.5 remote-information-modification http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1711 tor<0.1.1.23 denial-of-service http://secunia.com/advisories/21708/ tor<0.1.1.23 bypass-security-restrictions http://secunia.com/advisories/21708/ gtetrinet<0.7.7nb8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3125 openoffice2{,-bin}<2.0.2 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4077 webmin<1.296 cross-site-scripting http://secunia.com/advisories/21690/ webmin<1.296 remote-information-disclosure http://secunia.com/advisories/21690/ gdb>6<6.2.1nb7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4146 gtar-base<1.15.1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0300 gtar-base<1.15.1nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0300 openldap-server<2.3.25 bypass-security-restrictions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4600 openldap<2.3.25 bypass-security-restrictions http://secunia.com/advisories/21721/ mailman<2.1.9rc1 denial-of-service http://secunia.com/advisories/21732/ mailman<2.1.9rc1 cross-site-scripting http://secunia.com/advisories/21732/ sendmail<8.12.11nb4 denial-of-service http://secunia.com/advisories/21637/ bind>9.3<9.3.2nb2 denial-of-service http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en openssl<0.9.7inb2 signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 xorg-libs<6.9.0nb9 arbitrary-code-execution http://www.idefense.com/intelligence/vulnerabilities/display.php?id=411 xorg-libs<6.9.0nb9 arbitrary-code-execution http://www.idefense.com/intelligence/vulnerabilities/display.php?id=412 xorg-clients<6.9.0nb9 privilege-escalation http://secunia.com/advisories/21650/ xorg-libs<6.9.0nb10 privilege-escalation http://secunia.com/advisories/21650/ xorg-server<6.9.0nb13 privilege-escalation http://secunia.com/advisories/21650/ firefox{,-bin,-gtk1}<1.5.0.7 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-57.html thunderbird{,-gtk1}<1.5.0.7 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-57.html seamonkey{,-bin,-gtk1}<1.0.5 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-57.html firefox-bin<1.5.0.7 auto-update-spoof http://www.mozilla.org/security/announce/2006/mfsa2006-58.html firefox{,-bin,-gtk1}<1.5.0.7 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-60.html thunderbird{,-gtk1}<1.5.0.7 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-60.html seamonkey{,-bin,-gtk1}<1.0.5 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-60.html firefox{,-bin,-gtk1}<1.5.0.7 frame-content-spoofing http://www.mozilla.org/security/announce/2006/mfsa2006-61.html seamonkey{,-bin,-gtk1}<1.0.5 frame-content-spoofing http://www.mozilla.org/security/announce/2006/mfsa2006-61.html firefox{,-bin,-gtk1}<1.5.0.7 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-62.html thunderbird{,-gtk1}<1.5.0.7 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-63.html seamonkey{,-bin,-gtk1}<1.0.5 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-63.html {firefox-bin,moz-bin,ns}-flash<7.0.68 remote-code-execution http://www.adobe.com/support/security/bulletins/apsb06-11.html XFree86-libs<4.4.0nb9 arbitrary-code-execution http://secunia.com/advisories/21890/ gnutls<1.4.4 signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4790 gzip-base<1.2.4bnb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4334 gzip-base<1.2.4bnb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335 gzip-base<1.2.4bnb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335 gzip-base<1.2.4bnb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4336 gzip-base<1.2.4bnb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4337 gzip-base<1.2.4bnb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4338 cabextract<1.2 buffer-overflow http://www.kyz.uklinux.net/cabextract.php openssh<4.3.1nb1 denial-of-service http://secunia.com/advisories/22091/ openssl<0.9.7inb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2006-4343 opera<9.02 signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 opera<9.02 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4819 wireshark<0.99.2 denial-of-service http://www.wireshark.org/security/wnpa-sec-2006-01.html wireshark<0.99.2 arbitrary-code-execution http://www.wireshark.org/security/wnpa-sec-2006-01.html phpmyadmin<2.9.0.1 cross-site-request-forgery http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-5 ffmpeg-0.4.* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800 mono<1.1.13.8.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5072 php-4.[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5178 php-5.[01]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5178 php<4.3.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4812 php>5.0<5.1.6nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4812 php<4.4.4nb2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4625 php>5.0<5.1.6nb2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4625 openssh<4.3.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4924 openssh+gssapi<4.4 valid-account-enumeration http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5052 openssh+gssapi<4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5051 bugzilla<2.22.1 cross-site-scripting http://www.bugzilla.org/security/2.18.5/ bugzilla<2.22.1 information-leakage http://www.bugzilla.org/security/2.18.5/ asterisk<1.2.13 remote-code-execution http://www.asterisk.org/node/109 drupal<4.7.4 cross-site-scripting http://drupal.org/files/sa-2006-024/advisory.txt drupal<4.7.4 cross-site-request-forgeries http://drupal.org/files/sa-2006-025/advisory.txt drupal<4.7.4 html-attribute-injection http://drupal.org/files/sa-2006-026/advisory.txt postgresql73-server<7.3.16 denial-of-service http://www.postgresql.org/about/news.664 postgresql74-server<7.4.14 denial-of-service http://www.postgresql.org/about/news.664 postgresql80-server<8.0.9 denial-of-service http://www.postgresql.org/about/news.664 postgresql81-server<8.1.5 denial-of-service http://www.postgresql.org/about/news.664 qt3-libs<3.3.6nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4811 qt4-libs<4.1.5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4811 sge<6.0.11 denial-of-service http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1 milter-greylist-3.0rc[45] denial-of-service http://mail-index.netbsd.org/pkgsrc-changes/2006/10/27/0006.html ingo<1.1.2 procmail-local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5449 screen<4.0.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4573 wireshark<0.99.4 denial-of-service http://www.wireshark.org/security/wnpa-sec-2006-03.html mutt<1.4.2.2nb3 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5297 mutt<1.4.2.2nb1 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5298 mutt>=1.5.0<1.5.13nb2 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5297 mutt>=1.5.0<1.5.13nb1 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5298 ruby18-base<1.8.5nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5467 php>=5.0<5.1.6nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5465 php>=4.0<4.4.4nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5465 phpmyadmin<2.9.0.3 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-6 milter-greylist<3.0rc7 denial-of-service http://mail-index.netbsd.org/pkgsrc-changes/2006/11/07/0024.html firefox{,-bin,-gtk1}<1.5.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-65.html thunderbird{,-gtk1}<1.5.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-65.html seamonkey{,-bin,-gtk1}<1.0.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-65.html firefox{,-bin,-gtk1}<1.5.0.8 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-66.html thunderbird{,-gtk1}<1.5.0.8 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-66.html seamonkey{,-bin,-gtk1}<1.0.6 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-66.html firefox{,-bin,-gtk1}<1.5.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-67.html thunderbird{,-gtk1}<1.5.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-67.html seamonkey{,-bin,-gtk1}<1.0.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-67.html libarchive<1.3.1 denial-of-service http://security.freebsd.org/advisories/FreeBSD-SA-06:24.libarchive.asc openssh<4.5.1 security-bypass http://secunia.com/advisories/22771/ trac<0.10.2 cross-site-request-forgeries http://trac.edgewall.org/ticket/4049 ja-trac<0.10.0.2 cross-site-request-forgeries http://trac.edgewall.org/ticket/4049 ja-trac<0.10.0.3 cross-site-request-forgeries http://trac.edgewall.org/ticket/4049 ja-trac>=0.10.1.1<0.10.2.1 cross-site-request-forgeries http://trac.edgewall.org/ticket/4049 png<1.2.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793 suse{,32}_libpng<10.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793 proftpd<1.3.0nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5815 gv<3.6.2nb1 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5864 gtexinfo<4.8nb6 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4810 dovecot>0.99.99<1.0rc7nb1 buffer-overflow http://www.dovecot.org/list/dovecot-news/2006-November/000023.html dovecot>=1.0rc8<1.0rc15 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5973 phpmyadmin<2.9.1.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-7 phpmyadmin<2.9.1.1 information-leakage http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-8 phpmyadmin<2.9.1.1 weak-acl-enforcement http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-9 fvwm>=2.4<2.4.19nb4 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5969 fvwm>=2.5<2.5.18nb1 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5969 imlib2<1.3.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4806 imlib2<1.3.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4807 imlib2<1.3.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4808 imlib2<1.3.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4809 openldap-client<2.3.27nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5779 openldap-server<2.3.27nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5779 gnupg<1.4.5nb1 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html gnupg2<2.0.0nb3 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html gnupg-devel<1.9.22nb1 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html gnupg-devel>=1.9.23 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html lha<114.9nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335 lha<114.9nb3 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335 lha<114.9nb3 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4337 lha<114.9nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4338 gtar-base<1.15.1nb4 overwrite-arbitrary-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6097 libgsf<1.14.3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4514 tnftpd<20040810nb1 remote-code-execution http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051009.html kdegraphics<=3.5.4 denial-of-service http://www.kde.org/info/security/advisory-20061129-1.txt kdegraphics>=3.1.0<=3.5.5 denial-of-service http://www.kde.org/info/security/advisory-20061129-1.txt links{,-gui}<2.1.0.26 remote-command-execution http://secunia.com/advisories/22905/ elinks<0.11.2 remote-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5925 kile<1.9.3 local-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6085 evince<0.6.1nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5864 {ja-,}squirrelmail<1.4.9a cross-site-scripting http://secunia.com/advisories/23195/ xine-lib<=1.1.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2200 xine-lib<1.1.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6172 xine-lib<1.1.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800 mplayer<1.0rc8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800 gmplayer<1.0rc8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800 mencoder<1.0rc8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800 koffice-1.4.[0-9]* code-execution http://www.kde.org/info/security/advisory-20061205-1.txt koffice-1.6.0 code-execution http://www.kde.org/info/security/advisory-20061205-1.txt fprot-workstation-bin<4.6.7 denial-of-service http://www.securityfocus.com/bid/21420 ruby18-base<1.8.5.20061205 denial-of-service http://www.securityfocus.com/bid/21441 gnupg<1.4.6 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000246.html gnupg2<2.0.0nb4 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000246.html gnupg-devel-[0-9]* buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000246.html ImageMagick<6.3.0.3 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5456 GraphicsMagick<1.1.7 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5456 proftpd<1.3.0a remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6171 wv<1.2.3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4513 net-snmp>=5.3<5.3.0.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-6305 kronolith<2.1.4 local-file-inclusion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6175 clamav<0.88.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6481 mantis<1.0.8 remote-information-disclosure http://secunia.com/advisories/23258/ sylpheed<2.2.6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2920 sylpheed-claws<2.2.2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2920 tor<0.1.1.26 privacy-leak http://archives.seul.org/or/announce/Dec-2006/msg00000.html dbus<0.92nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6107 dbus>=1.0<1.0.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6107 gdm<2.16.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6105 {firefox-bin,moz-bin,ns}-flash<7.0.69 inject-http-headers http://www.adobe.com/support/security/bulletins/apsb06-18.html clamav<0.88.5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4182 clamav<0.88.5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5295 libksba<0.9.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5111 libmodplug<0.8.4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4192 firefox{,-bin,-gtk1}<1.5.0.9 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-68.html firefox{,-bin,-gtk1}<1.5.0.9 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-70.html firefox{,-bin,-gtk1}<1.5.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-72.html firefox{,-bin,-gtk1}>=1.5.0.4<1.5.0.9 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-73.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-68.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-70.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-72.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-73.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 rss-referer-leak http://www.mozilla.org/security/announce/2006/mfsa2006-75.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-76.html thunderbird{,-gtk1}<1.5.0.9 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-68.html thunderbird{,-gtk1}<1.5.0.9 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-70.html thunderbird{,-gtk1}<1.5.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-72.html thunderbird{,-gtk1}<1.5.0.9 heap-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-74.html seamonkey{,-bin,-gtk1}<1.0.7 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-68.html seamonkey{,-bin,-gtk1}<1.0.7 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-70.html seamonkey{,-bin,-gtk1}<1.0.7 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-72.html seamonkey{,-bin,-gtk1}<1.0.7 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-73.html seamonkey{,-bin,-gtk1}<1.0.7 heap-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-74.html pam-ldap<183 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-5170 mono<1.2.2 source-code-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6104 sun-{jdk,jre}13<1.0.19 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102732-1 sun-{jdk,jre}14<2.13 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102732-1 sun-{jdk,jre}15<5.0.7 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102732-1 sun-{jdk,jre}13<1.0.19 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102729-1 sun-{jdk,jre}14<2.13 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102729-1 sun-{jdk,jre}15<5.0.8 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102729-1 sun-{jdk,jre}13<1.0.19 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102731-1 sun-{jdk,jre}14<2.13 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102731-1 sun-{jdk,jre}15<5.0.8 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102731-1 w3m<0.5.1nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6772 miredo<1.0.6 authentication-spoofing http://www.simphalempin.com/dev/miredo/mtfl-sa-0604.shtml.en fetchmail<6.3.6 password-disclosure http://www.fetchmail.info/fetchmail-SA-2006-02.txt fetchmail-6.3.5* denial-of-service http://www.fetchmail.info/fetchmail-SA-2006-03.txt drupal<4.7.5 cross-site-scripting http://drupal.org/files/sa-2007-001/advisory.txt drupal<4.7.5 denial-of-service http://drupal.org/files/sa-2007-002/advisory.txt bzip2<1.0.4 permissions-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0953 gtexinfo-4.8nb6 buffer-overflow http://mail-index.netbsd.org/pkgsrc-changes/2007/01/08/0037.html opera<8.10 remote-code-execution http://secunia.com/advisories/23613/ acroread7<7.0.9 cross-site-scripting http://www.adobe.com/support/security/advisories/apsa07-01.html vlc<0.8.6a arbitrary-code-execution http://www.videolan.org/sa0701.html modular-xorg-server<1.1.1nb1 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6101 modular-xorg-server<1.1.1nb1 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6102 modular-xorg-server<1.1.1nb1 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6103 xorg-server<6.9.0nb14 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6101 xorg-server<6.9.0nb14 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6102 xorg-server<6.9.0nb14 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6103 mplayer<1.0rc9nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6172 gmplayer<1.0rc9nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6172 mencoder<1.0rc9nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6172 kdenetwork<3.5.5nb1 denial-of-service http://www.kde.org/info/security/advisory-20070109-1.txt kdegraphics>=3.2.0<=3.5.5nb1 denial-of-service http://www.kde.org/info/security/advisory-20070115-1.txt koffice>=1.2<=1.6.1nb1 denial-of-service http://www.kde.org/info/security/advisory-20070115-1.txt mit-krb5<1.4.2nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6143 bind>=9.0<9.3.4 denial-of-service http://marc.theaimsgroup.com/?l=bind-announce&m=116968519321296&w=2 bind>=9.0<9.3.4 denial-of-service http://marc.theaimsgroup.com/?l=bind-announce&m=116968519300764&w=2 py{15,20,21,22,23,24,25,26,27,31}-django<0.95.1 privilege-escalation http://secunia.com/advisories/23826/ squid<2.6.7 denial-of-service http://secunia.com/advisories/23767/ rubygems<0.9.0nb2 overwrite-arbitrary-files http://www.frsirt.com/english/advisories/2007/0295 ap{,13,2,22}-auth-kerb<5.3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5989 drupal<4.7.6 remote-code-execution http://drupal.org/node/113935 bugzilla<2.22.2 cross-site-scripting http://www.bugzilla.org/security/2.20.3/ wireshark<0.99.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0456 wireshark<0.99.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0457 wireshark<0.99.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0458 wireshark<0.99.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0459 samba<3.0.24 denial-of-service http://samba.org/samba/security/CVE-2007-0452.html samba<3.0.24 solaris-buffer-overflow http://samba.org/samba/security/CVE-2007-0453.html samba<3.0.24 vfs-format-string http://samba.org/samba/security/CVE-2007-0454.html kdelibs<3.5.6nb2 cross-site-scripting http://www.kde.org/info/security/advisory-20070206-1.txt poppler<0.5.4nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0104 php>5<5.2.1 bypass-security-restrictions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0905 php>5<5.2.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906 php>5<5.2.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906 php>5<5.2.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0907 php>5<5.2.1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0908 php>5<5.2.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0909 php>5<5.2.1 unspecified-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0910 snort{,-mysql,-pgsql}<2.6.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6931 clamav<0.90 denial-of-service http://secunia.com/advisories/24187/ spamassassin<3.1.8 denial-of-service http://secunia.com/advisories/24197/ mimedefang>=2.59<=2.60 denial-of-service http://secunia.com/advisories/24133/ mimedefang>=2.59<=2.60 remote-code-execution http://secunia.com/advisories/24133/ libsoup-devel<2.2.99 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5876 gd<2.0.34 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0455 rar-bin<3.7beta1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0855 unrar<3.7.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0855 xine-ui<0.99.4nb8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0254 amarok<1.4.5nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6979 snort>=2.6.1<2.6.1.3 remote-code-execution http://www.snort.org/docs/advisory-2007-02-19.html firefox{,-bin,-gtk1}<1.5.0.10 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-01.html firefox{,-bin,-gtk1}>=2.0<2.0.0.2 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-01.html seamonkey{,-bin,-gtk1}<1.0.8 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-01.html seamonkey{,-bin,-gtk1}>=1.1<1.1.1 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-01.html firefox{,-bin,-gtk1}-1.5.0.10 ssl-buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-06.html thunderbird{,-gtk1}-1.5.0.10 ssl-buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-06.html seamonkey{,-bin,-gtk1}<1.0.8 ssl-buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-06.html seamonkey{,-bin,-gtk1}>=1.1<1.1.1 ssl-buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-06.html nss<3.11.5 ssl-buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-06.html firefox{,-bin,-gtk1}<1.5.0.10 hostname-forgery http://www.mozilla.org/security/announce/2007/mfsa2007-07.html firefox{,-bin,-gtk1}>=2.0<2.0.0.2 hostname-forgery http://www.mozilla.org/security/announce/2007/mfsa2007-07.html seamonkey{,-bin,-gtk1}<1.0.8 hostname-forgery http://www.mozilla.org/security/announce/2007/mfsa2007-07.html firefox{,-bin,-gtk1}-1.5.0.9 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-08.html firefox{,-bin,-gtk1}-2.0.0.1 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-08.html seamonkey{,-bin,-gtk1}<1.0.8 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-08.html seamonkey{,-bin,-gtk1}>=1.1<1.1.1 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-08.html firefox{,-bin,-gtk1}<1.5.0.10 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-09.html firefox{,-bin,-gtk1}>=2.0<2.0.0.2 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-09.html seamonkey{,-bin,-gtk1}<1.0.8 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-09.html seamonkey{,-bin,-gtk1}>=1.1<1.1.1 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-09.html seamonkey{,-bin,-gtk1}<1.0.8 buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-10.html seamonkey{,-bin,-gtk1}>=1.1<1.1.1 buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-10.html thunderbird{,-gtk1}<1.5.0.10 buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-10.html php<4.4.6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906 silc-server<1.0.3 denial-of-service http://silcnet.org/general/news/?item=security_20070306_1 trac<0.10.3.1 cross-site-scripting http://trac.edgewall.org/wiki/ChangeLog#a0.10.3.1 ja-trac<0.10.3.1.1 cross-site-scripting http://trac.edgewall.org/wiki/ChangeLog#a0.10.3.1 p5-CGI-Session<4.12 sql-injection http://osdir.com/ml/lang.perl.modules.cgi-session.user/2006-04/msg00004.html horde<3.1.4 cross-site-scripting http://lists.horde.org/archives/announce/2007/000315.html horde<3.1.4 arbitrary-file-removal http://lists.horde.org/archives/announce/2007/000315.html libwpd<0.8.9 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0002 phpmyadmin<2.10.0.2 denial-of-service http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-3 squid<2.6.12 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2007_1.txt zope29<2.9.4nb4 privilege-escalation http://www.zope.org/Products/Zope/Hotfix-2007-03-20/ openafs<1.4.4 privilege-escalation http://www.openafs.org/security/OPENAFS-SA-2007-001.txt asterisk<1.2.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1306 asterisk<1.2.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1561 file<4.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536 dovecot<1.0rc15nb1 access-validation-bypass http://www.dovecot.org/list/dovecot-news/2007-March/000038.html dovecot>=1.0rc16<1.0rc29 access-validation-bypass http://www.dovecot.org/list/dovecot-news/2007-March/000038.html xorg-server<1.2.0nb2 memory-corruption http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html libXfont<1.2.7nb1 memory-corruption http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html libX11<1.1.1nb1 memory-corruption http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html qt3-libs<3.3.8nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0242 qt4-libs<4.2.3nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0242 kdelibs<3.5.6nb3 information-disclosure http://www.kde.org/info/security/advisory-20070326-1.txt openoffice2<2.1.0nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0002 openoffice2<2.1.0nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0238 openoffice2<2.1.0nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0239 openoffice<2.1.0nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1466 openoffice2-bin<2.2.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0002 openoffice2-bin<2.2.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0238 openoffice2-bin<2.2.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0239 openoffice2-bin<2.2.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1466 freetype2<2.3.2nb1 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351 xmms<1.2.10nb8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0653 ipsec-tools<0.6.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1841 fetchmail<6.3.8 password-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558 lighttpd<1.4.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1870 lighttpd<1.4.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1869 opera<9.20 cross-site-scripting http://www.opera.com/support/search/view/855/ opera<9.20 unknown-impact http://www.opera.com/support/search/view/858/ bind>=9.4.0<9.4.1 denial-of-service http://www.isc.org/index.pl?/sw/bind/bind-security.php postgresql73-server<7.3.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 postgresql73-server<7.3.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556 postgresql74-server<7.4.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 postgresql74-server<7.4.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556 postgresql80-server<8.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 postgresql80-server<8.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556 postgresql81-server<8.1.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 postgresql81-server<8.1.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556 postgresql82-server<8.2.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 postgresql82-server<8.2.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556 postgresql74-server<7.4.17 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138 postgresql80-server<8.0.13 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138 postgresql81-server<8.1.9 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138 postgresql82-server<8.2.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138 php4-gd<4.4.6nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1001 php5-gd<5.2.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1001 zziplib<0.10.82nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1614 squirrelmail<=1.4.10 cross-site-scripting http://www.squirrelmail.org/security/issue/2007-05-09 squirrelmail<=1.4.10 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1262 ja-squirrelmail<=1.4.10 cross-site-scripting http://www.squirrelmail.org/security/issue/2007-05-09 ja-squirrelmail<=1.4.10 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1262 zoo<2.10.1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1669 php4-mssql<4.4.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1411 php5-mssql<5.2.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1411 samba>=3.0.23d<3.0.24nb2 privilege-elevation http://www.samba.org/samba/security/CVE-2007-2444.html samba>=3.0.0<3.0.24nb2 remote-code-execution http://www.samba.org/samba/security/CVE-2007-2446.html samba>=3.0.0<3.0.24nb2 remote-command-execution http://www.samba.org/samba/security/CVE-2007-2447.html php{4,5}-pear<1.5.4 arbitrary-code-execution http://pear.php.net/advisory-20070507.txt clamav<0.90.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1997 clamav<0.90.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2029 png<1.2.17 denial-of-service http://secunia.com/advisories/25292/ quagga<0.98.6nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1995 quagga>0.99<0.99.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1995 freetype2<2.3.2nb2 arbitrary-code-execution https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240200 freetype2>=2.3.3<2.3.4nb1 arbitrary-code-execution https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240200 ap{2,22}-modsecurity{,2}>2<2.1.1 bypass-request-rules http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1359 gimp>2.2<2.2.13nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2356 gimp-base<1.2.5nb7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2356 gimp-2.2.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2356 eggdrop<=1.6.17nb1 arbitrary-code-execution http://www.eggheads.org/bugzilla/show_bug.cgi?id=462 mutt<1.4.2.3 password-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558 mutt<1.4.2.3 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2683 ap{,2,22}-jk<1.2.23 directory-traversal http://tomcat.apache.org/connectors-doc/news/20070301.html#20070518.1 ap{,2,22}-jk>=1.2.19<=1.2.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0774 apache-tomcat<=5.5.17 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7195 apache-tomcat<5.5.22 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450 jakarta-tomcat4<=4.1.24 http-response-smuggling http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090 jakarta-tomcat5<=5.0.19 http-response-smuggling http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090 firefox{,-bin,-gtk1}<1.5.0.12 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html firefox{,-bin,-gtk1}>=2.0<2.0.0.4 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html thunderbird{,-gtk1}<1.5.0.12 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html thunderbird{,-gtk1}>=2.0<2.0.0.4 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html seamonkey{,-bin,-gtk1}<1.0.9 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html seamonkey{,-bin,-gtk1}>=1.1<1.1.2 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html thunderbird{,-gtk1}<1.5.0.12 password-exposure http://www.mozilla.org/security/announce/2007/mfsa2007-15.html thunderbird{,-gtk1}>=2.0<2.0.0.4 password-exposure http://www.mozilla.org/security/announce/2007/mfsa2007-15.html seamonkey{,-bin,-gtk1}<1.0.9 password-exposure http://www.mozilla.org/security/announce/2007/mfsa2007-15.html seamonkey{,-bin,-gtk1}>=1.1<1.1.2 password-exposure http://www.mozilla.org/security/announce/2007/mfsa2007-15.html firefox{,-bin,-gtk1}<1.5.0.12 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-16.html firefox{,-bin,-gtk1}>=2.0<2.0.0.4 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-16.html seamonkey{,-bin,-gtk1}<1.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-16.html seamonkey{,-bin,-gtk1}>=1.1<1.1.2 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-16.html clamav<0.90.3 buffer-overflows http://lurker.clamav.net/message/20070530.224918.5c64abc4.en.html apache>=2.2.4<2.2.4nb4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1862 php>5.0<5.2.3nb1 integer-overflow http://www.php.net/ChangeLog-5.php#5.2.3 php>5.0<5.2.3 denial-of-service http://www.php.net/ChangeLog-5.php#5.2.3 php>5.0<5.2.3 filtering-bypass http://www.php.net/ChangeLog-5.php#5.2.3 mplayer<1.0rc9nb7 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2948 gmplayer<1.0rc9nb2 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2948 spamassassin<3.1.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2873 spamassassin-3.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2873 file<4.21 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2799 mecab-base<0.96 buffer-overflows http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3231 gnupg<1.4.7 signature-spoof http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1263 openoffice2{,-bin}<2.2.1 arbitrary-code-execution http://www.openoffice.org/security/CVE-2007-0245.html openoffice2-bin<2.2.1 arbitrary-code-execution http://www.openoffice.org/security/CVE-2007-2754.html ktorrent<2.1.2 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1385 vlc>0.8<0.8.5nb6 format-string http://www.videolan.org/sa0702.html vlc<0.7.2nb17 format-string http://www.videolan.org/sa0702.html bitchx<1.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3360 xvidcore<1.1.2nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3329 evolution-data-server<1.10.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3257 proftpd<1.3.1rc2nb1 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2165 apache<1.3.37nb2 cross-site-scripting http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5752 apache<1.3.37nb2 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3304 apache>=2.0<2.0.59nb6 cross-site-scripting http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5752 apache>=2.0<2.0.59nb6 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1863 apache>=2.2.0<2.2.4nb6 cross-site-scripting http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5752 apache>=2.2.0<2.2.4nb6 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3304 apache>=2.2.0<2.2.4nb6 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-1863 flac123<0.0.10 arbitrary-code-execution http://www.isecpartners.com/advisories/2007-002-flactools.txt phpmyadmin<2.9.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-2 phpmyadmin<2.9.2 http-response-splitting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-1 phpmyadmin<2.10.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-4 p5-Net-DNS<0.60 domain-name-spoofing http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3377 p5-Net-DNS<0.60 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3409 gimp>2.2<2.2.15nb2 arbitrary-code-execution http://secunia.com/secunia_research/2007-63/advisory/ gimp-base<1.2.5nb6 arbitrary-code-execution http://secunia.com/secunia_research/2007-63/advisory/ gimp>2.3<2.3.18nb1 arbitrary-code-execution http://secunia.com/secunia_research/2007-63/advisory/ libarchive<1.3.1nb1 infinite-loop http://security.freebsd.org/advisories/FreeBSD-SA-07:05.libarchive.asc libarchive<1.3.1nb1 null-dereference http://security.freebsd.org/advisories/FreeBSD-SA-07:05.libarchive.asc libarchive<1.3.1nb1 arbitrary-code-execution http://security.freebsd.org/advisories/FreeBSD-SA-07:05.libarchive.asc clamav<0.91 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3725 centericq<4.21.0nb5 arbitrary-code-execution http://www.leidecker.info/advisories/07-06-07_centericq_bof.txt ipcalc<0.41 cross-site-scripting http://jodies.de/ipcalc-archive/ipcalc-0.40/ipcalc-security.html lighttpd<1.4.14 denial-of-service http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_01.txt lighttpd<1.4.15 denial-of-service http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_02.txt lighttpd<1.4.16 denial-of-service http://www.lighttpd.net/assets/2007/7/24/lighttpd_sa2007_03.txt lighttpd<1.4.16 arbitrary-code-execution http://www.lighttpd.net/assets/2007/7/24/lighttpd_sa2007_04.txt lighttpd<1.4.16 denial-of-service http://www.lighttpd.net/assets/2007/7/24/lighttpd_sa2007_05.txt lighttpd<1.4.16 arbitrary-code-execution http://www.lighttpd.net/assets/2007/7/24/lighttpd_sa2007_06.txt lighttpd<1.4.16 privacy-leak http://www.lighttpd.net/assets/2007/7/24/lighttpd_sa2007_08.txt firefox{,-bin,-gtk1}<2.0.0.5 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-18.html thunderbird{,-gtk1}<1.5.0.13 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-18.html thunderbird{,-gtk1}>=2.0<2.0.0.5 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-18.html firefox{,-bin,-gtk1}<2.0.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-19.html firefox{,-bin,-gtk1}<2.0.0.5 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-21.html firefox{,-bin,-gtk1}<2.0.0.5 unauthorized-access http://www.mozilla.org/security/announce/2007/mfsa2007-24.html seamonkey{,-bin,-gtk1}<1.1.3 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-18.html seamonkey{,-bin,-gtk1}<1.1.3 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-19.html seamonkey{,-bin,-gtk1}<1.1.3 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-21.html seamonkey{,-bin,-gtk1}<1.1.3 unauthorized-access http://www.mozilla.org/security/announce/2007/mfsa2007-24.html drupal>=5<5.2 cross-site-request-forgeries http://drupal.org/node/162360 drupal>=5<5.2 cross-site-scripting http://drupal.org/node/162361 bind>9.4.0<9.4.1pl1 weak-default-acls http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925 bind>9.4.0<9.4.1pl1 cryptographically-weak-query-ids http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926 firefox{,-bin,-gtk1}<2.0.0.6 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-26.html thunderbird{,-gtk1}<1.5.0.13 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-26.html thunderbird{,-gtk1}>=2.0<2.0.0.6 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-26.html seamonkey{,-bin,-gtk1}<1.1.4 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-26.html firefox{,-bin,-gtk1}<2.0.0.6 command-injection http://www.mozilla.org/security/announce/2007/mfsa2007-27.html thunderbird{,-gtk1}>=2.0<1.5.0.13 command-injection http://www.mozilla.org/security/announce/2007/mfsa2007-27.html thunderbird{,-gtk1}>=2.0<2.0.0.6 command-injection http://www.mozilla.org/security/announce/2007/mfsa2007-27.html seamonkey{,-bin,-gtk1}<1.1.4 command-injection http://www.mozilla.org/security/announce/2007/mfsa2007-27.html acroread-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages acroread5-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gaim-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages wmmail-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mozilla-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php>5.0<5.2.3nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2007-3806 php<4.4.7nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2007-3806 qt3-libs<3.3.8nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3388 tcpdump<3.9.7 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3798 ethereal-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages kdegraphics<3.5.7nb1 arbitrary-code-execution http://www.kde.org/info/security/advisory-20070730-1.txt koffice<1.6.3nb1 arbitrary-code-execution http://www.kde.org/info/security/advisory-20070730-1.txt py{15,20,21,22,23,24,25,26,27,31}-denyhosts<2.6nb1 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4323 squidGuard<1.2.1 acl-bypass http://www.squidguard.org/Doc/sg-2007-04-15.html rsync<2.6.9nb1 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4091 opera<9.23 arbitrary-code-execution http://www.opera.com/support/search/view/865/ links{,-gui}-2.1.0.29* remote-command-execution http://links.twibright.com/download/ChangeLog kdelibs<3.5.7nb1 url-spoofing http://www.kde.org/info/security/advisory-20070914-1.txt kdebase<3.5.7nb2 url-spoofing http://www.kde.org/info/security/advisory-20070914-1.txt xfce4-terminal<0.2.6nb1 remote-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3770 apache>=2.0<2.0.61 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 apache>=2.2.0<2.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 lighttpd<1.4.18 remote-code-execution http://www.lighttpd.net/assets/2007/9/9/lighttpd_sa_2007_12.txt bind>8<8.4.7pl1 cryptographically-weak-query-ids http://www.kb.cert.org/vuls/id/927905 bind>8<8.9.9 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages qt3-libs<3.3.8nb5 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4137 qt4-libs<4.3.2 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4137 bugzilla>3<3.0.2 unauthorised-account-creation http://www.bugzilla.org/security/3.0.1/ kdebase>=3.3.0<3.5.7nb4 local-root-shell http://www.kde.org/info/security/advisory-20070919-1.txt ImageMagick<6.3.5.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4985 ImageMagick<6.3.5.9 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4986 ImageMagick<6.3.5.9 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4987 ImageMagick<6.3.5.9 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4988 fetchmail<6.3.8nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4565 libXfont-1.3.1 buffer-overflow http://mail-index.netbsd.org/pkgsrc-changes/2007/09/24/0008.html ruby18-base<1.8.6.110nb1 access-validation-bypass http://www.isecpartners.com/advisories/2007-006-rubyssl.txt libpurple<2.2.1 denial-of-service http://www.pidgin.im/news/security/?id=23 openoffice2<2.2.1nb3 heap-overflow http://www.openoffice.org/security/cves/CVE-2007-2834.html openoffice2<2.2.1nb3 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2007-2834.html openoffice2-bin<2.3 heap-overflow http://www.openoffice.org/security/cves/CVE-2007-2834.html openoffice2-bin<2.3 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2007-2834.html openttd<0.5.3 remote-code-execution http://www.tt-forums.net/viewtopic.php?f=29&t=34077 xentools{3,30}-hvm<=3.1.0 remote-code-execution http://secunia.com/advisories/26986/ dircproxy<1.2.0beta2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5226 spamassassin<3.1.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0451 gnucash<2.0.5 local-symlink-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0007 chmlib<0.39 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0619 GConf2<2.16.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6698 drupal<5.3 arbitrary-code-execution http://drupal.org/node/184315 drupal<5.3 cross-site-scripting http://drupal.org/node/184320 drupal<5.3 cross-site-request-forgery http://drupal.org/node/184348 drupal<5.3 access-bypass http://drupal.org/node/184354 drupal<5.3 http-response-splitting http://drupal.org/node/184315 firefox{,-bin,-gtk1}<2.0.0.8 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-29.html seamonkey{,-bin,-gtk1}<1.1.5 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-29.html thunderbird{,-gtk1}>=2.0<2.0.0.8 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-29.html firefox{,-bin,-gtk1}<2.0.0.8 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-35.html seamonkey{,-bin,-gtk1}<1.1.5 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-35.html openssl<0.9.7inb5 arbitrary-code-execution http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5135 p5-XML-RSS<1.31 markup-injection-vulnerability http://search.cpan.org/src/ABH/XML-RSS-1.31/Changes mantis<1.0.8 cross-site-scripting http://www.mantisbt.org/changelog.php mantis<1.0.8 security-bypass http://www.mantisbt.org/changelog.php cups<1.2.12nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4351 libpurple<2.2.2 denial-of-service http://www.pidgin.im/news/security/?id=24 perl<5.8.8nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5116 mono<1.1.13.8.1nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5197 phpmyadmin<2.11.1.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-5 phpmyadmin<2.11.1.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-6 phpmyadmin<2.11.1.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-7 koffice<1.6.3nb4 arbitrary-code-execution http://www.kde.org/info/security/advisory-20071107-1.txt kdegraphics<3.5.7nb4 arbitrary-code-execution http://www.kde.org/info/security/advisory-20071107-1.txt kdegraphics-3.5.8 arbitrary-code-execution http://www.kde.org/info/security/advisory-20071107-1.txt samba>=3.0.0<3.0.26anb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572 samba>=3.0.0<3.0.26anb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398 openldap-server<2.3.39 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5707 flac<1.2.1 arbitrary-code-execution http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=608 apache-tomcat<5.5.25 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449 apache-tomcat<5.5.25 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450 ircservices<5.0.63 denial-of-service http://lists.ircservices.za.net/pipermail/ircservices/2007/005558.html poppler<0.6.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 poppler<0.6.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 poppler<0.6.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 wireshark<0.99.7pre2 denial-of-service http://www.wireshark.org/security/wnpa-sec-2007-03.html php>=5<5.2.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4887 net-snmp<5.4.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5846 base<1.3.9 cross-site-scripting http://sourceforge.net/project/shownotes.php?group_id=103348&release_id=555614 firefox{,-bin,-gtk1}<2.0.0.10 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-37.html firefox{,-bin,-gtk1}<2.0.0.10 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-38.html firefox{,-bin,-gtk1}<2.0.0.10 cross-site-request-forgery http://www.mozilla.org/security/announce/2007/mfsa2007-39.html wesnoth<1.2.8 arbitrary-code-execution http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289 micq-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ikiwiki<2.13 remote-file-view http://ikiwiki.info/security/#index29h2 cairo<1.4.12 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5503 seamonkey{,-bin,-gtk1}<1.1.7 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-37.html seamonkey{,-bin,-gtk1}<1.1.7 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-38.html seamonkey{,-bin,-gtk1}<1.1.7 cross-site-request-forgery http://www.mozilla.org/security/announce/2007/mfsa2007-39.html squid<2.6.17 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2007_2.txt drupal<5.4 sql-injection http://drupal.org/node/198162 ruby18-actionpack<1.13.6 www-session-fixation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6077 samba<3.0.26anb3 remote-code-execution http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6015 openoffice2<2.3.1 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2007-4575.html openoffice2-bin<2.3.1 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2007-4575.html mysql-server>5.0<5.0.51 remote-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5969 ruby18-gnome2-gtk<0.16.0nb2 format-string http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6183 exiftags<1.01 arbitrary-code-execution http://secunia.com/advisories/28110/ py{15,20,21,22,23,24,25,26,27,31}-django<0.96.1 denial-of-service http://www.djangoproject.com/weblog/2007/oct/26/security-fix/ cups<1.3.5 remote-code-execution http://www.cups.org/str.php?L2589 cups<1.3.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-{4352,5392,5393} clamav<0.92 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5759 dovecot>=1.0.rc11<1.0.9nb1 unauthorized-access http://www.dovecot.org/list/dovecot-news/2007-December/000057.html opera<9.25 cross-site-scripting http://www.opera.com/support/search/view/875/ php<4.4.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3378 php<4.4.8 denial-of-service http://www.php-security.org/MOPB/MOPB-03-2007.html libsndfile<1.0.17nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4974 postgresql80-server<8.0.15 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6600 postgresql80-server<8.0.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772 postgresql80-server<8.0.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6067 postgresql80-server<8.0.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4769 postgresql80-server<8.0.15 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6601 postgresql81-server<8.1.11 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6600 postgresql81-server<8.1.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772 postgresql81-server<8.1.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6067 postgresql81-server<8.1.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4769 postgresql81-server<8.1.11 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6601 postgresql82-server<8.2.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6600 postgresql82-server<8.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772 postgresql82-server<8.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6067 postgresql82-server<8.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4769 postgresql82-server<8.2.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6601 horde<3.1.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6018 turba<2.1.6 privilege-escalation http://lists.horde.org/archives/announce/2008/000361.html kronolith<2.1.7 privilege-escalation http://lists.horde.org/archives/announce/2008/000362.html drupal<5.6 cross-site-request-forgery http://drupal.org/node/208562 drupal<5.6 cross-site-scripting http://drupal.org/node/208564 drupal<5.6 cross-site-scripting http://drupal.org/node/208565 apache<1.3.41 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 apache<1.3.41 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 apache>=2.0.35<2.0.63 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 apache>=2.0.35<2.0.63 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 apache>=2.2.0<2.2.8 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421 apache>=2.2.0<2.2.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422 apache>=2.2.0<2.2.8 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 apache>=2.2.0<2.2.8 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 libXfont<1.3.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0006 modular-xorg-server<1.3.0nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5760 modular-xorg-server<1.3.0nb5 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5958 modular-xorg-server<1.3.0nb5 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6427 modular-xorg-server<1.3.0nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6428 modular-xorg-server<1.3.0nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6429 mplayer<1.0rc10nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-{0485,0486} mencoder<1.0rc10nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-{0485,0486} gmplayer<1.0rc10nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-{0485,0486} xine-lib<1.1.10 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1664 firefox{,-bin,-gtk1}<2.0.0.12 memory-corruption http://www.mozilla.org/security/announce/2008/mfsa2008-01.html firefox{,-bin,-gtk1}<2.0.0.12 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-03.html firefox{,-bin,-gtk1}<2.0.0.12 privacy-leak http://www.mozilla.org/security/announce/2008/mfsa2008-06.html seamonkey{,-bin,-gtk1}<1.1.8 memory-corruption http://www.mozilla.org/security/announce/2008/mfsa2008-01.html seamonkey{,-bin,-gtk1}<1.1.8 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-03.html seamonkey{,-bin,-gtk1}<1.1.8 privacy-leak http://www.mozilla.org/security/announce/2008/mfsa2008-06.html SDL_image<1.2.6nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0544 SDL_image<1.2.6nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6697 RealPlayerGold<10.0.9 buffer-overflow http://service.real.com/realplayer/security/10252007_player/en/ thunderbird{,-gtk1}>=2.0<2.0.0.12 heap-overflow http://www.mozilla.org/security/announce/2008/mfsa2008-12.html pcre<7.6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0674 blender<2.43 local-command-inject http://secunia.com/advisories/24232/ evolution<2.8.2 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1266 sylpheed<2.2.8 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1267 sylpheed-claws<2.2.8 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1267 mutt<1.5.14 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1268 GNUMail<1.1.2 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1269 courier-imap<4.0.7 remote-root-shell http://www.gentoo.org/security/en/glsa/glsa-200704-18.xml wireshark<0.99.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-01.html vlc<0.8.6dnb2 remote-user-shell http://secunia.com/advisories/29122/ xine-lib<1.1.10.1 remote-user-shell http://secunia.com/advisories/28801/ mono<1.2.5.1 buffer-overflow http://secunia.com/advisories/27493/ mono<1.2.6 cross-site-scripting http://secunia.com/advisories/27349/ mono<1.2.6 buffer-overflow http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5197 phpmyadmin<2.11.2.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-8 phpmyadmin<2.11.5 sql-injection http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-1 viewvc<1.0.5 security-bypass http://viewvc.tigris.org/source/browse/viewvc/trunk/CHANGES?rev=HEAD thunderbird{,-gtk1}>=2.0<2.0.0.12 remote-user-shell http://www.mozilla.org/security/announce/2008/mfsa2008-01.html thunderbird{,-gtk1}>=2.0<2.0.0.12 remote-user-shell http://www.mozilla.org/security/announce/2008/mfsa2008-03.html thunderbird{,-gtk1}>=2.0<2.0.0.12 directory-traversal http://www.mozilla.org/security/announce/2008/mfsa2008-05.html ghostscript>7<8.62 buffer-overflow http://scary.beasts.org/security/CESA-2008-001.html audacity<1.2.6nb1 symlink-attack http://www.gentoo.org/security/en/glsa/glsa-200803-03.xml dbus<1.0.2nb5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0595 acroread{,5,7}-[0-9]* remote-user-shell http://www.securityfocus.com/bid/22753 acroread{,5,7}-[0-9]* remote-stack-smash http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=657 acroread{,5,7}-[0-9]* remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5663 acroread{,5,7}-[0-9]* remote-user-shell http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=655 acroread{,5,7}-[0-9]* multiple-unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0655 acroread{,5,7}-[0-9]* remote-printing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0667 acroread{,5,7}-[0-9]* remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0726 opera<9.26 remote-information-disclosure http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1080 opera<9.26 remote-code-execution http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1081 opera<9.26 security-bypass http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1082 turba<2.1.7 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0807 kdepim<3.5.7 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1265 lighttpd<1.4.18nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0983 cups<1.3.6 denial-of-service http://www.cups.org/str.php?L2656 acroread{,5,7}-[0-9]* temporary-files-race http://support.novell.com/techcenter/psdb/d8c48c63359fc807624182696d3d149c.html py{15,20,21,22,23,24,25,26,27,31}-paramiko<1.7 remote-information-exposure http://www.lag.net/pipermail/paramiko/2008-January/000599.html icu<3.6nb2 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4770 icu<3.6nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4771 e2fsprogs<1.40.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5497 splitvt<1.6.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0162 sun-j{re,dk}14<2.17 unknown http://secunia.com/advisories/29239/ sun-j{re,dk}15<5.0.15 unknown http://secunia.com/advisories/29239/ sun-j{re,dk}6<6.0.5 unknown http://secunia.com/advisories/29239/ evolution<2.12.3nb2 format-string http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0072 silc-toolkit<1.1.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1227 mit-krb5<1.4.2nb6 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-006.txt mit-krb5>=1.6<1.6.3 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-006.txt horde<3.1.7 arbitrary-file-inclusion http://lists.horde.org/archives/announce/2008/000382.html synce-dccm<0.10.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6703 synce-dccm>=0.9.2<0.10.1 arbitrary-script-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1136 dovecot<1.0.13 authentication-bypass http://www.dovecot.org/list/dovecot-news/2008-March/000064.html ruby18-base<1.8.6.114 access-validation-bypass http://preview.ruby-ang.org/en/news/2008/03/03/webrick-file-access-vulnerability/ mailman<2.1.10 script-insertion http://secunia.com/advisories/28794/ openldap<2.3.39 denial-of-service http://secunia.com/advisories/27424/ openldap<2.3.41 denial-of-service http://secunia.com/advisories/28926/ py{15,20,21,22,23,24,25,26,27,31}-moin<1.6.1 multiple-vulnerabilities http://secunia.com/advisories/29010/ webmin<1.330 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1276 webmin<1.350 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3156 webmin<1.370 arbitrary-script-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5066 webmin<1.370nb3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0720 apache-tomcat<5.5.21 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358 apache-tomcat<5.5.25 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3386 apache-tomcat<5.5.25 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-{3382,3385} apache-tomcat>=5.5.0<5.5.26 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461 apache-tomcat>=5.5.9<5.5.26 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342 apache-tomcat>=5.5.0<5.5.26 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333 apache-tomcat>=5.5.11<5.5.26 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286 mplayer<1.0rc10nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0629 mplayer<1.0rc10nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0630 mencoder<1.0rc10nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0629 mencoder<1.0rc10nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0630 gmplayer<1.0rc10nb3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0629 gmplayer<1.0rc10nb3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0630 xine-lib<1.1.9.1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0225 xine-lib<1.1.9.1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0238 xine-lib<1.1.10.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0486 p5-Net-DNS<0.63 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6341 roundup<1.4.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1474 roundup<1.4.4 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1475 lighttpd<1.4.19 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1111 lighttpd<1.4.19 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1270 sarg<2.2.5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1167 sarg<2.2.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1168 liblive<2007.11.18 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6036 nagios-base<2.5nb5 cross-site-scripting http://secunia.com/advisories/29363/ wml<2.0.9nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0665 wml<2.0.9nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0666 userppp-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1215 jasper<1.900.1nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2721 png<1.2.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5268 plone3<3.1 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0164 maradns<1.2.12.06nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0061 xine-lib<1.1.10.1nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073 quagga>=0.99<0.99.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4826 jakarta-tomcat4<4.1.37 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461 nss_ldap<259 data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5794 nagios-plugins<1.4.3nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5198 nagios-plugin-snmp<1.4.3nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5623 openoffice2<2.3.1nb5 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4770 openoffice2<2.3.1nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4771 asterisk<1.2.27 authentication-bypass http://downloads.digium.com/pub/security/AST-2008-003.html mit-krb5<1.3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0948 mit-krb5<1.4.2nb6 arbitrary-code-execution http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-001.txt mit-krb5>=1.6<1.6.4 arbitrary-code-execution http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-001.txt mit-krb5<1.4.2nb6 denial-of-service http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-002.txt mit-krb5>=1.6<1.6.3 denial-of-service http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-002.txt silc-client<1.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3728 silc-toolkit<1.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3728 unzip<5.52nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0888 namazu<2.0.18 cross-site-scripting http://secunia.com/advisories/29386/ maradns<1.2.12.06 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3114 qemu<0.9.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1320 qemu<0.9.1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6227 qemu<0.10.0 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0928 instiki<0.13 cross-site-scripting http://rubyforge.org/forum/forum.php?forum_id=22805 freetype2<2.3.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3506 bzip2<1.0.5 denial-of-service https://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html ircu<2.10.12.12nb1 denial-of-service http://lists.grok.org.uk/pipermail/full-disclosure/2008-March/060906.html p7zip<4.57 unknown https://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html libvorbis<1.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3106 libvorbis<1.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4029 libvorbis<1.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4065 libvorbis<1.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4066 vlc<0.8.6dnb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1489 silc-client<1.1.4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1552 silc-server<1.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1552 silc-toolkit<1.1.7 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1552 mysql-client<5.0 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-server<5.0 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gnupg-1.4.8{,nb*} memory-corruption http://lists.gnupg.org/pipermail/gnupg-announce/2008q1/000271.html gnupg2-2.0.8{,nb*} memory-corruption http://lists.gnupg.org/pipermail/gnupg-announce/2008q1/000271.html firefox{,2}{,-bin,-gtk1}<2.0.0.13 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-14.html firefox{,2}{,-bin,-gtk1}<2.0.0.13 popup-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-19.html firefox{,2}{,-bin,-gtk1}<2.0.0.13 cross-site-request-forgery http://www.mozilla.org/security/announce/2008/mfsa2008-16.html thunderbird{,-gtk1}>=2.0<2.0.0.13 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-14.html seamonkey{,-bin,-gtk1}<1.1.9 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-14.html seamonkey{,-bin,-gtk1}<1.1.9 popup-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-19.html seamonkey{,-bin,-gtk1}<1.1.9 cross-site-request-forgery http://www.mozilla.org/security/announce/2008/mfsa2008-16.html centerim<4.22.4 shell-command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1467 p5-Tk<804.027nb7 buffer-overflow http://secunia.com/advisories/29546/ xpdf<3.02pl1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 xpdf<3.02pl2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 xpdf<3.02pl2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 xpdf<3.02pl2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 policyd-weight<0.1.14.17 privilege-escalation http://secunia.com/advisories/29553/ wireshark<1.0.0 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-02.html gtar-base<1.15.1nb5 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4131 eterm<0.9.4nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1692 rxvt<2.7.10nb6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142 rxvt-unicode<8.3nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142 aterm<1.0.0nb5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142 wterm<6.2.9nb8 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142 mrxvt<0.5.3nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142 phpmyadmin<2.11.5.1 unauthorized-access http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-2 inspircd<1.1.18 unspecified http://www.inspircd.org/forum/showthread.php?t=2945 comix<3.6.4nb2 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1568 thunderbird<1.5.0.14 arbitrary-code-execution http://www.mozilla.org/security/announce/2007/mfsa2007-29.html thunderbird<1.5.0.14 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-40.html php<4.4.5 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0931 php>=5.0<5.2.1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0931 cups<1.3.7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0047 cups<1.3.7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1373 lighttpd<1.4.19nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1531 openssh<4.7.1nb3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483 openssh<4.7.1nb3 security-bypass http://marc.info/?l=openssh-unix-dev&m=120692745026265 gnome-screensaver<2.21.6 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6389 gnome-screensaver<2.22.1 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0887 sympa<5.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1648 {ap2,ap22}-suphp<0.6.3 arbitrary-script-execution http://article.gmane.org/gmane.comp.php.suphp.general/348 acroread7<7.0.9 heap-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5857 libgtop<2.14.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0235 sun-{jdk,jre}13<1.0.19 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102760-1 sun-{jdk,jre}14<2.13 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102760-1 sun-{jdk,jre}15<5.0.10 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102760-1 koffice<1.2.1 denial-of-service http://www.kde.org/info/security/advisory-20070115-1.txt kdegraphics<3.2.3 denial-of-service http://www.kde.org/info/security/advisory-20070115-1.txt ed<0.2nb2 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6939 GeoIP<1.4.1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0159 kdebase<3.5.5 cross-site-scripting http://www.kde.org/info/security/advisory-20070206-1.txt opera<9.27 code-execution http://www.opera.com/support/search/view/881/ opera<9.27 memory-corruption http://www.opera.com/support/search/view/882/ balsa<2.3.10nb14 buffer-overflow http://bugzilla.gnome.org/show_bug.cgi?id=474366 xscreensaver<5.02 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1859 xscreensaver<5.04 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5585 neon>=0.26.0<0.26.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0157 kdebase<3.5.8 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4224 libevent<1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1030 openssl<0.9.8f side-channel http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3108 openssl<0.9.8f denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4995 sqlitemanager<1.2.0 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1232 sqlitemanager<1.2.0 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0516 dropbear<0.49 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1099 tcpdump<3.9.7 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1218 tcpdump<3.9.7 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3798 firefox-bin-flash<9.0.124 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb08-11.html ns-flash<9.0.124 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb08-11.html drupal>6<6.2 access-bypass http://drupal.org/node/244637 wireshark<0.99.6 denial-of-service http://www.wireshark.org/docs/relnotes/wireshark-0.99.6.html m4<1.4.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1687 python15-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python20-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python21-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python22-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ImageMagick<6.3.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1797 ktorrent<2.1.2 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1384 ktorrent<2.1.3 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1799 netperf<2.3.1nb1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1444 imp<4.1.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1515 nas<1.9 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1543 nas<1.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1545 lookup<1.4.1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0237 asterisk>=1.4<1.4.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1594 asterisk>=1.4<1.4.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2293 asterisk>=1.4<1.4.5 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2488 zope210<2.10.3 cross-site-request-forgery http://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view inkscape<0.45.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1463 mgv-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5864 ap-perl<1.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1349 ap13-perl<1.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1349 {ap2,ap22}-perl<2.0.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1349 mit-krb5<1.4.2nb5 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0956 mit-krb5>=1.6<1.6.1 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0956 mit-krb5<1.4.2nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0957 mit-krb5>=1.6<1.6.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0957 mit-krb5<1.4.2nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1216 mit-krb5>=1.6<1.6.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1216 openpbs<2.3.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5616 xorg-server<1.1.1 local-root-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1003 libXfont<1.2.0 local-root-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1352 libX11<1.0.3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1667 p5-Archive-Tar<1.37 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4829 sun-{jdk,jre}14<2.14 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1 sun-{jdk,jre}15<5.0.11 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1 sun-{jdk,jre}14<2.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2788 sun-{jdk,jre}15<5.0.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2788 sun-{jdk,jre}6<6.0.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2788 vim{,-gtk,-gtk2,-kde,-motif,-xaw,-share}<7.0.235 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2438 vim{,-gtk,-gtk2,-kde,-motif,-xaw,-share}<7.1.039 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2953 lftp<3.5.9 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2348 elinks<0.11.3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5034 python24<2.4.5 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2052 python25<2.5.1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2052 libexif<0.6.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2645 libexif<0.6.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4168 mysql-server<4.1.23 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2691 mysql-server<4.1.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5925 mysql-server>5.0<5.0.44 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2691 mysql-server>5.0<5.0.44 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5925 mysql-server>5.0.9<5.0.51 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0226 bochs<2.3.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2894 findutils<4.2.31 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2452 phppgadmin<4.1.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5728 base<1.3.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5578 mail-notification<4.1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3209 dspam<3.8.0 password-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6418 exiv2<0.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6353 libexif<0.6.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6352 gd<2.0.35 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3472 sun-{jdk,jre}15<5.0.12 cross-site-scripting http://sunsolve.sun.com/search/document.do?assetkey=1-26-102958-1 sun-{jdk,jre}6<6.0.1 cross-site-scripting http://sunsolve.sun.com/search/document.do?assetkey=1-26-102958-1 openoffice2-bin<2.0.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4077 curl>=7.14.0<7.16.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3564 libcdio<0.80 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6613 firefox-bin-flash<9.0.47 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3456 ns-flash<9.0.47 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3456 firefox-bin-flash<9.0.48 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2022 ns-flash<9.0.48 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2022 sun-{jdk,jre}14<2.15 denial-of-service http://sunsolve.sun.com/search/document.do?assetkey=1-26-102997-1 sun-{jdk,jre}15<5.0.12 denial-of-service http://sunsolve.sun.com/search/document.do?assetkey=1-26-102997-1 sun-{jdk,jre}6<6.0.2 denial-of-service http://sunsolve.sun.com/search/document.do?assetkey=1-26-102997-1 sun-{jdk,jre}6<6.0.2 arbitrary-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-102993-1 modular-xorg-server<1.3.0.0nb10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4730 php<5.2.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3806 kdebase<3.5.8 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3820 asterisk<1.2.22 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3762 asterisk>=1.4<1.4.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3762 asterisk<1.2.23 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4103 asterisk>=1.4<1.4.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4103 teamspeak-server<2.0.23.19 remote-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3956 mldonkey<2.9.0 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4100 t1lib<5.1.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4033 gdm<2.18.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3381 tor<0.1.2.14 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3165 tor<0.1.2.16 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4174 clamav<0.93 remote-user-shell http://secunia.com/advisories/29000/ png>=1.0.6<1.0.33 multiple-vulnerabilities http://libpng.sourceforge.net/Advisory-1.2.26.txt png>=1.2.0<1.2.27beta01 multiple-vulnerabilities http://libpng.sourceforge.net/Advisory-1.2.26.txt mksh<33d privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1845 rsync>=3.0.0<3.0.2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1720 xine-lib<1.1.12 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 cups<1.3.7nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1722 xine-lib<1.1.12nb1 remote-system-access http://secunia.com/advisories/29850/ openoffice2{,-bin}<2.4 remote-system-access http://secunia.com/advisories/29852/ firefox{,-bin,-gtk1}<2.0.0.14 remote-system-access http://www.mozilla.org/security/announce/2008/mfsa2008-20.html seamonkey{,-bin,-gtk1}<1.1.10 remote-system-access http://www.mozilla.org/security/announce/2008/mfsa2008-20.html thunderbird{,-gtk1}<2.0.0.14 remote-system-access http://www.mozilla.org/security/announce/2008/mfsa2008-20.html vlc<0.8.6e arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6681 vlc<0.8.6e arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6682 vlc<0.8.6e arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4484 vlc<0.8.6e arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0225 vlc<0.8.6f arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6681 vlc<0.8.6f arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073 vlc<0.8.6f denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1489 vlc<0.8.6f remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 poppler<0.8.0nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1693 xpdf<3.02pl2nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1693 streamripper<1.61.27nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4337 sudo<1.6.9 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3149 po4a<0.23nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4462 bugzilla<2.22.3 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4538 bugzilla<2.22.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4543 bugzilla>3<3.0.1 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4538 bugzilla>3<3.0.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4543 konversation<1.0.1nb8 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4400 id3lib<3.8.3nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4460 sylpheed<2.4.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2958 claws-mail<3.0.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2958 subversion-base<1.4.5 arbitrary-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3846 bitchx<1.1nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4584 bitchx<1.1nb3 arbitrary-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5839 star<1.4.3nb4 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4134 claws-mail<3.2.0 arbitrary-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6208 samba>3.0.25<3.0.26 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4138 kdebase>=3.3.0<3.5.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4569 asterisk>1.4.4<1.4.12 denial-of-service http://downloads.digium.com/pub/asa/AST-2007-021.html fuse-chironfs<1.0RC7 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5101 sun-{jdk,jre}14<2.16 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-103079-1 sun-{jdk,jre}15<5.0.13 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-103079-1 sun-{jdk,jre}6<6.0.3 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-103079-1 pwlib<1.8.3nb8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4897 wesnoth<1.2.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3917 wesnoth>=1.3<1.3.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3917 bacula<2.2.4nb4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5626 delegate<9.7.5 arbitrary-code-execution http://www.delegate.org/mail-lists/delegate-en/3856 sun-{jdk,jre}14<2.16 arbitrary-file-overwrite http://sunsolve.sun.com/search/document.do?assetkey=1-26-103112-1 sun-{jdk,jre}15<5.0.13 arbitrary-file-overwrite http://sunsolve.sun.com/search/document.do?assetkey=1-26-103112-1 sun-{jdk,jre}6<6.0.3 arbitrary-file-overwrite http://sunsolve.sun.com/search/document.do?assetkey=1-26-103112-1 3proxy<0.5.3j denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5622 phpmyadmin<2.11.5.2 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1924 vobcopy<1.1.0 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5718 liferea<1.4.6 insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5751 perdition<1.17nb8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5740 emacs{,-nox11}>=22<22.1nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5795 dbmail<2.2.9 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6714 blender<2.45nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1102 blender<2.45nb2 insecure-temporary-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1103 kronolith<2.1.8 cross-site-scripting http://marc.info/?l=horde-announce&m=120931816706926&w=2 vorbis-tools<1.2.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 SDL_sound<1.0.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 sweep<0.9.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 emacs{,-nox11}>=20<20.7nb11 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694 emacs{,-nox11}>=21<21.4anb13 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694 emacs{,-nox11}>=22<22.1nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694 xemacs{,-nox11}<21.4.17nb5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694 xemacs{,-nox11}>=21.5<21.5.27nb2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694 kdelibs>=3.5.5<3.5.9nb1 linux-denial-of-service http://www.kde.org/info/security/advisory-20080426-2.txt ikiwiki<2.42 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0165 py{15,20,21,22,23,24,25,26,27,31}-moin<1.6.3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1937 swfdec<0.6.4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1834 php5-apc<5.2.5.3.0.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1488 xine-lib<1.1.11.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1482 wyrd<1.4.1nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0806 imp<4.1.6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6018 win32-codecs<071007 arbitrary-code-execution http://www.gentoo.org/security/en/glsa/glsa-200803-08.xml graphviz<2.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4484 scponly<4.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6350 boost-libs<1.34.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0171 boost-headers<1.34.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0171 glib2<2.14.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0674 plone25<2.5.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5741 plone3<3.0.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5741 speex<1.0.5nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 php>=5<5.2.5 security-bypass http://securityreason.com/achievement_securityalert/47 php>=5<5.2.5 arbitrary-code-execution http://www.php.net/releases/5_2_5.php php>=5<5.2.6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0674 php>=5<5.2.6 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599 php>=5<5.2.6 unknown http://www.php.net/ChangeLog-5.php#5.2.6 php5-pear-MDB2<2.4.1nb1 arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5934 php5-pear-MDB2_Driver_mysql<1.4.1nb1 arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5934 php5-pear-MDB2_Driver_pgsql<1.4.1nb1 arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5934 pioneers<0.11.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6010 teTeX-bin<3.0nb16 arbitrary-code-execution http://www.gentoo.org/security/en/glsa/glsa-200711-26.xml liferea<1.4.8 privilege-escalation http://www.novell.com/linux/security/advisories/2005_22_sr.html rsync<2.6.9nb2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6199 bugzilla>=2.17.2<2.22.4 cross-site-scripting http://www.bugzilla.org/security/2.20.5/ bugzilla>=3.0<3.0.4 cross-site-scripting http://www.bugzilla.org/security/2.20.5/ bugzilla>=3.0<3.0.4 account-impersonation http://www.bugzilla.org/security/2.20.5/ bugzilla>=3.0<3.0.4 unauthorized-bug-change http://www.bugzilla.org/security/2.20.5/ GraphicsMagick<1.1.12 remote-security-bypass http://sourceforge.net/project/shownotes.php?release_id=595544 rdesktop<1.5.0nb4 remote-code-execution http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=696 rdesktop<1.5.0nb4 remote-code-execution http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=697 rdesktop<1.5.0nb4 remote-code-execution http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=698 php<5 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599 php<4.4.8 weak-rng-source http://www.sektioneins.de/advisories/SE-2008-02.txt php>=5<5.2.5 weak-rng-source http://www.sektioneins.de/advisories/SE-2008-02.txt php<5 security-bypass http://www.sektioneins.de/advisories/SE-2008-03.txt php>=5<5.2.6 security-bypass http://www.sektioneins.de/advisories/SE-2008-03.txt php<5 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2051 php>=5<5.2.6 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2051 licq<1.3.5nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1996 php>=4<5 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-server<4.1.24 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2079 mysql-server>=5<5.0.51bnb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2079 mysql-server>=5.1<5.1.24 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2079 qemu-0.9.1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2004 ganglia-webfrontend<3.0.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6465 kdebase<3.5.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5963 mantis<1.1.0 cross-site-scripting http://www.mantisbt.org/bugs/view.php?id=8679 mantis<1.1.1 cross-site-scripting http://www.mantisbt.org/bugs/view.php?id=8756 xmp<2.6.0 arbitrary-code-execution http://aluigi.altervista.org/adv/xmpbof-adv.txt RealPlayerGold-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0098 qt4-libs>=4.3.0<4.3.3 certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5965 mongrel>=1.0.4<1.1.3 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6612 openafs<1.4.6 denial-of-service http://www.openafs.org/security/OPENAFS-SA-2007-003.txt libxml2<2.6.31 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6284 bind<8.4.7pl1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0122 bind>=9<9.4.1pl1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0122 gnumeric<1.8.1 arbitrary-code-execution http://bugzilla.gnome.org/show_bug.cgi?id=505330 sun-{jdk,jre}15<5.0.14 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-66-231261-1 sun-{jdk,jre}6<6.0.2 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-66-231261-1 sun-{jdk,jre}6<6.0.4 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-66-231246-1 tk<8.4.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0553 acroread8<8.1.2 arbitrary-code-execution http://www.adobe.com/go/kb403079 acroread7<7.1.0 arbitrary-code-execution http://www.adobe.com/go/kb403079 clamav<0.92.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0728 GraphicsMagick<1.1.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4988 vmware<5.5.6 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 vmware>=6<6.0.3 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 tcl<8.4.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772 mplayer<1.0rc10nb7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1558 gmplayer<1.0rc10nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1558 acroread<8.1.2 arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1199 acroread{5,7}-[0-9]* arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1199 acroread8<8.1.2 arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1199 duplicity<0.4.9 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5201 flex<2.5.33 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0459 quake3arena-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3400 xdm<1.0.4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5214 libX11>=1.0.2<1.1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5397 xenkernel3<3.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5906 xenkernel3<3.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5907 xentools3-hvm<3.1.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0928 sarg<2.2.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1922 mysql-server<4.1.24 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3780 mysql-server>=5<5.0.45 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3780 mysql-server>=5<5.0.45 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3781 mysql-server>=5<5.0.42 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3782 mt-daapd-0.2.4.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1771 mt-daapd<0.2.4.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5824 mt-daapd<0.2.4.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5825 mantis<1.1.0 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6611 libvorbis<1.2.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1419 libvorbis<1.2.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1420 libvorbis<1.2.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1423 py{15,20,21,22,23,24,25,26,27,31}-django<0.96.1nb1 cross-site-scripting http://www.djangoproject.com/weblog/2008/may/14/security/ mantis<1.1.2 cross-site-request-forgery http://secunia.com/advisories/30270/ uudeview<0.5.20nb2 insecure-temporary-files http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480972 uulib<0.5.20nb4 insecure-temporary-files http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480972 WordNet<3.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2149 net-snmp<5.4.1nb2 arbitrary-code-execution http://secunia.com/advisories/30187/ libid3tag<0.15.1bnb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2109 ja-ptex-bin-[0-9]* remote-manipulation-of-data http://secunia.com/advisories/30168/ ja-ptex-bin-[0-9]* remote-system-access http://secunia.com/advisories/30168/ mtr<0.72nb1 arbitrary-code-execution http://seclists.org/fulldisclosure/2008/May/0488.html nagios-base<2.12 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5803 gnutls<2.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1948 gnutls<2.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1949 gnutls<2.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1950 libxslt<1.1.24 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1767 snort<2.8.1 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1804 perl<5.8.8nb8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1927 stunnel>=4.16<4.24 accepts-revoked-ocsp-cert http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2420 nagios-plugins<1.4.6 local-code-execution https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1630970&group_id=29880 samba<3.0.28anb1 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105 spamdyke<3.1.8 remote-security-bypass http://secunia.com/advisories/30408/ imlib2<1.4.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2426 emacs{,-nox11}>=20<20.7nb11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142 emacs{,-nox11}>=21<21.4anb12 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142 emacs{,-nox11}>=22.1<22.1nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142 xemacs-packages<1.16nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142 apache-tomcat<5.5.27 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947 apache-tomcat>=6<6.0.18 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947 vmware<6.0.4 arbitrary-code-execution http://www.vmware.com/security/advisories/VMSA-2008-0008.html ikiwiki<2.48 authentication-bypass http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=483770 openssl<0.9.8gnb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1672 websvn<1.61nb8 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3056 evolution<2.12.3nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1108 evolution>=2.22<2.22.2nb1 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1108 GraphicsMagick<1.1.14 remote-system-access http://secunia.com/advisories/30549/ GraphicsMagick>=1.2<1.2.3 remote-system-access http://secunia.com/advisories/30549/ exiv2<0.16nb1 denial-of-service http://dev.robotbattle.com/bugs/view.php?id=0000546 vmware<5.5.7 privilege-escalation http://www.vmware.com/security/advisories/VMSA-2008-0009.html asterisk<1.2.29 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2119 mit-krb5<1.4.2nb6 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt mit-krb5>=1.6<1.6.2 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt mit-krb5<1.4.2nb6 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-005.txt mit-krb5>=1.6<1.6.2 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-005.txt asterisk<1.2.26 security-bypass http://downloads.digium.com/pub/security/AST-2007-027.html asterisk<1.2.28 denial-of-service http://downloads.digium.com/pub/security/AST-2008-006.html net-snmp<5.4.1nb4 spoof-authenticated-packets http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960 freetype2<2.3.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1806 apache>2.0<2.0.63nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364 apache>=2.2.0<2.2.8nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364 openoffice2{,-bin}<2.4.1 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2008-2152.html courier-authlib<0.60.6 sql-injection http://marc.info/?l=courier-users&m=121293814822605&w=2 freetype2<2.3.6 arbitrary-code-execution http://labs.idefense.com/intelligence/vulnerabilities/display.php?id={715,716,717} nasm<2.02nb1 local-user-shell http://secunia.com/advisories/30594/ modular-xorg-server<1.3.0.0nb10 multiple-vulnerabilities http://lists.freedesktop.org/archives/xorg-announce/2008-June/000578.html opera<9.50 url-spoofing http://www.opera.com/support/search/view/878/ opera<9.50 information-disclosure http://www.opera.com/support/search/view/883/ opera<9.50 security-bypass http://www.opera.com/support/search/view/885/ vim{,-gtk,-gtk2,-motif,-xaw,-share}<7.1.299 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2712 turba<2.2.1 cross-site-scripting http://secunia.com/advisories/30704/ horde<3.1.7nb1 cross-site-scripting http://secunia.com/advisories/30697/ horde>=3.2<3.2.1 cross-site-scripting http://secunia.com/advisories/30697/ roundcube<0.2alpha cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6321 clamav<0.93.2 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2713 fetchmail<6.3.8nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2711 ruby18-base<1.8.7.22 arbitrary-code-execution http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities phpmyadmin<2.11.7 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-4 rt<3.6.7 denial-of-service http://lists.bestpractical.com/pipermail/rt-announce/2008-June/000158.html acroread7<7.1.0 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb08-15.html acroread8<8.1.2nb1 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb08-15.html squid<2.6.21 denial-of-service http://marc.info/?l=squid-announce&m=121469526501591&w=2 squid<2.6.21 privacy-leak http://marc.info/?l=squid-announce&m=121469526501591&w=2 pidgin<2.4.3 arbitrary-code-execution http://archives.neohapsis.com/archives/bugtraq/2008-06/0225.html GraphicsMagick-1.1.[0-9]* remote-system-access http://secunia.com/advisories/30879/ GraphicsMagick>=1.2<1.2.4 remote-system-access http://secunia.com/advisories/30879/ firefox{,-bin,-gtk1}<2.0.0.15 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2798 firefox{,-bin,-gtk1}<2.0.0.15 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2803 firefox{,-bin,-gtk1}<2.0.0.15 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2811 seamonkey{,-bin,-gtk1}<1.1.10 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2798 seamonkey{,-bin,-gtk1}<1.1.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2803 seamonkey{,-bin,-gtk1}<1.1.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2811 wireshark<1.0.1 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-03.html ruby18-base<1.8.7.22nb1 denial-of-service http://securenetwork.it/ricerca/advisory/download/SN-2008-02.txt vlc<0.8.6fnb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2430 openldap-client<2.4.9nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2952 opera<9.51 information-disclosure http://www.opera.com/support/search/view/887/ thunderbird{,-gtk1}<2.0.0.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2798 thunderbird{,-gtk1}<2.0.0.16 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-24.html thunderbird{,-gtk1}<2.0.0.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2803 thunderbird{,-gtk1}<2.0.0.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2811 pcre<7.7nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2371 #vte-[0-9]* utmp-entry-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0023 libzvt-[0-9]* utmp-entry-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0023 bind>9.5.0<9.5.0pl1 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 bind>9.4.0<9.4.2pl1 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 bind>9.3.0<9.3.5pl1 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 bind-8.[0-9]* cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 poppler<0.8.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2950 drupal>6.0<6.3 cross-site-scripting http://drupal.org/node/280571 drupal>5.0<5.8 cross-site-request-forgeries http://drupal.org/node/280571 drupal>6.0<6.3 cross-site-request-forgeries http://drupal.org/node/280571 drupal>5.0<5.8 session-fixation http://drupal.org/node/280571 drupal>6.0<6.3 session-fixation http://drupal.org/node/280571 drupal>6.0<6.3 sql-injection http://drupal.org/node/280571 ffmpeg<0.4.9pre1nb4 remote-code-execution https://roundup.mplayerhq.hu/roundup/ffmpeg/issue311 sun-j{re,dk}14<2.18 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-[3103-3115] sun-j{re,dk}15<5.0.16 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-[3103-3115] sun-j{re,dk}6<6.0.7 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-[3103-3115] wireshark<1.0.2 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-04.html zsh<4.2.6nb1 insecure-temporary-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6209 zsh>=4.3<4.3.4nb2 insecure-temporary-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6209 firefox{,-bin,-gtk1}<2.0.0.16 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-34.html firefox3{,-bin}<3.0.1 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-34.html seamonkey{,-bin,-gtk1}<1.1.11 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-34.html phpmyadmin<2.11.7.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-5 py{26,27,34,35,36}-mercurial<1.0.1nb1 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2942 firefox{,-bin,-gtk1}<2.0.0.16 remote-information-exposure http://www.mozilla.org/security/announce/2008/mfsa2008-35.html firefox3{,-bin}<3.0.1 remote-information-exposure http://www.mozilla.org/security/announce/2008/mfsa2008-35.html byacc<20050813nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3196 py{15,20,21,22,23,24,25,26,27,31}-moin<1.7.1 cross-site-scripting http://moinmo.in/SecurityFixes#moin1.6.3 dnsmasq<2.45 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 asterisk<1.2.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3263 asterisk<1.2.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3264 asterisk>=1.4<1.4.21.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3263 asterisk>=1.4<1.4.21.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3264 openssh<5.0.1nb1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3259 drupal<5.9 session-fixation http://drupal.org/node/286417 drupal>=6<6.3 session-fixation http://drupal.org/node/286417 newsx<1.6nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3252 trac<0.10.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3328 RealPlayerGold<11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5400 phpmyadmin<2.11.8 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-6 gnutls>=2.3.5<2.4.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2377 fprot-workstation-bin-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3447 pan<0.133 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2363 openttd<0.6.2 arbitrary-code-execution http://sourceforge.net/project/shownotes.php?release_id=617243 python24<2.4.5nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315 python25<2.5.2nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315 python24<2.4.5nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142 python25<2.5.2nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142 apache-tomcat<5.5.27 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232 apache-tomcat<5.5.27 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947 jakarta-tomcat4<4.1.39 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232 jakarta-tomcat4<4.1.39 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370 jakarta-tomcat5-[0-9]* directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370 libxslt<1.1.24nb1 arbitrary-code-execution http://www.scary.beasts.org/security/CESA-2008-003.html scmgit<1.5.6.4 remote-system-access http://kerneltrap.org/mailarchive/git/2008/7/16/2529284 ruby18-base<1.8.7.72 multiple-vulnerabilities http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/ powerdns<2.9.21nb2 data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3337 pidgin<2.5.0 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3532 mono<1.9.1nb2 cross-site-scripting http://secunia.com/advisories/31338/ apache-2.0.[0-5]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939 apache-2.0.6[0-2]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939 apache-2.0.63{,nb[12]} cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939 apache>=2.2.0<2.2.9nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939 python25<2.5.2nb3 weak-cryptography http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2316 bugzilla<2.22.5 remote-information-exposure http://www.bugzilla.org/security/2.22.4/ bugzilla>=3.0<3.0.5 remote-information-exposure http://www.bugzilla.org/security/2.22.4/ amarok<1.4.10 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3699 ipsec-tools<0.7.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3651 ipsec-tools<0.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3652 vim{,-gtk,-gtk2,-kde,-motif,-xaw,-share}<7.2.69 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4677 isc-dhcpd<3.1.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0062 postfix<2.5.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2936 postfix<2.5.4 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2937 postfix>=2.6.20080000<2.6.20080814 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2936 postfix>=2.6.20080000<2.6.20080814 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2937 drupal<5.10 multiple-vulnerabilities http://drupal.org/node/295053 drupal>=6<6.4 multiple-vulnerabilities http://drupal.org/node/295053 yelp>=2.19.90<2.22.1nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3533 mktemp<1.6 privilege-escalation http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495193 xine-lib<1.1.15 remote-system-access http://www.ocert.org/advisories/ocert-2008-008.html zope29>=2.9<2.9.9nb1 denial-of-service http://www.zope.org/advisories/advisory-2008-08-12/ zope210>=2.10<2.10.6nb1 denial-of-service http://www.zope.org/advisories/advisory-2008-08-12/ zope211>=2.10<2.11.1nb1 denial-of-service http://www.zope.org/advisories/advisory-2008-08-12/ awstats<6.9 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3714 sympa<5.4.4 privilege-escalation http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494969 vlc<0.9.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3732 vlc<0.9.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3794 sqlitemanager-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages R<2.7.0nb1 insecure-temporary-files http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496363 bitlbee<1.2.2 security-bypass http://secunia.com/advisories/31633/ tiff<3.8.2nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2327 ruby18-base<1.8.7.72nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3790 vim<7.2.10 arbitrary-command-execution http://www.rdancer.org/vulnerablevim-K.html openoffice{,2}<2.4.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3282 mono<1.9.1nb4 cross-site-scripting https://bugzilla.novell.com/show_bug.cgi?id=418620 gpsdrive-[0-9]* privilege-escalation http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496436 libxml2<2.7.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3281 opera<9.52 arbitrary-code-execution http://www.opera.com/support/search/view/892/ opera<9.52 security-bypass http://www.opera.com/support/search/view/893/ opera<9.52 security-bypass http://www.opera.com/support/search/view/895/ opera<9.52 local-file-reading http://www.opera.com/support/search/view/896/ opera<9.52 url-spoofing http://www.opera.com/support/search/view/897/ postfix<2.5.5 denial-of-service http://www.postfix.org/announcements/20080902.html clamav<0.94 denial-of-service http://secunia.com/advisories/31725/ py{15,20,21,22,23,24,25,26,27,31}-django<0.96.3 cross-site-request-forgery http://www.djangoproject.com/weblog/2008/sep/02/security/ wireshark>=0.9.7<1.0.3 denial-of-service http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2675 wireshark>=0.10.14<1.0.3 arbitrary-code-execution http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2649 png>=1.2.30beta04<1.2.32beta01 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3964 geeklog<1.4.1nb3 remote-file-write http://www.geeklog.net/article.php/file-uploads vlc08<0.8.6i arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3732 vlc08<0.8.6i arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3794 horde<3.2.2 cross-site-scripting http://marc.info/?l=horde-announce&m=122104360019867&w=2 mysql-server>=5<5.0.66 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3963 mysql-server>=5.1<5.1.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3963 gri<2.12.18 insecure-temporary-files http://gri.sourceforge.net/gridoc/html/Version_2_12.html phpmyadmin<2.11.9.1 arbitrary-code-execution http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-7 proftpd<1.3.2rc2 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4242 ffmpeg<20080727 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3230 rails<2.1.1 sql-injection http://rails.lighthouseapp.com/projects/8994/tickets/288 firefox{,-bin,-gtk1}<2.0.0.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0016 seamonkey{,-bin,-gtk1}<1.1.12 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0016 thunderbird{,-gtk1}<2.0.0.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0016 firefox{,-bin,-gtk1}<2.0.0.17 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3836 firefox{,-bin,-gtk1}<2.0.0.17 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4059 firefox3{,-bin}<3.0.2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4058 seamonkey{,-bin,-gtk1}<1.1.12 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4058 firefox{,-bin,-gtk1}<2.0.0.17 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4062 firefox3{,-bin}<3.0.2 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4062 firefox3{,-bin}<3.0.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4063 seamonkey{,-bin,-gtk1}<1.1.12 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4062 firefox{,-bin,-gtk1}<2.0.0.17 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4065 firefox{,-bin,-gtk1}<2.0.0.17 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4066 firefox3{,-bin}<3.0.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4065 seamonkey{,-bin,-gtk1}<1.1.12 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4065 seamonkey{,-bin,-gtk1}<1.1.12 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4070 thunderbird{,-gtk1}<2.0.0.17 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4070 faad2<2.6.1nb1 arbitrary-code-execution http://secunia.com/advisories/32006/ aegis<4.24.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4938 samba>3.2<3.2.3 insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3789 lighttpd<1.4.20 denial-of-service http://trac.lighttpd.net/trac/ticket/1774 tnftpd<20080929 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4247 firefox3<3.0.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4324 gmplayer<1.0rc10nb6 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3827 mencoder<1.0rc10nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3827 mplayer<1.0rc10nb8 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3827 xerces-c<3.0.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4482 xentools3-hvm-[0-9]* security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1945 libxml2<2.7.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4409 dovecot<1.1.4 remote-security-bypass http://www.dovecot.org/list/dovecot-news/2008-October/000085.html mysql-client>=5.0<5.0.67nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4456 xentools33<3.3.0nb2 security-bypass http://secunia.com/advisories/32064/ xentools3-[0-9]* security-bypass http://secunia.com/advisories/32064/ drupal>=5<5.11 multiple-vulnerabilities http://drupal.org/node/318706 drupal>=6<6.5 multiple-vulnerabilities http://drupal.org/node/318706 graphviz<2.16.1nb3 remote-system-access http://secunia.com/advisories/32186/ ap{2,22}-modsecurity{,2}>2.5.0<2.5.6 remote-security-bypass http://secunia.com/advisories/32146/ opera<9.6 multiple-vulnerabilities http://secunia.com/advisories/32177/ firefox-bin-flash<9.0.151 multiple-vulnerabilities http://secunia.com/advisories/32163/ ns-flash<9.0.151 multiple-vulnerabilities http://secunia.com/advisories/32163/ gtar-base<1.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4476 dbus<1.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3834 cups<1.3.9 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639 cups<1.3.9 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640 cups<1.3.9 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641 vlc<0.9.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4558 mantis<1.1.3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3102 firefox-bin-flash<9.0.151 information-disclosure http://www.adobe.com/support/security/bulletins/apsb08-18.html ns-flash<9.0.151 information-disclosure http://www.adobe.com/support/security/bulletins/apsb08-18.html jhead<2.84 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4575 vlc>=0.9.0<0.9.5 arbitrary-code-execution http://www.videolan.org/security/sa0809.html opera<9.61 information-disclosure http://www.opera.com/support/search/view/903/ opera<9.61 cross-site-scripting http://www.opera.com/support/search/view/904/ opera<9.61 security-bypass http://www.opera.com/support/search/view/905/ mantis<1.1.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4687 apache-tomcat<5.5.1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271 jakarta-tomcat4<4.1.32 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271 jakarta-tomcat5-[0-9]* security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271 wireshark<1.0.4 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-06.html drupal>=5<5.12 multiple-vulnerabilities http://drupal.org/node/324824 drupal>=6<6.6 multiple-vulnerabilities http://drupal.org/node/324824 websvn<2.1.0 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5918 websvn<2.1.0 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5919 websvn<2.1.0 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0240 enscript<1.6.4nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3863 gpsd<2.37nb1 remote-information-exposure http://developer.berlios.de/bugs/?func=detailbug&bug_id=14707&group_id=2116 libspf2<1.2.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2469 imlib2<1.4.2 unspecified http://secunia.com/advisories/32354/ png<1.2.33rc02 denial-of-service http://sourceforge.net/project/shownotes.php?release_id=635463&group_id=5624 jhead<2.86 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4641 ktorrent>=3.0<3.1.4 security-bypass http://secunia.com/advisories/32442/ phpmyadmin<2.11.9.3 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-9 lynx<2.8.6.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7234 opera<9.62 system-access http://secunia.com/advisories/32452/ dovecot>=1.1.4<1.1.6 denial-of-service http://www.dovecot.org/list/dovecot-news/2008-October/000089.html openoffice2{,-bin}<2.4.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2237 openoffice2{,-bin}<2.4.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2238 phpmyadmin<2.11.9.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-8 crossfire-maps-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4908 crossfire-server>=1.11.0 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4908 imap-uw<2007d system-access http://secunia.com/advisories/32483/ ed<1.0 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3916 kdelibs-3.[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5698 ktorrent>=2.0<2.2.8 remote-security-bypass http://secunia.com/advisories/32447/ net-snmp<5.4.2.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4309 acroread8<8.1.3 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb08-19.html silc-server<1.1.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1429 nagios-base<3.0.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5027 vlc08-[0-9]* remote-system-access http://www.videolan.org/security/sa0810.html vlc>=0.5.0<0.9.6 remote-system-access http://www.videolan.org/security/sa0810.html bugzilla<2.22.6 security-bypass http://www.bugzilla.org/security/2.20.6/ bugzilla>3.0.0<3.0.6 security-bypass http://www.bugzilla.org/security/2.20.6/ lmbench-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4968 gnutls<2.6.1 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4989 py{15,20,21,22,23,24,25,26,27,31}-moin-[0-9]* remote-information-exposure http://secunia.com/advisories/32686/ trac<0.11.2 multiple-vulnerabilities http://secunia.com/advisories/32652/ ja-trac<0.11.1pl2 multiple-vulnerabilities http://secunia.com/advisories/32652/ clamav<0.94.1 remote-system-access http://secunia.com/advisories/32663/ nagios-base<3.0.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5028 fwbuilder{,21}-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4956 scilab<4.1nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4983 optipng<0.6.2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5101 typo3<4.2.3 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-20081113-1/ typo3<4.2.3 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-20081113-2/ streamripper<1.61.27nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4829 libxml2<2.7.2nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225 libxml2<2.7.2nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226 imlib2<1.4.2nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5187 mailscanner<4.55.11 insecure-temporary-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5140 opera<9.63 multiple-vulnerabilities http://secunia.com/advisories/32752/ blender<2.49bnb6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4863 vmware<5.5.9 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4915 firefox{,-bin,-gtk1}<2.0.0.18 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-48.html seamonkey{,-bin,-gtk1}<1.1.13 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-48.html thunderbird{,-gtk1}<2.0.0.18 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-48.html firefox{,-bin,-gtk1}<2.0.0.18 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-49.html seamonkey{,-bin,-gtk1}<1.1.13 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-49.html firefox3{,-bin}<3.0.4 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-51.html firefox{,-bin,-gtk1}<2.0.0.18 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-52.html firefox3{,-bin}<3.0.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-52.html thunderbird{,-gtk1}<2.0.0.18 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-52.html seamonkey{,-bin,-gtk1}<1.1.13 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-52.html firefox{,-bin,-gtk1}<2.0.0.18 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-56.html firefox3{,-bin,-gtk1}<3.0.4 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-56.html thunderbird{,-gtk1}<2.0.0.18 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-56.html seamonkey{,-bin,-gtk1}<1.1.13 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-56.html seamonkey{,-bin,-gtk1}<1.1.13 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-59.html thunderbird{,-gtk1}<2.0.0.18 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-59.html libcdaudio<0.99.12nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5030 wireshark<1.0.4nb1 denial-of-service http://secunia.com/advisories/32840/ gnetlist<1.4.0nb1 privilege-escalation http://secunia.com/advisories/32806/ amaya-[0-9]* system-access http://secunia.com/advisories/32848/ samba>=3.0.29<3.0.32nb2 remote-information-exposure http://www.samba.org/samba/security/CVE-2008-4314.html samba>3.2<3.2.5 remote-information-exposure http://www.samba.org/samba/security/CVE-2008-4314.html mailscanner<4.73.3.1 denial-of-service http://secunia.com/advisories/32915/ vlc<0.9.8a remote-system-access http://www.videolan.org/security/sa0811.html clamav<0.94.2 denial-of-service http://secunia.com/advisories/32926/ squirrelmail<1.4.17 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2379 ImageMagick<6.2.8.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1096 GraphicsMagick<1.1.8 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1096 powerdns<2.9.21.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5277 nagios-base<3.0.6 unknown http://secunia.com/advisories/32909/ sun-j{re,dk}14<2.19 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2086 sun-j{re,dk}15<5.0.17 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2086 sun-j{re,dk}6<6.0.11 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2086 perl-5.10.0{,nb1,nb2} privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2827 perl-5.8.8{,nb*} privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5302 perl-5.10.0{,nb1,nb2} privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5302 perl-5.8.8{,nb*} privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5303 tor<0.2.0.32 remote-security-bypass http://secunia.com/advisories/33025/ tor<0.2.0.32 privilege-escalation http://secunia.com/advisories/33025/ mgetty<1.1.36nb2 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4936 dbus<1.2.4.2 security-bypass http://lists.freedesktop.org/archives/dbus/2008-December/010702.html drupal<5.13 cross-site-request-forgeries http://drupal.org/node/345441 drupal>6<6.7 cross-site-request-forgeries http://drupal.org/node/345441 phpmyadmin<2.11.9.4 cross-site-request-forgery http://www.phpmyadmin.net/home_page/security/PMASA-2008-10.php phppgadmin<4.2.2 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5587 mailscanner<4.74.6.2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5313 asterisk<1.2.30.4 denial-of-service http://downloads.digium.com/pub/security/AST-2008-012.html mediawiki<1.13.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5249 mediawiki<1.13.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5250 mediawiki<1.13.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5252 roundcube<0.2beta2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5619 roundcube<0.2beta2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5620 horde<3.3.1 cross-site-scripting http://lists.horde.org/archives/announce/2008/000464.html turba<2.3.1 cross-site-scripting http://lists.horde.org/archives/announce/2008/000465.html imp<4.3.1 cross-site-scripting http://lists.horde.org/archives/announce/2008/000463.html gmplayer<1.0rc10nb8 local-user-shell http://trapkit.de/advisories/TKADV2008-014.txt mplayer<1.0rc10nb10 local-user-shell http://trapkit.de/advisories/TKADV2008-014.txt mencoder<1.0rc10nb5 local-user-shell http://trapkit.de/advisories/TKADV2008-014.txt cmus<2.2.0nb5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5375 ns-flash<9.0.152 remote-system-access http://www.adobe.com/support/security/bulletins/apsb08-24.html firefox{,-bin}-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages firefox-gtk1-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages imap-uw<2007e denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5514 avahi<0.6.23nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5081 openvpn>=2.1rc1<2.1rc9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3459 pdfjam<1.21 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5743 pdfjam<1.21 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5843 netatalk<2.0.3nb12 system-access http://secunia.com/advisories/33227/ courier-authlib<0.62.0 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2380 adobe-flash-plugin<10.0.15.3 system-access http://www.adobe.com/support/security/bulletins/apsb08-24.html qemu<0.10.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2382 aview<1.3.0.1nb12 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4935 gitweb>=1.6<1.6.0.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5916 gitweb>=1.5.6<1.5.6.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5916 gitweb>=1.5.5<1.5.5.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5916 gitweb>=1.4.3<1.5.4.7 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5916 psi<0.12.1 denial-of-service http://secunia.com/advisories/33311/ firefox{,-bin,-gtk1}<2.0.0.19 denial-of-service http://www.mozilla.org/security/announce/2008/mfsa2008-60.html firefox{,-bin,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-61.html firefox{,-bin,-gtk1}<2.0.0.19 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-62.html firefox{,-bin,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-64.html firefox{,-bin,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-65.html firefox{,-bin,-gtk1}<2.0.0.19 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-66.html firefox{,-bin,-gtk1}<2.0.0.19 ui-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-67.html firefox{,-bin,-gtk1}<2.0.0.19 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-68.html firefox{,-bin,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-69.html firefox3{,-bin}<3.0.5 denial-of-service http://www.mozilla.org/security/announce/2008/mfsa2008-60.html firefox3{,-bin}<3.0.5 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-63.html firefox3{,-bin}<3.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-64.html firefox3{,-bin}<3.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-65.html firefox3{,-bin}<3.0.5 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-66.html firefox3{,-bin}<3.0.5 ui-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-67.html firefox3{,-bin}<3.0.5 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-68.html firefox3{,-bin}<3.0.5 denial-of-service http://www.mozilla.org/security/announce/2008/mfsa2008-69.html seamonkey{,-bin,-gtk1}<1.1.14 denial-of-service http://www.mozilla.org/security/announce/2008/mfsa2008-60.html seamonkey{,-bin,-gtk1}<1.1.14 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-61.html seamonkey{,-bin,-gtk1}<1.1.14 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-64.html seamonkey{,-bin,-gtk1}<1.1.14 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-65.html seamonkey{,-bin,-gtk1}<1.1.14 ui-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-66.html seamonkey{,-bin,-gtk1}<1.1.14 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-67.html seamonkey{,-bin,-gtk1}<1.1.14 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-68.html thunderbird{,-gtk1}<2.0.0.19 denial-of-service http://www.mozilla.org/security/announce/2008/mfsa2008-60.html thunderbird{,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-61.html thunderbird{,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-64.html thunderbird{,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-65.html thunderbird{,-gtk1}<2.0.0.19 ui-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-66.html thunderbird{,-gtk1}<2.0.0.19 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-67.html thunderbird{,-gtk1}<2.0.0.19 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-68.html xterm<238 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2383 libaudiofile<0.2.6nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5824 audacity<1.2.6nb2 remote-system-access http://secunia.com/advisories/33356/ links{,-gui}<2.11 remote-spoofing http://secunia.com/advisories/33391/ samba>=3.2.0<3.2.7 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0022 openssl<0.9.8j signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 amarok<1.4.10nb1 remote-code-execution http://www.trapkit.de/advisories/TKADV2009-002.txt drupal<5.15 sql-injection http://drupal.org/node/358957 drupal>6<6.9 sql-injection http://drupal.org/node/358957 drupal>6<6.9 access-bypass http://drupal.org/node/358957 drupal>6<6.9 validation-bypass http://drupal.org/node/358957 bind>=9.4.0<9.4.3pl1 dnssec-validation-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025 bind>=9.5.0<9.5.1pl1 dnssec-validation-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025 bind>=9.6.0<9.6.0pl1 dnssec-validation-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025 asterisk<1.2.33 remote-information-exposure http://downloads.digium.com/pub/security/AST-2009-001.html asterisk>=1.6<1.6.0.10 remote-information-exposure http://downloads.digium.com/pub/security/AST-2009-001.html typo3<4.2.4 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001/ py{15,20,21,22,23,24,25,26,27,31}-moin<1.8.1 cross-site-scripting http://moinmo.in/SecurityFixes#moin1.8.1 roundcube<0.2.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0413 gitweb<1.5.6.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5516 gitweb<1.5.6.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5517 ganglia-monitor-core<3.1.2 remote-system-access http://secunia.com/advisories/33506/ xdg-utils<1.1.0rc1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0386 # N/A; see https://security-tracker.debian.org/tracker/CVE-2009-0068 #xdg-utils-[0-9]* remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0068 tnftpd<20081009 cross-site-scripting http://securityreason.com/achievement_securityalert/56 libmikmod<3.2.0 remote-denial-of-service http://secunia.com/advisories/33485/ devIL>=1.6.7<1.7.7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5262 tor<0.2.0.33 remote-denial-of-service http://secunia.com/advisories/33635/ ap{,2,22}-auth-mysql>=4<4.3.9nb1 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2384 gst-plugins0.10-good<0.10.12 remote-system-access http://trapkit.de/advisories/TKADV2009-003.txt gentoo-0.11.57nb1 insecure-temporary-files http://mail-index.netbsd.org/pkgsrc-changes/2009/01/25/msg017509.html ntp<4.2.4p6 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0021 dia-python<0.97.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5984 GraphicsMagick<1.3.5 remote-denial-of-service http://secunia.com/advisories/33697/ imp<4.3.3 cross-site-scripting http://secunia.com/advisories/33719/ horde<3.3.3 cross-site-scripting http://secunia.com/advisories/33695/ ffmpeg<20080727nb7 remote-user-shell http://www.trapkit.de/advisories/TKADV2009-004.txt netsaint-base-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages netsaint-plugins-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages netsaint-plugin-cluster-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages netsaint-plugin-snmp-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages bugzilla<2.22.7 abuse-of-functionality http://www.bugzilla.org/security/2.22.6/ bugzilla<2.22.7 cross-site-request-forgery http://www.bugzilla.org/security/2.22.6/ bugzilla>3.2<3.2.2 insufficiently-random-numbers http://www.bugzilla.org/security/3.0.7/ bugzilla>3.0<3.0.8 insufficiently-random-numbers http://www.bugzilla.org/security/3.0.7/ bugzilla>3.0<3.0.7 abuse-of-functionality http://www.bugzilla.org/security/2.22.6/ bugzilla>3.0<3.0.7 cross-site-request-forgery http://www.bugzilla.org/security/2.22.6/ sudo<1.7.0 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0034 squid<2.7 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages squid>=2.7<2.7.6 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2009_1.txt squid>=3.0<3.0.13 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2009_1.txt firefox3{,-bin}<3.0.6 remote-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-01.html firefox3{,-bin}<3.0.6 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-02.html firefox3{,-bin}<3.0.6 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-03.html firefox3{,-bin}<3.0.6 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-04.html firefox3{,-bin}<3.0.6 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-05.html firefox3{,-bin}<3.0.6 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-06.html seamonkey{,-bin,-gtk1}<1.1.15 remote-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-01.html seamonkey{,-bin,-gtk1}<1.1.15 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-02.html seamonkey{,-bin,-gtk1}<1.1.15 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-03.html seamonkey{,-bin,-gtk1}<1.1.15 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-04.html seamonkey{,-bin,-gtk1}<1.1.15 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-05.html seamonkey{,-bin,-gtk1}<1.1.15 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-06.html thunderbird{,-gtk1}<2.0.0.21 remote-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-01.html proftpd>=1.3.1<1.3.2 sql-injection http://secunia.com/advisories/33842/ typo3<4.2.6 information-disclosure http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/ typo3<4.2.6 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/ net-snmp<5.4.2.1nb1 information-disclosure http://secunia.com/advisories/33884/ evolution-data-server<2.24.4.1nb2 smime-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0547 varnish<2.0.1 denial-of-service http://secunia.com/advisories/33852/ tor<0.2.0.34 denial-of-service http://archives.seul.org/or/announce/Feb-2009/msg00000.html mediawiki<1.13.4 cross-site-scripting http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_13_4/phase3/RELEASE-NOTES wireshark>=0.99.0<1.0.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-07.html wireshark>=0.99.6<1.0.6 remote-user-shell http://www.wireshark.org/security/wnpa-sec-2009-01.html boinc-[0-9]* ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0126 mpack<1.6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1425 poppler<0.10.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0755 poppler<0.10.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0756 xine-lib<1.1.16.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5239 xine-lib<1.1.16.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5240 xine-lib<1.1.16.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0385 png<1.2.35 denial-of-service http://secunia.com/advisories/33970/ djbdns<1.05nb9 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4392 p5-HTTPD-User-Manage<1.63 cross-site-scripting http://jvn.jp/en/jp/JVN30451602/index.html mldonkey>=2.8.4<3.0.0 remote-file-access https://savannah.nongnu.org/patch/?6754 ns-flash<9.0.159 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-01.html acroread-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-01.html acroread5-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-01.html acroread7<7.1.1 arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-01.html acroread8<8.1.4 arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-01.html pngcrush<1.6.14 arbitrary-code-execution http://secunia.com/advisories/33976/ apache-tomcat>=5.5.10<5.5.21 information-disclosure http://tomcat.apache.org/security-5.html opensc<0.11.7 unauthorized-access http://secunia.com/advisories/34052/ php<5.2.9 multiple-vulnerabilities http://secunia.com/advisories/34081/ trickle>=1.07 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0415 optipng<0.6.2.1 arbitrary-code-execution http://secunia.com/advisories/34035/ squid<3.2.0.11 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0801 mldonkey>=2.8.4<2.9.7nb1 information-disclosure https://savannah.nongnu.org/bugs/?25667 curl<7.18.0nb4 remote-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037 curl>=7.19.0<7.19.4 remote-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037 opera<9.64 multiple-vulnerabilities http://secunia.com/advisories/34135/ libsndfile<1.0.17nb5 arbitrary-code-execution http://secunia.com/advisories/33980/ libsndfile>1.0.17nb5<1.0.19 arbitrary-code-execution http://secunia.com/advisories/33980/ wesnoth<1.5.11 arbitrary-code-execution https://gna.org/bugs/index.php?13048 mpfr<2.4.1 buffer-overflow http://secunia.com/advisories/34063/ firefox3{,-bin}<3.0.7 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-07.html firefox3{,-bin}<3.0.7 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-08.html firefox3{,-bin}<3.0.7 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-09.html firefox3{,-bin}<3.0.7 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-10.html firefox3{,-bin}<3.0.7 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-11.html seamonkey{,-bin,-gtk1}<1.1.15 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-07.html seamonkey{,-bin,-gtk1}<1.1.15 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-08.html seamonkey{,-bin,-gtk1}<1.1.15 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-09.html seamonkey{,-bin,-gtk1}<1.1.15 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-10.html seamonkey{,-bin,-gtk1}<1.1.15 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-11.html thunderbird{,-gtk1}<2.0.0.21 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-07.html thunderbird{,-gtk1}<2.0.0.21 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-08.html thunderbird{,-gtk1}<2.0.0.21 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-09.html thunderbird{,-gtk1}<2.0.0.21 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-10.html thunderbird{,-gtk1}<2.0.0.21 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-11.html ap{2,22}-modsecurity{,2}>2.5.0<2.5.8 denial-of-service http://sourceforge.net/project/shownotes.php?release_id=667538 ap{2,22}-modsecurity{,2}>2.5.0<2.5.9 denial-of-service http://sourceforge.net/project/shownotes.php?release_id=667542 asterisk>=1.6<1.6.0.6 denial-of-service http://downloads.digium.com/pub/security/AST-2009-002.html roundup<0.8.3 query-manipulation http://issues.roundup-tracker.org/issue2550521 #postgresql8[123]-server-[0-9]* information-disclosure http://archives.postgresql.org/pgsql-hackers/2009-02/msg00861.php py{15,20,21,22,23,24,25,26,27,31}-amkCrypto<2.0.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0544 wesnoth<1.5.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0366 icu<4.0 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1036 libsoup<2.24.0 heap-based-buffer-overflow http://www.ocert.org/advisories/ocert-2008-015.html evolution<2.22.0 heap-based-buffer-overflow http://www.ocert.org/advisories/ocert-2008-015.html evolution-data-server<2.24.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0587 ejabberd<2.0.4 script-insertion-attacks http://secunia.com/advisories/34340/ lcms<1.18 denial-of-service http://scary.beasts.org/security/CESA-2009-003.html weechat<0.2.6.1 denial-of-service http://secunia.com/advisories/34304/ glib2<2.20.0 heap-based-buffer-overflow http://www.ocert.org/advisories/ocert-2008-015.html gst-plugins0.10-base<0.10.22nb1 heap-based-buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0586 firefox3{,-bin}<3.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-12.html firefox3{,-bin}<3.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-13.html seamonkey{,-bin,-gtk1}<1.1.16 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-12.html asterisk>=1.2<1.2.32 information-leak http://downloads.digium.com/pub/security/AST-2009-003.html asterisk>=1.6<1.6.0.8 information-leak http://downloads.digium.com/pub/security/AST-2009-003.html clamav<0.95 denial-of-service http://secunia.com/advisories/34566/ bugzilla>=3.2<3.2.3 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1213 mapserver<4.10.4 multiple-vulnerabilities http://secunia.com/advisories/34520/ openssl<0.9.8k denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590 eog<2.25.91 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5983 mpg123{,-esound,-nas}>=1.0<1.7.2 arbitrary-code-execution http://secunia.com/advisories/34587/ ghostscript<8.64nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0196 clamav<0.95.1 denial-of-service http://secunia.com/advisories/34612/ amaya-[0-9]* arbitrary-code-execution http://secunia.com/advisories/34531/ jakarta-tomcat4>=4.0.0<4.0.7 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5519 jakarta-tomcat4>=4.1.0<4.1.37 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5519 jakarta-tomcat5>=5.0.0<5.0.31 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5519 apache-tomcat>=5.5.0<5.5.28 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5519 lcms<1.18nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0793 tunapie<2.1.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1253 tunapie<2.1.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1254 xine-lib<1.1.16.3 arbitrary-code-execution http://trapkit.de/advisories/TKADV2009-005.txt ap13-perl<1.29nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0796 ap{2,22}-perl<2.0.4nb5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0796 unrealircd<3.2.7nb2 denial-of-service http://forums.unrealircd.com/viewtopic.php?t=6204 ntp<4.2.4p7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0159 pptp>1.7.2 information-disclosure https://bugzilla.redhat.com/show_bug.cgi?id=492090 geeklog<1.5.2.2 sql-injection http://www.geeklog.net/article.php/geeklog-1.5.2sr2 geeklog<1.5.2.3 sql-injection http://www.geeklog.net/article.php/webservices-exploit ghostscript<8.64 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6679 ghostscript<8.64nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0583 ghostscript<8.64nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0584 ghostscript<8.64nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0792 wireshark>=0.99.2<1.0.7 arbitrary-code-execution http://www.wireshark.org/security/wnpa-sec-2009-02.html compiz-fusion-plugins-main<0.6.0nb2 local-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6514 ldns<1.5.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1086 phpmyadmin<2.11.9.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1150 phpmyadmin<2.11.9.5 code-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1151 mit-krb5<1.4.2nb8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0846 mit-krb5<1.4.2nb8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0847 sun-{jdk,jre}14<2.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1093 sun-{jdk,jre}15<5.0.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1093 sun-{jdk,jre}6<6.0.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1093 sun-{jdk,jre}14<2.19 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1094 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1094 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1094 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1095 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1095 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1096 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1096 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1097 sun-{jdk,jre}14<2.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1098 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1098 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1098 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1099 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1099 sun-{jdk,jre}15<5.0.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1100 sun-{jdk,jre}6<6.0.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1100 sun-{jdk,jre}6<6.0.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1101 sun-{jdk,jre}6<6.0.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1102 sun-{jdk,jre}14<2.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1103 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1103 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1103 sun-{jdk,jre}14<2.20 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1104 sun-{jdk,jre}15<5.0.18 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1104 sun-{jdk,jre}6<6.0.13 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1104 sun-{jdk,jre}15<5.0.18 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1107 sun-{jdk,jre}6<6.0.13 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1107 xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 xpdf<3.02pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 xpdf<3.02pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 xpdf<3.02pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 poppler<0.10.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 poppler<0.10.6 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 poppler<0.10.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 poppler<0.10.6 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 poppler<0.10.6 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 poppler<0.10.6 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 poppler<0.10.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 poppler<0.10.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1187 poppler<0.10.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188 ruby18-base<1.8.7.160 password-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558 ruby18-base<1.8.7.160 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 drupal>6<6.11 cross-site-scripting http://drupal.org/node/449078 drupal<5.17 cross-site-scripting http://drupal.org/node/449078 firefox3{,-bin}<3.0.9 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-14.html firefox3{,-bin}<3.0.9 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-15.html firefox3{,-bin}<3.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-16.html firefox3{,-bin}<3.0.9 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-17.html firefox3{,-bin}<3.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-18.html firefox3{,-bin}<3.0.9 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-19.html firefox3{,-bin}<3.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-20.html firefox3{,-bin}<3.0.9 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-21.html firefox3{,-bin}<3.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-22.html firefox3{,-bin}<3.0.10 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-23.html seamonkey{,-bin,-gtk1}<1.1.16 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-14.html seamonkey{,-bin,-gtk1}<1.1.15 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-15.html seamonkey{,-bin,-gtk1}<1.1.17 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-21.html seamonkey{,-bin,-gtk1}<2.0 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-16.html seamonkey{,-bin,-gtk1}<1.1.17 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-17.html seamonkey{,-bin,-gtk1}<2.0 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-18.html seamonkey{,-bin,-gtk1}<2.0 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-19.html seamonkey{,-bin,-gtk1}<2.0 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-22.html thunderbird{,-gtk1}<2.0.0.22 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-14.html thunderbird{,-gtk1}<2.0.0.21 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-15.html thunderbird{,-gtk1}<2.0.0.22 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-17.html libmodplug<0.8.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1438 freetype2<2.3.9nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0946 gnutls>=2.5.0<2.6.6 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1416 gnutls<2.6.6 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1417 cups<1.3.10 multiple-vulnerabilities http://secunia.com/advisories/34481/ py{15,20,21,22,23,24,25,26,27,31}-moin<1.8.2 cross-site-scripting http://secunia.com/advisories/34821/ imp<4.3.4 signature-spoofing http://secunia.com/advisories/34796/ ntop<3.3.9nb1 insecure-file-permissions http://secunia.com/advisories/34793/ opensc<0.11.8 insecure-key-generation http://www.opensc-project.org/pipermail/opensc-announce/2009-May/000025.html suse{,32}_openssl<11.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590 suse{,32}_openssl<11.3 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0591 suse{,32}_openssl<11.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0789 suse{,32}_freetype2<11.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0946 acroread7<7.1.2 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-06.html acroread8<8.1.5 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-06.html Transmission<1.53 cross-site-request-forgery http://secunia.com/advisories/34969/ Transmission-1.60 cross-site-request-forgery http://secunia.com/advisories/34969/ squirrelmail<1.4.18 multiple-vulnerabilities http://secunia.com/advisories/35073/ amule<2.2.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1440 drupal>5<5.18 cross-site-scripting http://drupal.org/node/461886 drupal>6<6.12 cross-site-scripting http://drupal.org/node/461886 p5-DBD-postgresql<2.0.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0663 p5-DBD-postgresql<2.0.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1341 cyrus-sasl<2.1.23 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0688 eggdrop<1.6.19nb1 denial-of-service http://archives.neohapsis.com/archives/fulldisclosure/2009-05/0129.html kdegraphics<3.5.10nb2 remote-system-access http://secunia.com/advisories/34754/ geeklog<1.5.2.4 sql-injection http://www.geeklog.net/article.php/geeklog-1.5.2sr4 apache>=2.2.0<2.2.11nb3 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191 plone3<3.2.2 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0662 file<5.03 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1515 py{15,20,21,22,23,24,25,26,27,31}-prewikka-[0-9]* sensitive-information-exposure http://secunia.com/advisories/34928/ memcached<1.2.8 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1255 cscope<15.7a remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0148 coccinelle<0.1.9 privilege-escalation http://secunia.com/advisories/35012/ ntp>=4<4.2.4p7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1252 openssl<0.9.8knb1 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377 openssl<0.9.8knb1 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378 openssl<0.9.8knb1 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379 pango<1.24 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1194 nsd<3.2.2 remote-system-access http://secunia.com/advisories/35165/ ipsec-tools<0.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1574 prelude-manager-[0-9]* sensitive-information-exposure http://secunia.com/advisories/34987/ quagga<0.99.12 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1572 wireshark>=0.8.20<1.0.8 remote-denial-of-service http://www.wireshark.org/security/wnpa-sec-2009-03.html pidgin<2.5.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1373 pidgin<2.5.6 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1374 pidgin<2.5.6 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1375 pidgin<2.5.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1376 gst-plugins0.10-png<0.10.15nb1 arbitrary-code-execution http://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=d9544bcc44adcef769cbdf7f6453e140058a3adc xvidcore<1.2.2 arbitrary-code-execution http://secunia.com/advisories/35274/ libsndfile<1.0.20nb1 denial-of-service http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530831 ImageMagick<6.5.2.9 arbitrary-code-execution http://secunia.com/advisories/35216/ apache>=2.2<2.2.11nb4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195 base<1.4.3.1 cross-site-scripting http://secureideas.cvs.sourceforge.net/viewvc/secureideas/base-php4/docs/CHANGELOG?r1=1.349&r2=1.346 base<1.4.3.1 cross-site-request-forgery http://secureideas.cvs.sourceforge.net/viewvc/secureideas/base-php4/docs/CHANGELOG?r1=1.349&r2=1.346 base<1.4.3.1 sql-injection http://secureideas.cvs.sourceforge.net/viewvc/secureideas/base-php4/docs/CHANGELOG?r1=1.349&r2=1.346 libsndfile<1.0.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1788 libsndfile<1.0.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1791 apache-tomcat>=6<6.0.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033 apache-tomcat>=6<6.0.20 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580 apache-tomcat>=6<6.0.20 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781 apache-tomcat>=6<6.0.20 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783 apache-tomcat>=5<5.5.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033 apache-tomcat>=5<5.5.28 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580 apache-tomcat>=5<5.5.28 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781 apache-tomcat>=5<5.5.28 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783 jakarta-tomcat4-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033 jakarta-tomcat4-[0-9]* information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580 jakarta-tomcat4-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781 jakarta-tomcat4-[0-9]* information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783 wxGTK2{4,6}-[0-9]* arbitrary-code-execution http://secunia.com/advisories/35292/ wxGTK28<2.8.10nb1 arbitrary-code-execution http://secunia.com/advisories/35292/ apr-util<1.3.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023 png<1.2.37 information-disclosure http://secunia.com/advisories/35346/ suse{,32}_libpng<11.3 information-disclosure http://secunia.com/advisories/35346/ ruby18-base<1.8.7.173 denial-of-service http://www.ruby-lang.org/en/news/2009/06/09/dos-vulnerability-in-bigdecimal/ acroread7<7.1.3 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-07.html acroread8<8.1.6 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-07.html p5-Compress-Raw-Zlib<2.017 denial-of-service http://secunia.com/advisories/35422/ xfig<3.2.5b privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1962 pdflib-lite<7.0.4p4 remote-system-access http://secunia.com/advisories/35180/ suse{,32}_openssl<11.3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377 suse{,32}_openssl<11.3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378 suse{,32}_openssl<11.3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379 py{15,20,21,22,23,24,25,26,27,31}-moin<1.8.4 remote-security-bypass http://secunia.com/advisories/35407/ scmgit-base<1.6.3.3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2108 rt<3.8.4 remote-security-bypass http://secunia.com/advisories/35451/ icu<4.0.1 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0153 firefox3{,-bin}<3.0.11 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-24.html firefox3{,-bin}<3.0.11 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-25.html firefox3{,-bin}<3.0.11 sensitive-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2009-26.html firefox3{,-bin}<3.0.11 sensitive-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2009-27.html firefox3{,-bin}<3.0.11 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-28.html firefox3{,-bin}<3.0.11 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-29.html firefox3{,-bin}<3.0.11 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-30.html firefox3{,-bin}<3.0.11 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-31.html firefox3{,-bin}<3.0.11 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-32.html thunderbird{,-gtk1}<2.0.0.22 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-24.html thunderbird{,-gtk1}<2.0.0.22 sensitive-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2009-27.html thunderbird{,-gtk1}<2.0.0.22 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-29.html thunderbird{,-gtk1}<2.0.0.22 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-32.html seamonkey{,-bin,-gtk1}<1.1.17 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-24.html seamonkey{,-bin,-gtk1}<1.1.17 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-25.html seamonkey{,-bin,-gtk1}<1.1.17 sensitive-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2009-26.html seamonkey{,-bin,-gtk1}<1.1.17 sensitive-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2009-27.html seamonkey{,-bin,-gtk1}<1.1.17 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-29.html seamonkey{,-bin,-gtk1}<1.1.17 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-31.html seamonkey{,-bin,-gtk1}<1.1.17 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-32.html pcsc-lite<1.5.4 denial-of-service http://secunia.com/advisories/35500/ php5-exif<5.2.10 denial-of-service http://secunia.com/advisories/35441/ ruby18-base<1.8.7.72nb3 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0642 jakarta-tomcat{4,5}-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages tiff<3.8.2nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2285 samba>=3.0.31<3.0.34nb2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888 drupal>5<5.19 multiple-vulnerabilities http://drupal.org/node/507572 drupal>6<6.13 multiple-vulnerabilities http://drupal.org/node/507572 nagios-base<3.1.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2288 xemacs<21.4.24 remote-system-access http://secunia.com/advisories/35348/ apache>=2.2<2.2.11nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890 apache>=2.2<2.2.11nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891 tor<0.2.0.35 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2425 tor<0.2.0.35 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2426 amsn-[0-9]* ssl-cert-spoofing http://secunia.com/advisories/35621/ pidgin<2.5.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1889 wxGTK-[0-9]* remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2369 amaya<11.3.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2369 p5-IO-Socket-SSL<1.26 remote-security-bypass http://secunia.com/advisories/35703/ ruby18-actionpack<2.3.2nb1 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2422 dillo<2.1.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2294 mysql-server<5.0.67nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2446 bugzilla>=3.1.1<3.2.4 remote-security-bypass http://www.bugzilla.org/security/3.2.3/ mimetex<1.71 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1382 mimetex<1.71 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2459 isc-dhclient>=4<4.1.0p1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692 isc-dhcp-client<3.1.2p1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692 mediawiki>=1.14<1.15.1 cross-site-scripting http://secunia.com/advisories/35818/ htmldoc<1.8.27nb2 remote-system-access http://secunia.com/advisories/35780/ tiff<3.9.4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2347 xmlsec1<1.2.12 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 xml-security-c<1.5.1 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 mono<2.4.2.2 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 sun-{jdk,jre}6<6.0.15 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 libmodplug<0.8.7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1513 gst-plugins0.10-bad<0.10.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1438 gst-plugins0.10-bad<0.10.11 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1513 kdegraphics-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0945 kdelibs-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1687 kdelibs-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1690 kdelibs-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1698 kdegraphics-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1709 p5-DBD-postgresql<2.0.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0663 p5-DBD-postgresql<2.0.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1341 wireshark<1.2.1 denial-of-service http://www.wireshark.org/security/wnpa-sec-2009-04.html squid>=3.0<3.0.18 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2009_2.txt squid>=3.1<3.1.0.13 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2009_2.txt pulseaudio<0.9.14nb3 local-root-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1894 firefox3{,-bin}<3.0.12 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-34.html firefox3{,-bin}<3.0.12 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-35.html firefox3{,-bin}<3.0.12 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-36.html firefox3{,-bin}<3.0.12 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-37.html firefox3{,-bin}<3.0.12 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-39.html firefox3{,-bin}<3.0.12 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-40.html wordpress<2.8.2 cross-site-scripting http://wordpress.org/development/2009/07/wordpress-2-8-2/ bind<9.4.3pl3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696 bind>=9.5.0<9.5.1pl3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696 bind>=9.6.0<9.6.1pl1 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696 py{15,20,21,22,23,24,25,26,27,31}-django<1.0.3 remote-file-view http://www.djangoproject.com/weblog/2009/jul/28/security/ bash-completion>10<20080705 command-injection http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=259987 webkit-gtk<1.1.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2419 suse{,32}_openssl<11.3 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 suse{,32}_openssl<11.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1386 suse{,32}_libcups<11.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 suse{,32}_gtk2<11.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1194 camlimages<3.0.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2295 py{15,20,21,22,23,24,25,26,27,31}-moin<1.9.0 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2265 python24<2.4.6 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5031 python25<2.5.4 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5031 adobe-flash-plugin<10.0.32.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1862 ns-flash<9.0.246.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1862 silc-client<1.1.8 arbitrary-code-execution http://www.silcnet.org/docs/changelog/SILC%20Client%201.1.8 wordpress<2.8.3 privilege-escalation http://wordpress.org/development/2009/08/wordpress-2-8-3-security-release/ apr-util<1.3.9 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 subversion-base<1.6.4 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2411 apr<0.9.19 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 apr>=1.0<1.3.8 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 GraphicsMagick<1.3.5nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1097 openexr<1.6.1nb1 heap-based-buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1720 openexr<1.6.1nb1 heap-based-buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1721 openexr<1.6.1nb1 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1722 vlc<0.8.6inb5 remote-system-access http://archives.neohapsis.com/archives/bugtraq/2009-07/0198.html vlc>=0.9<0.9.9anb2 remote-system-access http://archives.neohapsis.com/archives/bugtraq/2009-07/0198.html vlc>=1.0<1.0.0nb1 remote-system-access http://archives.neohapsis.com/archives/bugtraq/2009-07/0198.html mplayer<1.0rc10nb14 remote-system-access http://archives.neohapsis.com/archives/bugtraq/2009-07/0198.html firefox3{,-bin}<3.0.13 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2408 firefox3{,-bin}<3.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2404 firefox3{,-bin}<3.0.13 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2654 fetchmail<6.3.11 spoofing-attacks http://www.fetchmail.info/fetchmail-SA-2009-01.txt sun-{jdk,jre}14<2.22 multiple-vulnerabilities http://secunia.com/advisories/36159/ sun-{jdk,jre}15<5.0.20 multiple-vulnerabilities http://secunia.com/advisories/36159/ sun-{jdk,jre}6<6.0.15 multiple-vulnerabilities http://secunia.com/advisories/36159/ irssi<0.8.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1959 asterisk>=1.6.1<1.6.1.2 denial-of-service http://downloads.digium.com/pub/security/AST-2009-004.html kdelibs<3.5.10nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1725 firefox3{,-bin}<3.0.12 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-38.html firefox3{,-bin}<3.0.13 www-address-spoof http://www.mozilla.org/security/announce/2009/mfsa2009-44.html firefox3{,-bin}<3.0.13 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-45.html zope29<2.9.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0668 zope210<2.10.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0668 zope211<2.11.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0668 zope3<3.3.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0668 zope29<2.9.11 authentication-bypass http://cvw.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0669 zope210<2.10.9 authentication-bypass http://cvw.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0669 zope211<2.11.4 authentication-bypass http://cvw.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0669 zope3<3.3.3 authentication-bypass http://cvw.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0669 xerces-c<2.8.0nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1885 camlimages<3.0.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2660 asterisk>=1.6.1<1.6.1.4 denial-of-service http://downloads.digium.com/pub/security/AST-2009-005.html asterisk>=1.6.0<1.6.0.13 denial-of-service http://downloads.digium.com/pub/security/AST-2009-005.html wordpress<2.8.4 bypass-security-check http://wordpress.org/development/2009/08/2-8-4-security-release/ gnutls<2.8.2 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2730 viewvc<1.0.9 cross-site-scripting http://secunia.com/advisories/36292/ squirrelmail<1.4.20rc2 cross-site-scripting http://www.squirrelmail.org/security/issue/2009-08-12 curl<7.19.6 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2417 samba-3.0.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages libxml2<2.7.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2414 libxml2<2.7.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2416 libxml<1.8.17nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2414 libxml<1.8.17nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2416 p5-Compress-Raw-Bzip2<2.0.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1884 libvorbis<1.2.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2663 ntop<4.0.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2732 isc-dhcp-server<3.1.2p1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1892 cogito-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages asterisk>=1.2<1.2.35 denial-of-service http://downloads.digium.com/pub/security/AST-2009-006.html asterisk>=1.6.0<1.6.0.15 denial-of-service http://downloads.digium.com/pub/security/AST-2009-006.html asterisk>=1.6.1<1.6.1.6 denial-of-service http://downloads.digium.com/pub/security/AST-2009-006.html libspf2<1.2.9nb1 denial-of-service http://mail-index.netbsd.org/pkgsrc-changes/2009/09/08/msg029522.html expat<2.0.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 geeklog<1.5.2.5 remote-security-bypass http://www.geeklog.net/article.php/geeklog-1.6.0sr2 geeklog<1.5.2.5 cross-site-scripting http://www.geeklog.net/article.php/geeklog-1.6.0sr1 geeklog<1.5.2.5 remote-data-manipulation http://www.geeklog.net/article.php/geeklog-1.6.0sr1 neon<0.28.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2473 neon<0.28.6 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2474 squid<2.7.6nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2855 libpurple<2.5.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2694 libpurple-2.6.0{,nb[0-9]*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3025 libpurple<2.6.0 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3026 ikiwiki<3.1415926 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2944 opera<10.0 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3047 opera<10.0 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3046 opera<10.0 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3045 opera<10.0 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3044 opera<10.0 html-form-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3048 opera<10.0 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3049 wget<1.11.4nb1 ssl-cert-spoofing http://cve.circl.lu/cve/CVE-2009-3490 qt4-libs<4.5.2nb3 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2700 openoffice2{,-bin}<2.4.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0200 openoffice2{,-bin}<2.4.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0201 openoffice3{,-bin}<3.1.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0200 openoffice3{,-bin}<3.1.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0201 dnsmasq<2.50 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2957 dnsmasq<2.50 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2958 freeradius<1.1.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3111 rails<2.3.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3086 rails<2.3.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3009 libpurple>=2.5.2<2.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3085 libpurple>=2.6.0<2.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3084 libpurple<2.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3083 libpurple<2.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2703 apache<2.0.64 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 apache>=2.2.0<2.2.12nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 apache-2.2.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 kdelibs-3.[0-9]* ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2702 cyrus-imapd<2.2.13p1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2632 dovecot-sieve<1.1.7 arbitrary-code-execution http://www.dovecot.org/list/dovecot-news/2009-September/000135.html slic-server<1.1.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7159 slic-server<1.1.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7160 seamonkey{,-bin,-gtk1}<1.1.18 ssl-cert-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-42.html seamonkey{,-bin,-gtk1}<1.1.18 heap-overflow http://www.mozilla.org/security/announce/2009/mfsa2009-43.html thunderbird{,-gtk1}<2.0.0.23 ssl-cert-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-42.html thunderbird{,-gtk1}<2.0.0.23 heap-overflow http://www.mozilla.org/security/announce/2009/mfsa2009-43.html firefox<3.5.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-47.html xulrunner<1.9.1.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-47.html firefox3<3.0.14 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-47.html firefox<3.5.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-49.html xulrunner<1.9.1.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-49.html firefox3<3.0.14 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-49.html firefox<3.5.3 privilege-escalation http://www.mozilla.org/security/announce/2009/mfsa2009-51.html xulrunner<1.9.1.3 privilege-escalation http://www.mozilla.org/security/announce/2009/mfsa2009-51.html firefox3<3.0.14 privilege-escalation http://www.mozilla.org/security/announce/2009/mfsa2009-51.html xapian-omega<1.0.16 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2947 bugzilla<3.2.5 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3165 rt<3.8.5 script-insertion http://secunia.com/advisories/36752/ wireshark<1.0.9 multiple-vulnerabilities http://www.wireshark.org/security/wnpa-sec-2009-05.html wireshark<1.2.2 multiple-vulnerabilities http://www.wireshark.org/security/wnpa-sec-2009-06.html vlc<1.0.2 arbitrary-code-execution http://secunia.com/advisories/36762/ ffmpeg<20090611nb4 heap-overflow http://secunia.com/advisories/36760/ ffmpeg<0.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4631 ffmpeg<0.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4632 ffmpeg<0.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4633 ffmpeg<0.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4634 ffmpeg<0.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4635 ffmpeg<0.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4636 ffmpeg<0.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4637 ffmpeg<0.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4638 ffmpeg<0.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4639 ffmpeg<0.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4640 php<5.2.11 multiple-vulnerabilities http://www.php.net/releases/5_2_11.php nginx<0.5.38 buffer-underflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629 nginx>=0.6<0.6.39 buffer-underflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629 nginx>=0.7<0.7.62 buffer-underflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629 nginx>=0.8<0.8.15 buffer-underflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629 nginx<0.5.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3896 nginx>=0.6<0.6.39 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3896 nginx>=0.7<0.7.62 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3896 nginx>=0.8<0.8.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3896 fprot-workstation-bin-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages drupal>5<5.20 multiple-vulnerabilities http://drupal.org/node/579482 drupal>6<6.14 multiple-vulnerabilities http://drupal.org/node/579482 newt<0.52.11 denial-of-service http://secunia.com/advisories/36810/ merkaartor<0.15 privilege-escalation http://secunia.com/advisories/36897/ nginx<0.7.63 security-restrictions-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3898 nginx>=0.8<0.8.17 security-restrictions-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3898 samba<3.0.37 information-disclosure http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2948 samba<3.0.37 denial-of-service http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906 samba<3.0.37 privilege-escalation http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813 snort<2.8.5 denial-of-service http://secunia.com/advisories/36808/ thin<1.2.4 source-address-spoofing http://secunia.com/advisories/36825/ apache>=2.0<2.0.64 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095 apache>=2.2.0<2.2.13nb3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095 apache<1.3.42 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095 tkman-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5137 horde<3.3.5 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3236 horde<3.3.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3237 glib2<2.2.21 data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3289 puppet<0.24.9 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3564 xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603 xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604 xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606 xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 aria2<1.2.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3575 py{15,20,21,22,23,24,25,26,27,31}-django<1.0.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3695 py{15,20,21,22,23,24,25,26,27,31}-django>=1.1<1.1.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3695 unbound<1.3.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3602 py{15,20,21,22,23,24,25,26,27,31}-postgresql<4.0 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2940 gd<2.0.35nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546 php5-gd<5.2.11nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546 typo3<4.2.10 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-016/ asterisk>=1.6.1<1.6.1.8 security-restrictions-bypass http://downloads.digium.com/pub/security/AST-2009-007.html wireshark<1.2.3 remote-code-execution http://www.wireshark.org/security/wnpa-sec-2009-07.html firefox3-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages firefox<3.5.4 privacy-leak http://www.mozilla.org/security/announce/2009/mfsa2009-52.html firefox<3.5.4 insecure-temp-files http://www.mozilla.org/security/announce/2009/mfsa2009-53.html firefox<3.5.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-54.html firefox<3.5.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-55.html firefox<3.5.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-56.html firefox<3.5.4 privilege-escalation http://www.mozilla.org/security/announce/2009/mfsa2009-57.html firefox<3.5.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-59.html firefox<3.5.4 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-60.html firefox<3.5.4 local-filename-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-61.html firefox<3.5.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-62.html xulrunner<1.9.1.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefox3.5.4 proftpd<1.3.3 spoofing-attacks http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3639 bftpd<2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4593 opera<10.01 multiple-vulnerabilities http://secunia.com/advisories/37182/ acroread7<7.1.4 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-15.html acroread8<8.1.7 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-15.html wordpress<2.8.5 denial-of-service http://secunia.com/advisories/37088/ squidGuard<1.4nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3700 squidGuard-[0-9]* remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3826 snort<2.8.5.1 denial-of-service http://secunia.com/advisories/37135/ p5-HTML-Parser<3.63 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3627 seamonkey-{,-bin,-gtk1}<2.0 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-55.html seamonkey-{,-bin,-gtk1}<2.0 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-56.html seamonkey-{,-bin,-gtk1}<2.0 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-62.html asterisk<1.2.35 information-disclosure http://downloads.digium.com/pub/security/AST-2009-008.html asterisk>=1.6.0<1.6.0.17 information-disclosure http://downloads.digium.com/pub/security/AST-2009-008.html asterisk>=1.6.1<1.6.1.9 information-disclosure http://downloads.digium.com/pub/security/AST-2009-008.html asterisk>=1.6.1<1.6.1.9 cross-site-scripting http://downloads.digium.com/pub/security/AST-2009-009.html roundcube<0.3 cross-site-request-forgery http://secunia.com/advisories/37235/ openssl<0.9.8l man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 sun-{jdk,jre}14-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages sun-{jdk,jre}15-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gnutls<2.10.0 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 libwww<5.4.0nb7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 opera<10.10 multiple-vulnerabilities http://secunia.com/advisories/37469/ mysql-server<5.0.88 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4019 mysql-client<5.0.88 spoofing-attacks http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4028 php<5.2.11nb2 multiple-vulnerabilities http://secunia.com/advisories/37412/ php5-pear-Mail<1.1.14nb2 security-bypass http://secunia.com/advisories/37410/ opera<10.10 arbitrary-code-execution http://secunia.com/advisories/37431/ suse{,32}_openssl<11.3 session-hijack http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html cups<1.4.3 denial-of-service http://secunia.com/advisories/37364/ gimp<2.6.8 remote-system-access http://secunia.com/advisories/37348/ qt4-libs<4.5.3 multiple-vulnerabilities http://secunia.com/advisories/37396/ mpop<1.0.19 spoofing-attacks http://secunia.com/advisories/37312/ cups<1.4.2 cross-site-scripting http://secunia.com/advisories/37308/ gimp<2.6.8 remote-system-access http://secunia.com/advisories/37232/ libexif-0.6.18 denial-of-service http://secunia.com/advisories/37378/ wordpress<2.8.6 multiple-vulnerabilities http://secunia.com/advisories/37332/ bind>=9.0<9.4.3pl5 dns-cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097 bind>=9.5<9.5.2pl2 dns-cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097 bind>=9.6<9.6.1pl3 dns-cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097 libltdl<2.2.6b privilege-escalation http://secunia.com/advisories/37414/ ruby18-actionpack<2.3.5 cross-site-scripting http://secunia.com/advisories/37446/ kdelibs<3.5.10nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689 kdelibs>4<4.3.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689 rt<3.8.6 session-hijack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3585 asterisk<1.2.37 denial-of-service http://downloads.digium.com/pub/security/AST-2009-010.html asterisk>=1.6.0<1.6.0.19 denial-of-service http://downloads.digium.com/pub/security/AST-2009-010.html asterisk>=1.6.1<1.6.1.11 denial-of-service http://downloads.digium.com/pub/security/AST-2009-010.html sun-{jre,jdk}14<2.24 multiple-vulnerabilities http://secunia.com/advisories/37231/ sun-{jre,jdk}15<5.0.22 multiple-vulnerabilities http://secunia.com/advisories/37231/ sun-{jre,jdk}6<6.0.17 multiple-vulnerabilities http://secunia.com/advisories/37231/ libvorbis<1.2.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3379 apr<1.3.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2699 vmware-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages vmware-3.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages phpmyadmin<2.11.9.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3696 phpmyadmin<2.11.9.6 code-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3697 xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188 poppler<0.11.0 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604 poppler<0.11.0 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606 poppler<0.12.1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603 poppler-glib<0.12.1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3607 poppler<0.12.1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 poppler<0.12.1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 transfig<3.2.5nb2 arbitrary-code-execution http://secunia.com/advisories/37577/ xfig<3.2.5bnb5 arbitrary-code-execution http://secunia.com/advisories/37571/ libpurple<2.6.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3615 automake<1.11.1 insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4029 automake14<1.4.6nb1 insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4029 centerim<4.22.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4776 devIL<1.7.8nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3994 ntp<4.2.4p8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563 firefox<3.5.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-65.html firefox<3.5.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-66.html firefox<3.5.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-67.html firefox<3.5.6 ntlm-authentication-hijack http://www.mozilla.org/security/announce/2009/mfsa2009-68.html firefox<3.5.6 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-69.html firefox<3.5.6 privilege-escalation http://www.mozilla.org/security/announce/2009/mfsa2009-70.html firefox<3.5.6 privacy-leak http://www.mozilla.org/security/announce/2009/mfsa2009-71.html xulrunner<1.9.1.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefox3.5.6 seamonkey<2.0.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.1 drupal>5<5.21 cross-site-scripting http://drupal.org/node/661586 drupal>6<6.15 cross-site-scripting http://drupal.org/node/661586 typolight<2.6 security-bypass http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html typolight26<2.6.7nb3 security-bypass http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html typolight27<2.7.6 security-bypass http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html typolight28<2.8rc2 security-bypass http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html coreutils<6.12nb3 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4135 wireshark<1.2.5 remote-code-execution http://www.wireshark.org/security/wnpa-sec-2009-09.html gtk2+>2<2.18.5 denial-of-service https://bugzilla.gnome.org/show_bug.cgi?id=598476 ghostscript<8.70nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4270 php<5.2.11nb2 arbitrary-file-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3557 php<5.2.11nb2 arbitrary-fifo-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3558 php<5.2.11nb2 arbitrary-file-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4017 php<5.2.12 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4142 php<5.2.12 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4143 horde<3.3.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3701 kdegraphics<4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4035 kdelibs<3.5.10nb5 security-bypass http://www.kde.org/info/security/advisory-20091027-1.txt kdelibs>4<4.3.3 security-bypass http://www.kde.org/info/security/advisory-20091027-1.txt proftpd<1.3.2c man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 acroread-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-07.html acroread5-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-07.html acroread7-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-07.html acroread8-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-07.html sunbird-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689 thunderbird{,-gtk1}-2.[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689 spamassassin>=3.2.0<3.2.5nb4 denial-of-service https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6269 qt4-libs<4.5.3nb2 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2816 qt4-libs<4.5.3nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3384 xmlsec1<1.2.14 privilege-escalation http://secunia.com/advisories/37615/ adobe-flash-plugin<10.0.42.34 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb09-19.html ns-flash<9.0.260 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb09-19.html webmin<1.500 cross-site-scripting http://secunia.com/advisories/37648/ kdegraphics-3.[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4035 ampache<3.5.3 remote-security-bypass http://secunia.com/advisories/37867/ trac<0.11.6 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4405 ja-trac<0.11.5pl1nb1 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4405 php{5,53,54,55}-jpgraph-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4422 openttd<0.7.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4007 libpurple<2.6.5 remote-information-exposure http://secunia.com/advisories/37953/ ruby18-base<1.8.7.174nb3 escape-sequence-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4492 typo3<4.3.1 authentication-bypass http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-001/ libthai<0.1.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4012 powerdns-recursor<3.1.7.2 arbitrary-code-execution http://doc.powerdns.com/powerdns-advisory-2010-01.html powerdns-recursor<3.1.7.2 spoofing-attacks http://doc.powerdns.com/powerdns-advisory-2010-02.html Transmission<1.77 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0012 openssl<0.9.8lnb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4355 tnftpd<20091122 denial-of-service http://secunia.com/advisories/38098/ cherokee<0.99.32 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4489 phpmyadmin<2.11.10 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7251 phpmyadmin<2.11.10 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7252 phpmyadmin<2.11.10 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4605 lib3ds<2.0rc1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0280 tor<0.2.1.22 sensitive-information-exposure http://secunia.com/advisories/38198/ gzip<1.3.12nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2624 gzip<1.3.12nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0001 apache-tomcat<5.5.29 arbitrary-file-deletion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693 apache-tomcat<5.5.29 insecure-partial-deploy http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901 apache-tomcat<5.5.29 unexpected-file-deletion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902 apache-tomcat>=6<6.0.21 arbitrary-file-deletion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693 apache-tomcat>=6<6.0.21 insecure-partial-deploy http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901 apache-tomcat>=6<6.0.21 unexpected-file-deletion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902 zope29<2.9.12 cross-site-scripting http://secunia.com/advisories/38007/ zope210<2.10.11 cross-site-scripting http://secunia.com/advisories/38007/ zope211<2.11.6 cross-site-scripting http://secunia.com/advisories/38007/ mit-krb5<1.4.2nb9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4212 acroread7-[0-9]* multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb10-02.html acroread7-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages acroread8-[0-9]* multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb10-02.html acroread8-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages maildrop<2.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0301 wireshark>=0.9.0<1.2.6 denial-of-service http://www.wireshark.org/security/wnpa-sec-2010-01.html wireshark>=0.9.0<1.2.6 denial-of-service http://www.wireshark.org/security/wnpa-sec-2010-02.html apache<1.3.42 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0010 ircd-hybrid<7.2.3nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4016 fuse>=2.0<2.8.2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0789 samba<3.3.10 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0787 squid<2.7.7nb2 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_1.txt squid>=3.0<3.0.23 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_1.txt squid>=3.1<3.1.0.16 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_1.txt apache-1.3.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages puppet<0.24.9 local-file-write https://bugzilla.redhat.com/show_bug.cgi?id=502881 php5-pear-DB<1.7.8 sql-injection http://secunia.com/advisories/20231/ lighttpd<1.4.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0295 fetchmail<6.3.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0562 gmime<2.2.25nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0409 gmime24<2.4.15 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0409 GraphicsMagick<1.3.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1882 asterisk>=1.6.1<1.6.1.14 denial-of-service http://downloads.digium.com/pub/security/AST-2010-001.html asterisk>=1.6.2<1.6.2.2 denial-of-service http://downloads.digium.com/pub/security/AST-2010-001.html squid<2.7.7nb3 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_2.txt squid>=3.0<3.0.24 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_2.txt mysql-server>=5.0<5.0.90 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4484 RealPlayerGold<11.0.2 multiple-vulnerabilities http://service.real.com/realplayer/security/01192010_player/en/ bugzilla-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages bugzilla<3.2.6 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3989 typo3<4.3.2 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-004/ ejabberd<2.1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0305 libmikmod<3.2.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3995 libmikmod<3.2.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3996 nss<3.12.5 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 samba<3.3.11 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0926 chrony<1.23.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0292 chrony<1.23.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0293 chrony<1.23.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0294 gnome-screensaver<2.28.2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0414 opera<10.50 man-in-the-middle-attack http://secunia.com/advisories/38546/ netpbm<10.35.72 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4274 openoffice2{,-bin}-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages py{15,20,21,22,23,24,25,26,27,31}-moin<1.8.7 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0668 py{15,20,21,22,23,24,25,26,27,31}-moin<1.8.7 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0669 adobe-flash-plugin<10.0.45.2 remote-security-bypass http://www.adobe.com/support/security/bulletins/apsb10-06.html ns-flash<9.0.262 remote-security-bypass http://www.adobe.com/support/security/bulletins/apsb10-06.html sudo>=1.6.9<1.7.2p4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0426 sudo-1.6.[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0427 openoffice2-bin-[0-9]* signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 openoffice3-bin<3.2 signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 openoffice2{,-bin}-[0-9]* remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 openoffice3{,-bin}<3.2 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 openoffice2{,-bin}-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2949 openoffice3{,-bin}<3.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2949 openoffice2{,-bin}-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2950 openoffice3{,-bin}<3.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2950 openoffice2{,-bin}-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3301 openoffice3{,-bin}<3.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3301 openoffice2{,-bin}-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3302 openoffice3{,-bin}<3.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3302 curl>=7.10.5<7.20.0 denial-of-service http://secunia.com/advisories/38427/ dillo<2.2 sensitive-information-exposure http://secunia.com/advisories/38569/ gnome-screensaver<2.28.3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0422 libpurple<2.6.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0277 libpurple<2.6.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0420 pidgin<2.6.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0423 asterisk>=1.6.1<1.6.1.17 denial-of-service http://downloads.digium.com/pub/security/AST-2010-003.html asterisk>=1.6.2<1.6.2.5 denial-of-service http://downloads.digium.com/pub/security/AST-2010-003.html thunderbird>=3<3.0.1 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-65.html thunderbird>=3<3.0.1 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-66.html thunderbird>=3<3.0.1 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-67.html firefox<3.5.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-01.html firefox>=3.5<3.5.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-02.html firefox<3.5.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-03.html firefox<3.5.8 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2010-04.html firefox<3.5.8 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2010-05.html xulrunner<1.9.1.8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefox3.5.8 seamonkey<2.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-01.html seamonkey<2.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-02.html seamonkey<2.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-03.html seamonkey<2.0.3 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2010-04.html seamonkey<2.0.3 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2010-05.html thunderbird<3.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-01.html thunderbird<3.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-03.html php<5.2.13 remote-security-bypass http://secunia.com/advisories/38708/ gnome-screensaver<2.28.1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4641 openldap-client<2.4.18 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3767 drupal>5<5.22 multiple-vulnerabilities http://drupal.org/node/731710 drupal>6<6.16 multiple-vulnerabilities http://drupal.org/node/731710 png<1.2.43 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205 cups<1.4.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0393 mediawiki<1.15.2 security-restrictions-bypass http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html opera<10.51 arbitrary-code-execution http://secunia.com/advisories/38820/ apache>=2.2<2.2.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408 apache>=2.2<2.2.15 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434 apache-2.0.[0-9]* sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434 dovecot>=1.2<1.2.11 denial-of-service http://www.dovecot.org/list/dovecot-news/2010-March/000152.html gtar-base<1.23 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0624 gcpio<2.6nb6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0624 vlc<1.0.6 arbitrary-code-execution http://secunia.com/advisories/38853/ lshell<0.9.10 security-bypass http://secunia.com/advisories/38879/ samba<3.3.12 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0728 spamass-milter<0.3.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1132 viewvc<1.0.10 cross-site-scripting http://secunia.com/advisories/38895/ unbound<1.4.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0969 ikiwiki<3.20100312 cross-site-scripting http://secunia.com/advisories/38983/ Transmission<1.92 remote-system-access http://secunia.com/advisories/39031/ seamonkey{,-bin}<1.1.19 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-49.html seamonkey{,-bin}<1.1.19 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-59.html seamonkey{,-bin}<1.1.19 ntlm-authentication-hijack http://www.mozilla.org/security/announce/2009/mfsa2009-68.html seamonkey{,-bin}<1.1.19 remote-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2010-06.html seamonkey{,-bin}<1.1.19 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-07.html m4<1.4.14 insecure-file-permissions http://secunia.com/advisories/38707/ nss<3.12.3 ssl-cert-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-42.html nss<3.12.3 heap-overflow http://www.mozilla.org/security/announce/2009/mfsa2009-43.html openssl<0.9.8mnb1 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245 spice-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages seamonkey{,-bin}-1.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages dpkg<1.14.29 remote-manipulation-data http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0396 heimdal<1.3.2 denial-of-service http://secunia.com/advisories/39037/ openssl<0.9.8mnb2 denial-of-service http://www.openssl.org/news/secadv_20100324.txt php5-xmlrpc<5.2.13nb1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0397 php53-xmlrpc<5.3.2nb1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0397 pango<1.26.2nb2 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0421 deliver-[0-9]* insecure-lock-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0439 deliver-[0-9]* insecure-lock-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1123 ctorrent-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ctorrent-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1759 sun-{jre,jdk}6<6.0.19 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0847 firefox<3.6.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2010/mfsa2010-25.html libnids<1.24 denial-of-service http://freefr.dl.sourceforge.net/project/libnids/libnids/1.24/libnids-1.24.releasenotes.txt py{15,20,21,22,23,24,25,26,27,31}-moin<1.9.3 script-insertion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0828 firefox<3.0.19 arbitrary-code-execution http://secunia.com/advisories/39240/ firefox<3.5.9 arbitrary-code-execution http://secunia.com/advisories/39136/ seamonkey{,-bin}<2.0.4 arbitrary-code-execution http://secunia.com/advisories/39243/ trac<0.11.7 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2010-5108 ja-trac<0.11.7pl1 security-bypass http://secunia.com/advisories/39123/ viewvc<1.0.11 cross-site-scripting http://secunia.com/secunia_research/2010-26/ thunderbird<3.0.4 arbitrary-code-execution http://secunia.com/advisories/39242/ expat<2.0.1nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560 typo3>=4.3.0<4.3.3 remote-code-execution http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-008/ hamlib<1.2.11 privilege-escalation http://secunia.com/advisories/39299/ kdebase<4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0436 kdebase-workspace<4.3.5nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0436 sun-{jre,jdk}6<6.0.20 arbitrary-code-execution http://www.kb.cert.org/vuls/id/886582 teTeX-bin<3.0nb24 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0739 dvipsk<5.98nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0739 nano<2.2.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1160 nano<2.2.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1161 irssi<0.8.15 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1155 irssi<0.8.15 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1156 sudo<1.7.2p6 arbitrary-command-execution http://www.sudo.ws/sudo/alerts/sudoedit_escalate2.html erlang<13.2.3nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2371 memcached<1.4.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1152 clamav<0.96 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0098 clamav<0.96 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1311 abcm2ps<5.9.12 remote-system-access http://secunia.com/advisories/39345/ mediawiki<1.15.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1150 suse{,32}_openssl<11.3 man-in-the-middle-attack http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00000.html mysql-server>=5.1<5.1.45 denial-of-service http://secunia.com/advisories/39454/ p5-Crypt-OpenSSL-DSA<0.13nb6 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0129 mit-krb5>=1.7<1.8.2 remote-system-access http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-004.txt vlc>0.5<1.0.6 arbitrary-command-execution http://www.videolan.org/security/sa1003.html libesmtp<1.0.6 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1192 libesmtp<1.0.6 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1194 apache-tomcat<5.5.30 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157 apache-tomcat>=6<6.0.27 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157 smalltalk<3.1nb6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 apache-tomcat<6.0.30 cross-site-request-forgery http://secunia.com/advisories/39261/ wordpress-2.* sensitive-information-exposure http://secunia.com/advisories/39040/ gcc44<4.4.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 gcc34<3.4.6nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 gcc3-java-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 qt4-libs<4.6.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0046 qt4-libs<4.6.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0049 qt4-libs<4.6.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0050 qt4-libs<4.6.3 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0051 qt4-libs<4.6.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0052 qt4-libs<4.6.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0054 memcached<1.4.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2415 postgresql82-server<8.2.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0442 postgresql83-server<8.3.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0442 postgresql84-server<8.4.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0442 typolight<2.6 multiple-vulnerabilities http://www.typolight.org/news/items/consolidated-security-update.html typolight26<2.6.7nb3 multiple-vulnerabilities http://www.typolight.org/news/items/consolidated-security-update.html typolight27<2.7.7 multiple-vulnerabilities http://www.typolight.org/news/items/consolidated-security-update.html typolight28<2.8.3 multiple-vulnerabilities http://www.typolight.org/news/items/consolidated-security-update.html fetchmail<6.3.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1167 wireshark<1.2.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2010-04.html dvipng<1.12nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0829 openttd<1.0.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0402 pcre<8.0.2 denial-of-service http://secunia.com/advisories/39738/ gnustep-base<1.20.0 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1620 gnustep-base<1.20.0 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1457 ghostscript<8.71 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1869 modular-xorg-server<1.6.5nb11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1166 p5-POE-Component-IRC<6.32 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3438 mysql-server>=5.0<5.0.91 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1848 mysql-server>=5.1<5.1.47 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1848 mysql-server>=5.0<5.0.91 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1849 mysql-server>=5.1<5.1.47 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1849 mysql-server>=5.0<5.0.91 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1850 mysql-server>=5.1<5.1.47 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1850 libtheora<1.1.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3389 aria2<1.9.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1512 kdenetwork4<4.3.5nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1000 kdenetwork4<4.3.5nb2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1511 libpurple<2.7.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1624 geeklog<1.6.1.1 remote-data-manipulation http://www.geeklog.net/article.php/geeklog-1.6.1sr1 mysql-client>=5.0<5.0.90 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4484 lftp<4.0.6 security-bypass http://www.ocert.org/advisories/ocert-2010-001.html postgresql82-server<8.2.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1169 postgresql82-server<8.2.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1170 postgresql83-server<8.3.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1169 postgresql83-server<8.3.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1170 postgresql84-server<8.4.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1169 postgresql84-server<8.4.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1170 mit-krb5<1.4.2nb10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321 clamav<0.96.1 denial-of-service http://secunia.com/advisories/39895/ libprelude<1.0.0 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 mediawiki<1.15.4 cross-site-scripting http://secunia.com/advisories/39922/ heimdal<1.3.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321 html2ps<1.0b6 sensitive-information-exposure http://secunia.com/advisories/39957/ exim<4.72 privilege-escalation http://secunia.com/advisories/40019/ openssl<0.9.8o multiple-vulnerabilities http://www.openssl.org/news/secadv_20100601.txt openssl>=1.0.0<1.0.0a multiple-vulnerabilities http://www.openssl.org/news/secadv_20100601.txt camlimages<3.2.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3296 sudo<1.7.2p7 command-injection http://www.sudo.ws/sudo/alerts/secure_path.html py{15,20,21,22,23,24,25,26,27,31}-moin<1.9.3 cross-site-scripting http://moinmo.in/MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg abcm2ps<5.9.13 arbitrary-code-execution http://secunia.com/advisories/40033/ gnutls<1.4.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7239 bftpd<2.9 privilege-escalation http://secunia.com/advisories/40014/ rpm<4.8.1 privilege-escalation http://secunia.com/advisories/40028/ adobe-flash-plugin<10.1 arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa10-01.html freeciv-server<2.2.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2445 openoffice3-bin<3.2.1 man-in-the-middle-attack http://www.openoffice.org/security/cves/CVE-2009-3555.html openoffice3{,-bin}<3.2.1 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2010-0395.html teTeX-bin<3.0nb24 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1440 dvipsk<5.98nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1440 php>=5.3<5.3.3 multiple-vulnerabilities http://secunia.com/advisories/39573/ php<5.2.14 multiple-vulnerabilities http://secunia.com/advisories/39675/ php>=5.3<5.3.3 multiple-vulnerabilities http://secunia.com/advisories/39675/ wireshark<1.2.9 multiple-vulnerabilities http://www.wireshark.org/security/wnpa-sec-2010-06.html ghostscript<8.71nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1628 apache>=2.2.9<2.2.15nb3 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2068 isc-dhcpd<4.1.1p1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2156 tiff<3.9.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1411 bozohttpd>=20090522<20100617 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2195 bozohttpd<20100617 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2320 samba<3.0.37nb4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2063 samba>=3.3.0<3.3.13 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2063 plone25-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2422 plone3-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2422 opera<10.54 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2421 suse{,32}_krb5<11.3 unknown-impact http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html suse{,32}_openssl<11.3 unknown-impact http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html suse{,32}_libpng<11.3 unknown-impact http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html cups<1.4.3nb6 multiple-vulnerabilities http://cups.org/articles.php?L596 python24-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 python25<2.5.5nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 python26<2.6.4nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 python26-2.6.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 python27<2.7.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 python31<3.1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 moodle<1.9.9 cross-site-scripting http://secunia.com/advisories/40248/ firefox<3.6.7 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1206 sendmail<8.14.4 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4565 w3m<0.5.2nb5 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2074 w3m-img<0.5.2nb5 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2074 unrealircd<3.2.8.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4893 adobe-flash-plugin<9.0.277.0 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-14.html adobe-flash-plugin>=10.0<10.1.53.64 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-14.html {firefox-bin,seamonkey-bin,ns}-flash<9.0.277.0 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-14.html {firefox-bin,seamonkey-bin,ns}-flash<10.1.53.64 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-14.html perl<5.10.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1168 perl<5.10.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1447 irrtoolset-nox11-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages seamonkey{,-bin}<2.0.5 multiple-vulnerabilities http://secunia.com/advisories/40326/ firefox<3.6.4 multiple-vulnerabilities http://secunia.com/advisories/40309/ thunderbird<3.0.5 multiple-vulnerabilities http://secunia.com/advisories/40323/ bugzilla<3.2.7 security-bypass http://secunia.com/advisories/40300/ konversation<1.2.3 denial-of-service http://secunia.com/advisories/38711/ xmlrpc-c-ss<1.06.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560 xmlrpc-c-ss<1.06.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 ufoai<2.3 remote-system-access http://secunia.com/advisories/40321/ squirrelmail<1.4.21 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1637 tiff<3.9.4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2067 png<1.4.3 remote-system-access http://secunia.com/advisories/40302/ suse{,32}_libpng<11.3 remote-system-access http://secunia.com/advisories/40302/ mysql-server>=5.1<5.1.48 denial-of-service http://secunia.com/advisories/40333/ mDNSResponder<108nb2 unknown-impact http://www.vuxml.org/freebsd/1cd87e2a-81e3-11df-81d8-00262d5ed8ee.html qt4-libs<4.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2621 opera<10.60 information-disclosure http://secunia.com/advisories/40375/ tiff<3.9.4nb1 denial-of-service http://secunia.com/advisories/40422/ suse{,32}_libtiff<12.1 denial-of-service http://secunia.com/advisories/40422/ py{15,20,21,22,23,24,25,26,27,31}-Paste<1.7.4 cross-site-scripting http://secunia.com/advisories/40408/ xulrunner<1.9.2.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.4 php<5.2.14 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2225 php>=5.3.0<5.3.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2225 bind>=9.0<9.4.3pl4 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 bind>=9.5<9.5.2pl1 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 bind>=9.6<9.6.1pl2 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 freeciv-server<2.3.2nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-5645 roundup<1.4.14 cross-site-scripting http://secunia.com/advisories/40433/ bogofilter<1.2.2 denial-of-service http://secunia.com/advisories/40427/ avahi<0.6.26 denial-of-service http://secunia.com/advisories/40470/ suse{,32}<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_alsa<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_aspell<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_base<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_compat<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_expat<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_fontconfig<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_freetype2<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_gdk-pixbuf<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_glx<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_gtk<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_gtk2<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_krb5<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libcups<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libidn<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libjpeg<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libpng<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libsigc++2<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libtiff<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libxml2<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_locale<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openmotif<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openssl<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_qt3<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_resmgr<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_slang<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_vmware<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_x11<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby-base19>=1.9<1.9.1-p429 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2489 gv<3.7.0 privilege-escalation http://secunia.com/advisories/40475/ ghostscript<8.71nb6 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2055 bind>=9.7.1<9.7.1pl2 denial-of-service http://www.isc.org/software/bind/advisories/cve-2010-0213 mono-xsp<2.6.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1459 pango<1.27.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0421 freetype2<2.4.0 remote-system-access http://secunia.com/advisories/40586/ postgresql8{0,1}{,-server,-client}<8.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages vte<0.24.3 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0070 vte<0.24.3 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2713 openldap-server<2.4.23 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0211 openldap-server<2.4.23 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0212 pulseaudio<0.9.21nb3 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1299 firefox<3.6.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.7 xulrunner<1.9.2.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.7 seamonkey<2.0.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.6 thunderbird>=3.1<3.1.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird31.html#thunderbird3.1.1 thunderbird<3.0.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird30.html#thunderbird3.0.6 ocaml-mysql<1.1.0 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2942 qemu<0.12.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0741 libpurple<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2528 openttd<1.0.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2534 qt4-libs<4.7.2 denial-of-service http://secunia.com/advisories/40588/ squirrelmail<1.4.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2813 php<5.2.14 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2531 php>=5.3.0<5.3.3 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2531 dovecot>=1.2<1.2.13 access-validation-bypass http://www.dovecot.org/list/dovecot-news/2010-July/000163.html apache>=2.0<2.0.64 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452 apache>=2.2<2.2.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452 typo3<4.3.4 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-012/ typo3>=4.4.0<4.4.1 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-012/ gnupg2<2.0.14nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2547 bozohttpd<20100621 remote-security-bypass http://secunia.com/advisories/40737/ mediawiki<1.15.5 multiple-vulnerabilities http://secunia.com/advisories/40740/ firefox<3.6.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2010/mfsa2010-48.html cabextract<1.3 denial-of-service http://secunia.com/advisories/40719/ gdm<2.20.11 information-disclosure https://bugzilla.gnome.org/show_bug.cgi?id=571846 socat<1.7.1.3 remote-system-access http://secunia.com/advisories/40806/ mantis<1.2.2 cross-site-scripting http://secunia.com/advisories/40812/ mapserver<5.6.4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2539 mapserver<5.6.4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2540 wireshark<1.2.10 remote-code-execution http://www.wireshark.org/security/wnpa-sec-2010-08.html citrix_ica<11.100 arbitrary-code-execution http://secunia.com/advisories/40808/ wget<1.12nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2252 mantis<1.2.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2574 freetype2<2.4.2 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1797 bugzilla-3.0* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages bugzilla>=2.19.1<3.2.8 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2756 bugzilla>=3.3.1<3.4.8 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2756 bugzilla>=3.5.1<3.6.2 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2756 bugzilla>=3.7<3.7.3 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2756 bugzilla>=2.22rc1<3.2.8 notification-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2757 bugzilla>=3.3.1<3.4.8 notification-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2757 bugzilla>=3.5.1<3.6.2 notification-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2757 bugzilla>=3.7<3.7.3 notification-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2757 bugzilla>=2.17.1<3.2.8 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2758 bugzilla>=3.3.1<3.4.8 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2758 bugzilla>=3.5.1<3.6.2 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2758 bugzilla>=3.7<3.7.3 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2758 bugzilla>=2.23.1<3.2.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2759 bugzilla>=3.3.1<3.4.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2759 bugzilla>=3.5.1<3.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2759 bugzilla>=3.7<3.7.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2759 cabextract<1.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2801 acroread8-[0-9]* remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2862 openoffice3{,-bin}<3.3 arbitrary-code-execution http://secunia.com/advisories/40775/ openssl<0.9.8onb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939 win32-codecs-[0-9]* arbitrary-code-execution http://secunia.com/advisories/40936/ win32-codecs-[0-9]* remote-system-access http://secunia.com/advisories/40934/ glpng<1.46 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1519 dbus-glib<0.88 local-security-bypass http://secunia.com/advisories/40908/ adobe-flash-plugin<9.0.280 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-16.html adobe-flash-plugin>=10.0<10.1.82.76 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-16.html {firefox-bin,seamonkey-bin,ns}-flash<9.0.280 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-16.html {firefox-bin,seamonkey-bin,ns}-flash<10.1.82.76 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-16.html drupal>5<5.23 multiple-vulnerabilities http://drupal.org/node/731710 drupal>6<6.18 multiple-vulnerabilities http://drupal.org/node/731710 opera<10.61 remote-system-access http://secunia.com/advisories/40120/ ruby18-base<1.8.7.174nb6 cross-site-scripting http://secunia.com/advisories/41003/ ruby{,-base,14,14-base,16,16-base}<1.8 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ssmtp<2.63 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7258 openjdk7-icedtea-plugin<1.13 multiple-vulnerabilities http://blog.fuseyism.com/index.php/2010/07/29/icedtea7-113-released/ phpmyadmin<2.11.10.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3055 phpmyadmin<2.11.10.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3056 PAM<1.1.1 privilege-escalation http://secunia.com/advisories/40978/ mysql-server>=5.1<5.1.49 multiple-vulnerabilities http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html libgdiplus<2.6nb1 remote-system-access http://secunia.com/advisories/40792/ quagga<0.99.17 remote-system-access http://secunia.com/advisories/41038/ squid>=3.1.5.1<3.1.7 denial-of-service http://bugs.squid-cache.org/show_bug.cgi?id=3021 kdegraphics>=4.3.0 remote-system-access http://secunia.com/advisories/40952/ fuse-encfs<1.7 multiple-vulnerabilities http://secunia.com/advisories/41158/ qt4-libs<4.7.0rc1 ssl-certificate-spoofing http://secunia.com/advisories/41236/ nss<3.12.8 ssl-certificate-spoofing http://secunia.com/advisories/41237/ firefox<3.6.11 ssl-certificate-spoofing http://secunia.com/advisories/41244/ koffice-[0-9]* arbitrary-code-execution http://secunia.com/advisories/40966/ p5-libwww<5.835 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2253 corkscrew-[0-9]* buffer-overflow http://people.freebsd.org/~niels/issues/corkscrew-20100821.txt mantis<1.2.3 cross-site-scripting http://secunia.com/advisories/41278/ zope210<2.10.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3198 zope211<2.11.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3198 squid>=3.0<3.1.8 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_3.txt xulrunner<1.9.2.9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.9 firefox<3.6.9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.9 thunderbird>=3.1<3.1.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird31.html#thunderbird3.1.3 thunderbird<3.0.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird30.html#thunderbird3.0.7 seamonkey<2.0.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.7 horde<3.3.9 cross-site-scripting http://secunia.com/advisories/41283/ sudo<1.7.4p4 local-security-bypass http://secunia.com/advisories/41316/ apache-tomcat<5.5.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227 apache-tomcat>=6<6.0.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227 mednafen<0.8.13 buffer-overflow http://secunia.com/advisories/41337/ samba>=3.3.0<3.3.14 buffer-overrun http://www.samba.org/samba/security/CVE-2010-3069.html mailscanner-[0-9]* denial-of-service http://secunia.com/advisories/41384/ adobe-flash-plugin<10.1.82.76 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884 ns-flash<10.1.82.76 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884 seamonkey-bin-flash<10.1.82.76 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884 firefox-bin-flash<10.1.82.76 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884 mailman<2.1.12nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3089 python26<2.6.6nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3492 bozohttpd<20100920 remote-file-view http://eterna.com.au/bozohttpd/ wireshark<1.4.0 denial-of-service http://secunia.com/advisories/41535/ bzip2<1.0.6 remote-system-access http://cve.circl.lu/cve/CVE-2010-0405 clamav<0.96.3 remote-system-access http://secunia.com/advisories/41503/ poppler<0.14.2nb1 remote-system-access http://secunia.com/advisories/41596/ scmgit-base<1.7.0.7 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2542 scmgit-base>=1.7.1<1.7.1.2 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2542 scmgit-base>=1.7.2<1.7.2.1 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2542 dovecot>=1.2.8<1.2.15 weak-acl-enforcement http://www.dovecot.org/list/dovecot-news/2010-October/000177.html imp<4.3.8 cross-site-scripting http://secunia.com/advisories/41627/ bind>=9.7.0<9.7.2pl2 remote-security-bypass http://www.isc.org/software/bind/advisories/cve-2010-0218 py{26,27,34,35,36}-mercurial<1.6.4 remote-spoofing http://secunia.com/advisories/41674/ ffmpeg<20100927 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429 gmplayer<1.0rc20100913nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429 mencoder<1.0rc20100913nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429 mplayer<1.0rc20100913nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429 typo3<4.4.4 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-020/ suse{,32}_openssl<11.3nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939 mysql-server<5.1.50 arbitrary-code-execution http://dev.mysql.com/doc/refman/5.1/en/news-5-1-50.html mysql-server<5.1.51 multiple-vulnerabilities http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html apr-util<1.3.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623 apr-util<1.3.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560 apr-util<1.3.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 ap{2,22}-subversion>=1.5<1.5.8 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3315 ap{2,22}-subversion>=1.6<1.6.13 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3315 xpdf<3.02pl4nb3 remote-system-access http://secunia.com/advisories/41709/ php<5.2.14nb1 denial-of-service http://secunia.com/advisories/41724/ php>=5.3.0<5.3.3nb1 denial-of-service http://secunia.com/advisories/41724/ opera<10.63 multiple-vulnerabilities http://secunia.com/advisories/41740/ kdegraphics<3.5.10nb9 remote-system-access http://secunia.com/advisories/41727/ sun-j{re,dk}6<6.0.22 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html gnome-subtitles<1.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3357 postgresql90-plperl<9.0.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql90-pltcl<9.0.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql84-plperl<8.4.5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql84-pltcl<8.4.5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql83-plperl<8.3.12 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql83-pltcl<8.3.12 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql82-plperl<8.2.18 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql82-pltcl<8.2.18 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql82{,-server,-client,-adminpack,-plperl,-plpython,-pltcl,-tsearch2}-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages monotone-server<0.48.1 denial-of-service http://secunia.com/advisories/41960/ moodle<1.9.10 multiple-vulnerabilities http://secunia.com/advisories/41980/ libpurple<2.7.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3711 firefox<3.6.12 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3765 thunderbird<3.1.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3765 cvs<1.12.13 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3846 webkit-gtk<1.2.5 multiple-vulnerabilities http://secunia.com/advisories/41871/ freetype2<2.4.3nb1 buffer-overflow http://secunia.com/advisories/41738/ suse{,32}_freetype2<11.3nb2 buffer-overflow http://secunia.com/advisories/44008/ libsmi<0.4.8nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2891 python26<2.6.6nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3493 adobe-flash-plugin<10.1.102.64 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654 ns-flash<10.1.102.64 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654 seamonkey-bin-flash<10.1.102.64 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654 firefox-bin-flash<10.1.102.64 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654 mono<2.8.1 information-disclosure http://secunia.com/advisories/41919/ suse{,32}_freetype2<11.3nb1 arbitrary-code-execution http://secunia.com/advisories/41958/ gnucash<2.2.9nb10 privilege-escalation http://secunia.com/advisories/42048/ proftpd<1.3.3c remote-system-access http://secunia.com/advisories/42052/ PAM<1.1.3 privilege-escalation http://secunia.com/advisories/42088/ bugzilla<3.2.9 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3172 bugzilla>=3.3<3.4.9 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3172 bugzilla>=3.5<3.6.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3172 bugzilla>=3.7<4.0rc1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3172 bugzilla>=2.12<3.2.9 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3764 bugzilla>=3.3<3.4.9 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3764 bugzilla>=3.5<3.6.3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3764 bugzilla>=3.7<4.0rc1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3764 bugzilla>=3.7.1<4.0rc1 cross-site-scripting http://secunia.com/advisories/41955/ isc-dhcpd>=4<4.0.2 denial-of-service http://secunia.com/advisories/42082/ isc-dhcpd>=4.1<4.1.2 denial-of-service http://secunia.com/advisories/42082/ isc-dhcpd>=4.2<4.2.0p1 denial-of-service http://secunia.com/advisories/42082/ acroread8-[0-9]* arbitrary-code-execution http://secunia.com/advisories/42095/ acroread9<9.4.1 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb10-28.html mysql-server<5.1.52 denial-of-service http://secunia.com/advisories/42097/ cups<1.4.3nb10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2941 php>=5.3.0<5.3.3nb1 sensitive-information-exposure http://secunia.com/advisories/42135/ seamonkey<2.0.9 multiple-vulnerabilities http://secunia.com/advisories/41923/ mono<2.8nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4159 wireshark<1.4.2 remote-user-shell http://www.wireshark.org/security/wnpa-sec-2010-14.html openssl<0.9.8p remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864 suse{,32}_openssl<11.3nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864 eclipse-[0-9]* cross-site-scripting http://secunia.com/advisories/42236/ ap{2,22}-fcgid<2.3.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3872 libtlen<20041113nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 apache-tomcat>=6.0.12<6.0.30 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172 horde<3.3.11 cross-site-scripting http://secunia.com/advisories/42355/ libxml2<2.7.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4008 openttd>=1.0.0<1.0.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4168 RealPlayerSP>=12.0.0<14.0.1 remote-system-access http://secunia.com/advisories/42203/ xine-lib<1.1.19 arbitrary-code-execution http://secunia.com/advisories/42359/ phpmyadmin<2.11.11.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2010-8.php mit-krb5<1.4.2nb11 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1323 suse{,32}_krb5<11.3nb1 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1323 suse{,32}_krb5<11.3nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1324 suse{,32}_krb5<11.3nb1 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4020 wordpress<3.0.2 remote-data-manipulation http://secunia.com/advisories/42431/ clamav<0.96.5 denial-of-service http://secunia.com/advisories/42426/ openssl<0.9.8q information-disclosure http://www.openssl.org/news/secadv_20101202.txt bind>=9.6<9.6.2pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613 bind>=9.6<9.6.2pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614 bind>=9.7<9.7.2pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613 bind>=9.7<9.7.2pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614 bind>=9.7<9.7.2pl3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3615 gnash<0.8.9 insecure-temp-files http://secunia.com/advisories/42416/ p5-CGI<3.50 http-response-splitting http://secunia.com/advisories/42443/ p5-CGI<3.51 http-header-injection http://secunia.com/advisories/42461/ p5-CGI-Simple<1.113 http-header-injection http://secunia.com/advisories/42460/ xenkernel3<3.1.4nb4 denial-of-service http://secunia.com/advisories/42395/ xenkernel33<3.3.2nb1 denial-of-service http://secunia.com/advisories/42395/ mit-krb5<1.4.2nb11 signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1323 p5-IO-Socket-SSL<1.35 security-bypass http://secunia.com/advisories/42508/ ImageMagick<6.6.5.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4167 thunderbird<3.1.7 multiple-vulnerabilities http://secunia.com/advisories/42519/ seamonkey<2.0.11 multiple-vulnerabilities http://secunia.com/advisories/42518/ firefox<3.6.13 multiple-vulnerabilities http://secunia.com/advisories/42517/ wordpress<3.0.3 security-bypass http://secunia.com/advisories/42553/ suse{,32}_libcups<11.3nb1 multiple-vulnerabilities http://secunia.com/advisories/40165/ suse{,32}_libcups<11.3nb1 multiple-vulnerabilities http://secunia.com/advisories/41706/ suse{,32}_libxml2<11.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4008 RealPlayerGold<11.0.2.2315 multiple-vulnerabilities http://secunia.com/advisories/38550/ phpmyadmin<2.11.11.1nb1 ui-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4480 phpmyadmin<2.11.11.1nb1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4481 dbus<1.2.4.6nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4352 xulrunner<1.9.2.13 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.13 php5-intl<5.2.15.1.1.2 integer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4409 php53-intl<5.3.4.1.1.2 integer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4409 typo3<4.4.5 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-022/ fontforge<20100501nb4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4259 echoping-[0-9]* remote-system-access http://secunia.com/advisories/42619/ xfig<3.2.5bnb9 remote-system-access https://bugzilla.redhat.com/show_bug.cgi?id=659676 mantis<1.2.4 multiple-vulnerabilities http://secunia.com/advisories/42597/ opensc<0.11.13nb1 local-system-access http://secunia.com/advisories/42658/ pcsc-lite<1.5.5nb2 remote-system-access http://secunia.com/advisories/42659/ gitweb<1.7.3.4 cross-site-scripting http://secunia.com/advisories/42645/ opera<11.0 multiple-vulnerabilities http://secunia.com/advisories/42653/ tor<0.2.1.28 remote-system-access http://secunia.com/advisories/42536/ mhonarc<2.6.16nb1 cross-site-scripting http://secunia.com/advisories/42694/ calibre<0.7.35 multiple-vulnerabilities http://secunia.com/advisories/42689/ py{15,20,21,22,23,24,25,26,27,31}-django<1.2.4 multiple-vulnerabilities http://secunia.com/advisories/42715/ libpurple>=2.7.6<2.7.9 remote-denial-of-service http://www.pidgin.im/news/security//?id=49 libxml2<2.7.8nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4494 suse{,32}_libxml2<11.3nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4494 geeklog<1.7.1.1 cross-site-scripting http://www.geeklog.net/article.php/geeklog-1.7.1sr1 wordpress<3.0.4 script-insertion http://wordpress.org/news/2010/12/3-0-4-update/ vlc<1.1.6 denial-of-service http://www.videolan.org/security/sa1007.html wireshark<1.4.2nb1 denial-of-service http://secunia.com/advisories/42767/ mediawiki<1.16.1 cross-site-scripting http://secunia.com/advisories/42810/ ap{2,22}-subversion<1.6.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4539 subversion-base<1.6.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4644 gimp<2.6.11nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4540 gimp<2.6.11nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4541 gimp<2.6.11nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4542 gimp<2.6.11nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4543 typolight28<2.8.4nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0508 contao29<2.9.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0508 php<5.2.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4645 php>=5.3.0<5.3.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4645 evince<2.30.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2640 evince<2.30.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2641 evince<2.30.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2642 evince<2.30.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2643 dpkg<1.14.31 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1679 mono>=2.8<2.8.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4225 mono-xsp>=2.8<2.8.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4225 ap{2,22}-mono>=2.8<2.8.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4225 wireshark<1.4.3 remote-user-shell http://www.wireshark.org/security/wnpa-sec-2011-02.html sudo>=1.7<1.7.4p5 security-bypass http://www.sudo.ws/sudo/alerts/runas_group_pw.html exim<4.73 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4345 asterisk<1.6.2.16.1 buffer-overflow http://downloads.digium.com/pub/security/AST-2011-001.html asterisk>=1.8<1.8.2.2 buffer-overflow http://downloads.digium.com/pub/security/AST-2011-001.html p5-Convert-UUlib<1.4 denial-of-service http://secunia.com/advisories/42998/ pango<1.28.3nb2 denial-of-service http://secunia.com/advisories/42934/ fuse>=2.0 denial-of-service http://secunia.com/advisories/42961/ maradns<1.4.06 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0520 dpkg<1.14.31 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0402 suse{,32}_openssl<11.3nb2 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4180 gif2png<2.5.4 remote-system-access http://secunia.com/advisories/42339/ freeradius>2<2.1.10 denial-of-service http://secunia.com/advisories/41621/ mupdf<0.7nb1 remote-system-access http://secunia.com/advisories/43020/ bugzilla<3.2.10 multiple-vulnerabilities http://secunia.com/advisories/43033/ webkit-gtk<1.2.6 multiple-vulnerabilities http://secunia.com/advisories/43086/ ruby1{8,9}-mail<2.2.15 remote-system-access http://secunia.com/advisories/43077/ opera<11.01 multiple-vulnerabilities http://secunia.com/advisories/43023/ awstats<7.0 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4367 isc-dhcpd<4.1.2p1 denial-of-service http://secunia.com/advisories/43006/ exim<4.74 local-privilege-escalation http://secunia.com/advisories/43101/ vlc<1.1.6nb1 remote-system-access http://www.videolan.org/security/sa1102.html moodle<2.0.2 cross-site-scripting http://secunia.com/advisories/43133/ postgresql83-datatypes>=8.3<8.3.14 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4015 postgresql84-datatypes>=8.4<8.4.7 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4015 postgresql90-datatypes>=9.0<9.0.3 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4015 openssh>=5.6<5.8 information-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0539 bind>=9.5<9.6.3 denial-of-service https://www.isc.org/announcement/bind-9-dnssec-validation-fails-new-ds-record bind>=9.7<9.7.2 denial-of-service https://www.isc.org/announcement/bind-9-dnssec-validation-fails-new-ds-record tsclient-0.[0-9]* remote-system-access http://secunia.com/advisories/43120/ plone25-[0-9]* remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0720 plone3-[0-9]* remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0720 mediawiki<1.16.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0047 openssl<0.9.8qnb1 denial-of-service http://www.openssl.org/news/secadv_20110208.txt ruby1{8,9}-actionpack<2.3.11 cross-site-request-forgeries http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails ruby1{8,9}-actionpack>=3.0<3.0.4 cross-site-request-forgeries http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails ruby19-railties<3.0.4 cross-site-request-forgeries http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails bind<9.6 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages libpurple<2.7.10 information-leak http://www.pidgin.im/news/security/?id=50 cgiirc<0.5.10 cross-site-scripting http://sourceforge.net/mailarchive/message.php?msg_id=27024589 py{15,20,21,22,23,24,25,26,27,31}-django<1.2.5 multiple-vulnerabilities http://www.djangoproject.com/weblog/2011/feb/08/security/ adobe-flash-plugin<10.2.152.26 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-02.html ns-flash<10.2.152.26 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-02.html seamonkey-bin-flash<10.2.152.26 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-02.html firefox-bin-flash<10.2.152.26 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-02.html wordpress<3.0.5 multiple-vulnerabilities http://wordpress.org/news/2011/02/wordpress-3-0-5/ ffmpeg<20110623.0.7.1 denial-of-service http://secunia.com/advisories/43197/ feh<1.11.2 privilege-escalation http://secunia.com/advisories/43221/ phpmyadmin<2.11.11.2 information-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0986 phpmyadmin<2.11.11.3 script-insertion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0987 qemu<0.11.0 restriction-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0011 apache-tomcat<5.5.33 denial-of-service http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0075.html apache-tomcat>=5.5.0<5.5.32 arbitrary-script-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013 apache-tomcat>=5.5.0<5.5.30 restriction-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718 wireshark<1.4.3nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0538 apache-tomcat>=6<6.0.32 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534 apache-tomcat>=6<6.0.30 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013 apache-tomcat>=6.0.12<6.0.30 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172 apache-tomcat>=6<6.0.30 restriction-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718 proftpd<1.3.3d multiple-vulnerabilities http://www.proftpd.org/docs/NEWS-1.3.3d acroread9<9.4.2 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-03.html sun-jre<6.0.24 multiple-vulnerabilities http://secunia.com/advisories/43262/ ruby1{8,9}-actionpack>=3.0<3.0.4 cross-site-request-forgeries http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0449 ruby1{8,9}-activerecord>=3.0<3.0.4 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0448 php5-zip<5.2.17nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0421 php5-exif<5.2.17nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0708 php53-zip<5.3.5nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0421 php53-exif<5.3.5nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0708 php>=5<5.3 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages telepathy-gabble<0.11.7 remote-hijacking http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1000 typo3<4.5 cross-site-request-forgery http://wiki.typo3.org/TYPO3_4.5#Security openldap-server<2.4.24 security-bypass http://secunia.com/advisories/43331/ asterisk<1.6.2.16.2 buffer-overflow http://downloads.digium.com/pub/security/AST-2011-002.html asterisk>=1.8<1.8.2.4 buffer-overflow http://downloads.digium.com/pub/security/AST-2011-002.html bind>=9.7.1<9.7.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0414 t1lib<5.1.2nb2 arbitrary-code-execution http://secunia.com/advisories/43491/ evince<2.32.0nb4 buffer-overflow https://bugzilla.gnome.org/show_bug.cgi?id=640923 python24-[0-9]* sensitive-information-exposure http://secunia.com/advisories/43463/ python25<2.5.5nb2 sensitive-information-exposure http://secunia.com/advisories/43463/ python26<2.6.6nb6 sensitive-information-exposure http://secunia.com/advisories/43463/ mupdf<0.8 remote-system-access http://secunia.com/advisories/42320/ rt<3.8.9 sensitive-information-exposure http://secunia.com/advisories/43438/ suse{,32}_krb5<11.3nb2 denial-of-service http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html moodle<1.9.10 multiple-vulnerabilities http://secunia.com/advisories/43427/ mailman<2.1.14.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0707 lft<3.3 unknown-impact http://secunia.com/advisories/43381/ asterisk<1.4.0 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages asterisk>=1.6<1.6.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages clamav<0.97 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1003 avahi<0.6.29 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1002 ruby18-base<1.8.7.370nb2 remote-security-bypass http://secunia.com/advisories/43420/ ruby18-base<1.8.7.334 privilege-escalation http://secunia.com/advisories/43434/ ruby19-base<1.9.2pl180 privilege-escalation http://secunia.com/advisories/43434/ suse{,32}_base<11.3nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3856 wireshark<1.4.4 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0713 wireshark<1.4.4 multiple-vulnerabilities http://www.wireshark.org/security/wnpa-sec-2011-04.html moodle<1.9.11 multiple-vulnerabilities http://secunia.com/advisories/43570/ pango<1.28.3nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0064 tor<0.2.1.30 denial-of-service http://secunia.com/advisories/43548/ firefox<3.6.14 multiple-vulnerabilities http://secunia.com/advisories/43550/ seamonkey<2.0.12 multiple-vulnerabilities http://secunia.com/advisories/43550/ thunderbird<3.1.8 multiple-vulnerabilities http://secunia.com/advisories/43586/ weechat<0.3.4 spoofing-attack http://secunia.com/advisories/43543/ ap{2,22}-subversion<1.6.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0715 moodle<1.9.10 multiple-vulnerabilities http://secunia.com/advisories/43427/ openafs<1.4.14 multiple-vulnerabilities http://secunia.com/advisories/43407/ py{24,25,26,27,31}-moin<1.9.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1058 postfix<2.7.3 command-injection http://www.kb.cert.org/vuls/id/555316 postfix>=2.8.20100000<2.8.20110115 command-injection http://www.kb.cert.org/vuls/id/555316 TeXmacs-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3394 patch<2.7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4651 tiff<3.9.4nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0192 suse{,32}_libtiff<11.3nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5022 suse{,32}_libtiff<11.3nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3087 suse{,32}_libtiff<11.3nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0192 suse{,32}_libtiff<11.3nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1167 xulrunner<1.9.2.15 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.14 apache-tomcat>=6<6.0.32 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534 unixodbc<2.3.0nb1 remote-system-access http://secunia.com/advisories/43679/ webkit-gtk<1.2.7 multiple-vulnerabilities http://gitorious.org/webkitgtk/stable/blobs/master/WebKit/gtk/NEWS sun-{jre,jdk}6<6.0.24 multiple-vulnerabilities http://secunia.com/advisories/43262/ nagios-base<3.3.1 cross-site-scripting http://secunia.com/advisories/43287/ libpurple<2.7.11 denial-of-service http://secunia.com/advisories/43695/ py{24,25,26,27,31}-feedparser<5.0.1 multiple-vulnerabilities http://secunia.com/advisories/43730/ adobe-flash-plugin<10.2.152.33 remote-system-access http://www.adobe.com/support/security/advisories/apsa11-01.html php5-shmop<5.2.17nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1092 php53-shmop<5.3.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1092 php>=5.3<5.3.6 format-string http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1153 samba-3.0.[0-9]* memory-corruption http://samba.org/samba/security/CVE-2011-0719.html samba>=3.3.0<3.3.15 memory-corruption http://samba.org/samba/security/CVE-2011-0719.html samba>=3.5.0<3.5.7 memory-corruption http://samba.org/samba/security/CVE-2011-0719.html php{5,53}-pear<1.9.2 privilege-escalation http://pear.php.net/advisory-20110228.txt php{5,53}-pear<1.9.2nb2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1144 cups<1.4.5 multiple-vulnerabilities http://www.cups.org/articles.php?L597 libzip<0.10 denial-of-service http://secunia.com/advisories/43621/ xenkernel33<3.3.2nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1166 xenkernel3<3.1.4nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1166 openslp<1.2.1nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3609 quagga<0.99.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1674 quagga<0.99.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1675 moodle<2.0.2 multiple-vulnerabilities http://secunia.com/advisories/43570/ vlc<1.1.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=2010-3275 vlc<1.1.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=2010-3276 suse{,32}_gtk2<11.3nb3 denial-of-service http://lists.opensuse.org/opensuse-updates/2011-03/msg00019.html suse{,32}_base<11.3nb4 arbitrary-code-execution https://hermes.opensuse.org/messages/7712778 loggerhead<1.18.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0728 python23-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python24-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python25<2.5.5nb3 sensitive-information-disclosure http://secunia.com/advisories/43831/ python26<2.6.6nb7 sensitive-information-disclosure http://secunia.com/advisories/43831/ python27<2.7.1nb1 sensitive-information-disclosure http://secunia.com/advisories/43831/ tiff<3.9.4nb3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1167 suse{,32}_openssl<11.3nb3 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0014 fengoffice<1.7.5 cross-site-scripting http://secunia.com/advisories/43912/ xmlsec1<1.2.17 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1425 gdm>=2.28.0<2.32.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0727 suse{,32}_krb5<11.3nb3 arbitrary-code-execution http://secunia.com/advisories/44027/ xymon<4.3.2 cross-site-scripting http://secunia.com/advisories/44036/ perl<5.12.2nb2 remote-security-bypass http://secunia.com/advisories/43921/ erlang<14.1.2 remote-system-access http://secunia.com/advisories/43898/ pure-ftpd<1.0.30 remote-data-manipulation http://secunia.com/advisories/43988/ ruby1{8,9}-rack<1.1.2 remote-security-bypass http://groups.google.com/group/rack-devel/browse_thread/thread/a1ec9e7880118867 ruby1{8,9}-rack>=1.2.0<1.2.2 remote-security-bypass http://groups.google.com/group/rack-devel/browse_thread/thread/a1ec9e7880118867 ruby1{8,9}-actionpack>=3.0<3.0.6 cross-site-scripting http://weblog.rubyonrails.org/2011/4/6/rails-3-0-6-has-been-released xrdb<1.0.9 privilege-escalation http://secunia.com/advisories/44040/ libvpx<0.9.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4489 isc-dhclient<4.2.1p1 remote-system-access http://secunia.com/advisories/44037/ libmodplug<0.8.8.2 remote-system-access http://secunia.com/advisories/44054/ roundcube<0.5.1 remote-security-bypass http://secunia.com/advisories/44050/ rsync<3.0.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1097 wordpress<3.1.1 multiple-vulnerabilities http://secunia.com/advisories/44038/ suse{,32}_gtk2<11.3nb2 local-security-bypass http://secunia.com/advisories/43933/ dhcpcd<5.2.12 remote-system-access http://secunia.com/advisories/44070/ tinyproxy<1.8.3 remote-security-bypass http://secunia.com/advisories/43948/ ikiwiki<3.20110328 script-insertion http://secunia.com/advisories/44137/ kdelibs4<4.5.5nb2 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1168 xulrunner<1.9.2.16 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-11.html firefox<3.6.16 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-11.html vlc<1.1.8nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1684 mediawiki<1.16.3 multiple-vulnerabilities http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-April/000096.html mediawiki<1.16.4 cross-site-scripting http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-April/000097.html mediawiki<1.16.5 cross-site-scripting http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-May/000098.html mit-krb5<1.8.3nb5 denial-of-service http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2011-004.txt vsftpd<2.3.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0762 php<5.3.6nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1148 opera<11.10 denial-of-service http://www.securityfocus.com/bid/46872 rt<3.8.11 multiple-vulnerabilities http://secunia.com/advisories/44189/ wireshark<1.4.5 remote-user-shell http://www.wireshark.org/security/wnpa-sec-2011-06.html adobe-flash-plugin<10.2.159.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0611 ns-flash<10.2.159.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0611 seamonkey-bin-flash<10.2.159.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0611 firefox-bin-flash<10.2.159.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0611 kdenetwork4<4.5.5nb3 remote-system-access http://secunia.com/advisories/44124/ xfce4-thunar>=1.1<1.2.1 remote-system-access http://secunia.com/advisories/44104/ p5-Jifty-DBI<0.68 remote-data-manipulation http://secunia.com/advisories/44224/ p5-Mojolicious<1.16 sensitive-information-exposure http://secunia.com/advisories/44051/ rdesktop<1.7.0 remote-system-access http://secunia.com/advisories/44200/ webmin<1.550 privilege-escalation http://secunia.com/advisories/44263/ wordpress<3.1.2 remote-security-bypass http://secunia.com/advisories/44372/ suse{,32}_base<12.1 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2011-1071.html suse{,32}_base<12.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1659 php>=5.3<5.3.13nb2 arbitrary-code-execution http://secunia.com/advisories/44335/ ffmpeg<20110626.0.6.3 denial-of-service http://secunia.com/advisories/44378/ xulrunner<1.9.2.17 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.17 firefox<3.6.17 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.17 firefox>=4<4.0.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox40.html#firefox4.0.1 seamonkey<2.0.14 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.14 thunderbird<3.1.10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird31.html#thunderbird3.1.10 xulrunner>=2<2.0.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox40.html#firefox4.0.1 bind>=9.8.0<9.8.0pl1 denial-of-service https://www.isc.org/CVE-2011-1907 mysql-server<5.0.91 multiple-vulnerabilities http://dev.mysql.com/doc/refman/5.0/en/news-5-0-91.html mysql-server<5.0.92 multiple-vulnerabilities http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html mysql-server<5.0.93 denial-of-service http://dev.mysql.com/doc/refman/5.0/en/news-5-0-93.html postfix<2.8.3 denial-of-service http://www.postfix.org/CVE-2011-1720.html ampache-[0-9]* cross-site-scripting http://secunia.com/advisories/44497/ xentools33<3.3.2nb7 multiple-vulnerabilities http://secunia.com/advisories/44502/ xentools41<4.1.0nb4 multiple-vulnerabilities http://secunia.com/advisories/44502/ suse{,32}_gtk2<11.3nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4352 exim<4.76 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1407 exim<4.76 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1764 php<5.1.3 multiple-vulnerabilities http://secunia.com/advisories/18694/ wordpress<3.1.3 remote-system-access http://secunia.com/advisories/44409/ apr<0.9.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419 apr>=1.0<1.4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419 openssh<5.8.2 sensitive-information-exposure http://secunia.com/advisories/44347/ horde>=4<4.0.2 multiple-vulnerabilities http://secunia.com/advisories/44408/ simgear-[0-9]* denial-of-service http://secunia.com/advisories/44434/ vino<2.28.3 denial-of-service http://secunia.com/advisories/44463/ libmodplug<0.8.8.3 remote-system-access http://secunia.com/advisories/44388/ cyrus-imapd<2.3.16nb4 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1926 cyrus-imapd>=2.4<2.4.7 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1926 adobe-flash-plugin<10.3.181.14 multiple-vulnerabilities http://secunia.com/advisories/44590/ ns-flash<10.3.181.14 multiple-vulnerabilities http://secunia.com/advisories/44590/ seamonkey-bin-flash<10.3.181.14 multiple-vulnerabilities http://secunia.com/advisories/44590/ firefox-bin-flash<10.3.181.14 multiple-vulnerabilities http://secunia.com/advisories/44590/ tor<0.2.1.29 multiple-vulnerabilities http://secunia.com/advisories/42907/ openssh<5.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5161 p5-Jifty-DBI<0.68 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2011-1933s p5-libwww<6.00 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0633 dovecot<1.2.17 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1929 dovecot>=2<2.0.13 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1929 viewvc<1.1.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5024 apr<1.4.4nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1928 openssl<0.9.8qnb3 sensitive-information-exposure http://secunia.com/advisories/44572/ opera<11.11 arbitrary-code-execution http://secunia.com/advisories/44611/ moodle<2.0.3 multiple-vulnerabilities http://secunia.com/advisories/44630/ qemu<0.15.0 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1751 php53-pdo_mysql<5.3.6 sql-injection http://bugs.php.net/bug.php?id=47802 php5-pdo_mysql-[0-9]* sql-injection http://bugs.php.net/bug.php?id=47802 dirmngr<1.1.0nb2 denial-of-service http://secunia.com/advisories/44680/ bind<9.6.3.1 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-1910 bind>=9.7.0<9.7.3pl1 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-1910 bind>=9.8.0<9.8.0pl2 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-1910 drupal<6.21 multiple-vulnerabilities http://drupal.org/node/1168756 ruby18-base<1.8.7.334nb3 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0188 ruby19-base<1.9.2pl180nb1 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0188 rssh<2.3.3 remote-security-bypass http://www.pizzashack.org/rssh/security.shtml fetchmail<6.3.20 denial-of-service http://www.fetchmail.info/fetchmail-SA-2011-01.txt wireshark<1.4.7 denial-of-service http://www.wireshark.org/security/wnpa-sec-2011-08.html ejabberd<2.1.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1753 jabberd<1.4.2nb9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1754 jabberd>=2<2.2.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1755 libxml2<2.7.8nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1944 plone25-[0-9]* cross-site-scripting http://plone.org/products/plone/security/advisories/CVE-2011-1948 plone3-[0-9]* cross-site-scripting http://plone.org/products/plone/security/advisories/CVE-2011-1948 plone25-[0-9]* cross-site-scripting http://plone.org/products/plone/security/advisories/CVE-2011-1949 plone3-[0-9]* cross-site-scripting http://plone.org/products/plone/security/advisories/CVE-2011-1949 ap{2,22}-subversion<1.6.17 denial-of-service http://subversion.apache.org/security/CVE-2011-1752-advisory.txt ap{2,22}-subversion>=1.5.0<1.6.17 denial-of-service http://subversion.apache.org/security/CVE-2011-1783-advisory.txt ap{2,22}-subversion>=1.5.0<1.6.17 denial-of-service http://subversion.apache.org/security/CVE-2011-1921-advisory.txt unbound<1.4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4008 cherokee<1.2.99 cross-site-request-forgery http://secunia.com/advisories/44821/ asterisk>=1.8<1.8.4.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2216 adobe-flash-plugin<10.3.181.22 cross-site-scripting http://www.adobe.com/support/security/bulletins/apsb11-13.html lua-expat<1.2.0 denial-of-service http://secunia.com/advisories/44866/ prosody<0.8.1 denial-of-service http://secunia.com/advisories/44852/ sun-{jre,jdk}6<6.0.26 multiple-vulnerabilities http://secunia.com/advisories/44784/ p5-Data-FormValidator-[0-9]* sensitive-information-exposure http://secunia.com/advisories/44832/ ruby1{8,9}-actionpack>=3.0<3.0.8 cross-site-scripting http://secunia.com/advisories/44789/ ruby1{8,9}-activesupport>=3.0<3.0.8 cross-site-scripting http://secunia.com/advisories/44789/ asterisk<1.6.2.17.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-003.html asterisk>=1.8<1.8.3.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-003.html asterisk<1.6.2.17.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-004.html asterisk>=1.8<1.8.3.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-004.html asterisk<1.6.2.17.3 denial-of-service http://downloads.digium.com/pub/security/AST-2011-005.html asterisk>=1.8<1.8.3.3 denial-of-service http://downloads.digium.com/pub/security/AST-2011-005.html asterisk<1.6.2.17.3 privilege-escalation http://downloads.digium.com/pub/security/AST-2011-006.html asterisk>=1.8<1.8.3.3 privilege-escalation http://downloads.digium.com/pub/security/AST-2011-006.html asterisk>=1.8<1.8.4.2 denial-of-service http://downloads.digium.com/pub/security/AST-2011-007.html tiff<3.9.5 multiple-vulnerabilities http://www.remotesensing.org/libtiff/v3.9.5.html dbus<1.2.4.6nb4 denial-of-service http://secunia.com/advisories/44896/ open-vm-tools-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/43798/ vte<0.26.2nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2198 php<5.2.17nb4 filename-injection http://svn.php.net/viewvc?view=revision&revision=312103 php>=5.3<5.3.6nb2 filename-injection http://svn.php.net/viewvc?view=revision&revision=312103 vlc<1.1.10 remote-system-access http://secunia.com/advisories/44412/ png>=1.2.23<1.5.3rc02 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2501 pngcrush<1.7.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2501 perl<5.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0761 erlang<14.1.3 denial-of-service http://www.erlang.org/download/otp_src_R14B03.readme php<5.2.17nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938 php>=5.3<5.3.6nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938 adobe-flash-plugin<10.3.181.26 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb11-18.html suse{,32}_openssl<11.3nb4 sensitive-information-disclosure http://support.novell.com/security/cve/CVE-2011-1945.html tomboy<1.2.1nb5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4005 opera<11.50 denial-of-service http://www.securityfocus.com/bid/48262 ruby1{8,9}-actionpack<2.3.12 cross-site-scripting http://secunia.com/advisories/44789/ ruby1{8,9}-activesupport<2.3.12 cross-site-scripting http://secunia.com/advisories/44789/ fabric<1.1.0 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2185 firefox>=4<5.0 sensitive-information-exposure http://secunia.com/advisories/44972/ groff<1.20.1nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5044 postgresql84-pgcrypto<8.4.9 weak-authentication http://www.openwall.com/lists/announce/2011/06/21/1 postgresql90-pgcrypto<9.0.5 weak-authentication http://www.openwall.com/lists/announce/2011/06/21/1 php>=5.3<5.3.6nb4 weak-authentication http://www.openwall.com/lists/announce/2011/06/21/1 john<1.7.6nb1 weak-authentication http://www.openwall.com/lists/announce/2011/06/21/1 firefox<3.6.18 multiple-vulnerabilities http://secunia.com/advisories/44982/ thunderbird<3.1.11 multiple-vulnerabilities http://secunia.com/advisories/44982/ libreoffice3-bin<3.3.3 arbitrary-code-execution http://www.kb.cert.org/vuls/id/953183 asterisk>=1.6<1.6.2.18.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-008.html asterisk>=1.8<1.8.4.3 denial-of-service http://downloads.digium.com/pub/security/AST-2011-008.html asterisk>=1.8<1.8.4.3 denial-of-service http://downloads.digium.com/pub/security/AST-2011-009.html asterisk>=1.6.2.15<1.6.2.18.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-010.html asterisk>=1.8<1.8.4.3 denial-of-service http://downloads.digium.com/pub/security/AST-2011-010.html curl>=7.10.6<7.21.7 spoofing-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2192 suse{,32}_libcurl<12.1 spoofing-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2192 pidgin<2.9.0 denial-of-service http://www.pidgin.im/news/security/?id=52 seamonkey<2.2 sensitive-information-exposure http://secunia.com/advisories/45007/ apache-tomcat>=5.5<5.5.34 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204 apache-tomcat>=6<6.0.33 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204 opera<11.50 multiple-vulnerabilities http://secunia.com/advisories/45060/ plone3-[0-9]* privilege-escalation http://plone.org/products/plone/security/advisories/20110622 drupal-5.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages wordpress<3.1.4 remote-security-bypass http://secunia.com/advisories/45099/ wireshark<1.4.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2011-09.html asterisk>=1.6.2<1.6.2.18.2 information-leak http://downloads.digium.com/pub/security/AST-2011-011.html asterisk>=1.8<1.8.4.4 information-leak http://downloads.digium.com/pub/security/AST-2011-011.html amaya<11.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6005 {firefox-bin,seamonkey-bin,ns}-flash-9.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages bind<9.6.3.1.ESV.4pl3 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-2464 bind>=9.7.0<9.7.3pl3 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-2464 bind>=9.8.0<9.8.0pl4 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-2464 bind>=9.8.0<9.8.0pl4 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-2465 mit-krb5-appl<1.0.1nb1 remote-system-access http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2011-005.txt qemu<0.15.0 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2212 qemu<0.15.0 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2527 xml-security-c<1.6.1 denial-of-service http://secunia.com/advisories/45151/ zope210<2.10.13 privilege-escalation http://plone.org/products/plone/security/advisories/20110622 zope211<2.11.8 privilege-escalation http://plone.org/products/plone/security/advisories/20110622 freetype2<2.4.4nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0226 suse{,32}_freetype2<11.3nb3 remote-system-access http://support.novell.com/security/cve/CVE-2011-0226.html squirrelmail<1.4.22 multiple-vulnerabilities http://secunia.com/advisories/45197/ libsndfile<1.0.24nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2696 vlc<1.1.10nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2587 vlc<1.1.10nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2588 apache-tomcat<5.5.34 denial-of-service http://secunia.com/advisories/45232/ apache-tomcat>=6<6.0.33 denial-of-service http://secunia.com/advisories/45232/ foomatic-filters>=4<4.0.6nb1 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2964 foomatic-filters<4 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2697 ioquake3<1.36.20200125 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2764 phpmyadmin<3 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages clamav<0.97.2 denial-of-service http://secunia.com/advisories/45382/ kdeutils-[0-9]* directory-traversal http://secunia.com/advisories/45378/ kdeutils4-[0-9]* directory-traversal http://secunia.com/advisories/45378/ freeradius-2.1.11 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2701 opensaml<2.4.3 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1411 sun-{jre,jdk}6-[0-9]* arbitrary-code-execution http://secunia.com/advisories/45173/ suse{,32}_libxml2<11.3nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2011-1944.html samba<3.3.16 cross-site-request-forgery http://samba.org/samba/security/CVE-2011-2522.html samba<3.3.16 cross-site-scripting http://samba.org/samba/security/CVE-2011-2694.html samba>=3.5.0<3.5.10 cross-site-request-forgery http://samba.org/samba/security/CVE-2011-2522.html samba>=3.5.0<3.5.10 cross-site-scripting http://samba.org/samba/security/CVE-2011-2694.html libsoup24<2.34.2nb1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2524 suse{,32}_base<11.3nb5 remote-system-access http://lists.opensuse.org/opensuse-updates/2011-07/msg00041.html mapserver<5.6.7 remote-system-access http://secunia.com/advisories/45257/ libmodplug<0.8.8.4 remote-system-access http://secunia.com/advisories/45131/ bugzilla<3.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages bugzilla<3.4.11 multiple-vulnerabilities http://secunia.com/advisories/45501/ suse{,32}_gtk2<11.3nb5 denial-of-service http://secunia.com/advisories/45308/ gdk-pixbuf<0.22.0nb15 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2897 typo3<4.5.4 multiple-vulnerabilities http://secunia.com/advisories/45557/ moodle<2.1.1 remote-security-bypass http://secunia.com/advisories/45487/ ffmpeg<20110907.0.7.4 arbitrary-code-execution http://www.ocert.org/advisories/ocert-2011-002.html mplayer<1.0rc20100913nb10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3362 libXfont<1.4.4 privilege-escalation http://secunia.com/advisories/45544/ adobe-flash-plugin<10.3.183.5 remote-system-access http://www.adobe.com/support/security/bulletins/apsb11-21.html isc-dhcpd<4.2.2 denial-of-service http://secunia.com/advisories/45582/ mplayer<1.0rc20100913nb8 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3625 gimp<2.6.11nb9 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2896 stunnel<4.42 remote-code-execution http://stunnel.org/?page=sdf_ChangeLog thunderbird<6 multiple-vulnerabilities http://www.mozilla.org/security/announce/2011/mfsa2011-31.html firefox{,-bin}<3.6.20 multiple-vulnerabilities http://www.mozilla.org/security/announce/2011/mfsa2011-30.html firefox{,-bin}>=4<6 multiple-vulnerabilities http://www.mozilla.org/security/announce/2011/mfsa2011-29.html seamonkey{,-bin}<2.3 multiple-vulnerabilities http://www.mozilla.org/security/announce/2011/mfsa2011-33.html libpurple<2.10.0 multiple-vulnerabilities http://pidgin.im/news/security/ pidgin<2.10.0 unsafe-file-execution http://pidgin.im/news/security/?id=55 suse{,32}_libpng<11.3nb2 multiple-vulnerabilities http://lists.opensuse.org/opensuse-updates/2011-08/msg00026.html gdk-pixbuf2<2.22.1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2485 roundcube<0.5.4 cross-site-scripting http://secunia.com/advisories/45605/ php-5.3.7 remote-security-bypass http://secunia.com/advisories/45678/ ruby1{8,9}-actionpack>=3.0<3.0.10 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2929 ruby1{8,9}-activerecord>=3.0<3.0.10 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2930 ruby1{8,9}-activerecord<2.3.14 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2930 ruby1{8,9}-actionpack>=3.0<3.0.10 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2931 ruby1{8,9}-actionpack<2.3.14 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2931 ruby18-activesupport>=3.0<3.0.10 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2932 ruby18-activesupport<2.3.14 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2932 ruby1{8,9}-actionpack<2.3.14 http-header-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3186 apache>=2.0<2.0.64nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192 apache>=2.2<2.2.19nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192 RealPlayerGold-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages phpmyadmin>=3.3.0<3.4.4 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2011-13.php cups<1.4.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2896 cups<1.4.8nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3170 squid>=3.0<3.1.15 remote-system-access http://www.squid-cache.org/Advisories/SQUID-2011_3.txt apache-tomcat<5.5.34 remote-security-bypass http://secunia.com/advisories/45748/ apache-tomcat>=6<6.0.34 remote-security-bypass http://secunia.com/advisories/45748/ opera<11.51 multiple-vulnerabilities http://secunia.com/advisories/45791/ xenkernel33<3.3.2nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2901 xenkernel3<3.1.4nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2901 xenkernel41<4.1.2 denial-of-service http://secunia.com/advisories/45622/ openttd<1.1.3 multiple-vulnerabilities http://secunia.com/advisories/45832/ mantis<1.2.8 multiple-vulnerabilities http://secunia.com/advisories/45829/ firefox<6.0.1 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-34.html firefox36<3.6.21 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-34.html thunderbird<3.1.13 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-34.html seamonkey<2.3.2 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-34.html firefox<6.0.2 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-35.html firefox36<3.6.22 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-35.html thunderbird<3.1.14 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-35.html seamonkey<2.3.3 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-35.html openssl<0.9.8s denial-of-service http://www.openssl.org/news/secadv_20110906.txt wireshark<1.6.2 multiple-vulnerabilities http://web.nvd.nist.gov/view/vuln/detail?vulnId=2011-3266 librsvg<2.34.1 denial-of-service http://secunia.com/advisories/45877/ cyrus-imapd>=2.2<2.3.17 buffer-overflow http://secunia.com/advisories/45938/ cyrus-imapd>=2.4<2.4.11 buffer-overflow http://secunia.com/advisories/45938/ p5-FCGI>=0.70<0.74 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2766 py{15,20,21,22,23,24,25,26,27,31}-django<1.2.7 multiple-vulnerabilities https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/ mozilla-rootcerts<1.0.20110902 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-35.html apache>=2.2.12<2.2.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348 typo3<4.5.6 sql-injection http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-002/ typo3<4.5.6 denial-of-service http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-003/ phpmyadmin>=3.4.0<3.4.5 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2011-14.php evolution-data-server<3.1.1 remote-information-exposure http://secunia.com/advisories/45941/ openvas-server-[0-9]* local-privilege-escalation http://secunia.com/advisories/45836/ acroread9<9.4.6 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-24.html swi-prolog-packages<5.11.18nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2896 firefox<7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox7 firefox36<3.6.23 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.23 thunderbird<7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird7 seamonkey<2.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.4 quagga<0.99.19 denial-of-service http://secunia.com/advisories/46139/ etherape<0.9.12 denial-of-service http://sourceforge.net/mailarchive/message.php?msg_id=27582286 adobe-flash-plugin<10.3.183.10 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-26.html ffmpeg<20111002.0.7.6 remote-system-access http://secunia.com/advisories/46134/ ffmpeg<20111002.0.7.6 multiple-vulnerabilities http://secunia.com/advisories/46245/ ldns<1.6.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3581 php<5.3.8nb1 remote-system-access http://secunia.com/advisories/46107/ awstats<7.0nb3 cross-site-scripting http://secunia.com/advisories/46160/ libpurple<2.10.1 unknown-impact http://developer.pidgin.im/ticket/14636 cyrus-imapd>=2.2<2.3.18 security-bypass http://secunia.com/advisories/46093/ cyrus-imapd>=2.4<2.4.12 security-bypass http://secunia.com/advisories/46093/ kdelibs4<.5.5nb8 spoofing-attack http://secunia.com/advisories/46157/ p5-Crypt-DSA<1.17 security-bypass http://secunia.com/advisories/46275/ vlc<1.1.11nb2 denial-of-service http://www.videolan.org/security/sa1107.html puppet-[0-9]* local-system-compromise http://secunia.com/advisories/46223/ ruby1{8,9,93}-puppet<2.7.4 local-system-compromise http://secunia.com/advisories/46223/ puppet-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/46286/ ruby1{8,9,93}-puppet<2.7.5 multiple-vulnerabilities http://secunia.com/advisories/46286/ apache<2.0.65 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368 apache>=2.2<2.2.21nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368 xpdf<3.03 multiple-vulnerabilities http://www.foolabs.com/xpdf/CHANGES typolight28<2.8.4nb5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4335 contao29<2.9.5nb5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4335 contao210<2.10.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4335 qemu<0.15.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3346 png>=1.5.4<1.5.5 denial-of-service http://secunia.com/advisories/46148/ xenkernel33-[0-9]* denial-of-service http://secunia.com/advisories/46105/ xenkernel3-[0-9]* denial-of-service http://secunia.com/advisories/46105/ perl<5.14.2 remote-system-access http://secunia.com/advisories/46172/ p5-Digest<1.17 remote-system-access http://secunia.com/advisories/46279/ perl<5.14.2nb1 remote-system-access http://secunia.com/advisories/46299/ phppgadmin<5.0.2 code-injection http://archives.postgresql.org/pgsql-announce/2010-11/msg00021.php phppgadmin<5.0.3 cross-site-scripting http://secunia.com/advisories/46248/ geeklog<1.8.1 cross-site-scripting http://secunia.com/advisories/46348/ opera<11.52 remote-system-access http://secunia.com/advisories/46375/ logsurfer<1.8 command-injection http://seclists.org/oss-sec/2011/q4/81 asterisk>=1.8<1.8.7.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-012.html psi-[0-9]* ssl-cert-spoofing http://secunia.com/advisories/46349/ phpmyadmin<3.4.6 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2011-16.php clamav<0.97.3 denial-of-service http://secunia.com/advisories/46455/ suse{,32}_openssl<11.3nb5 denial-of-service http://support.novell.com/security/cve/CVE-2011-3207.html suse{,32}_openssl<11.3nb5 denial-of-service http://support.novell.com/security/cve/CVE-2011-3210.html suse{,32}_qt4<11.3nb1 denial-of-service http://support.novell.com/security/cve/CVE-2011-3193.html suse{,32}_qt4<11.3nb1 denial-of-service http://support.novell.com/security/cve/CVE-2011-3194.html qt4-libs<4.7.3nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3193 qt4-tiff<4.7.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3194 moodle<2.1.2 multiple-vulnerabilities http://secunia.com/advisories/46247/ sun-{jre,jdk}6<6.0.29 multiple-vulnerabilities http://secunia.com/advisories/46512/ libpurple<2.10.1 denial-of-service http://secunia.com/advisories/46298/ modular-xorg-server<1.6.5nb14 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4028 modular-xorg-server<1.6.5nb14 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4029 mit-krb5<1.8.4nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1529 empathy<3.2.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3635 puppet-[0-9]* man-in-the-middle-attack http://secunia.com/advisories/46550/ ruby1{8,9,93}-puppet<2.7.6 man-in-the-middle-attack http://secunia.com/advisories/46550/ suse{,32}_krb5<11.3nb4 multiple-vulnerabilities http://secunia.com/advisories/46546/ freetype2<2.4.7 remote-system-access http://secunia.com/advisories/46575/ suse{,32}_freetype2<11.3nb4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3256 phpldapadmin<1.2.2 multiple-vulnerabilities http://secunia.com/advisories/46551/ PAM-[0-9]* privilege-escalation http://secunia.com/advisories/46583/ libxml2<2.7.8nb4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2821 libxml2<2.7.8nb4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2834 libxml2<2.7.8nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3905 libxml2<2.7.8nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3919 suse{,32}_libxml2<11.3nb4 remote-system-access http://secunia.com/advisories/47572/ suse{,32}_libxml2<11.3nb5 remote-system-access http://secunia.com/advisories/47647/ openldap-server<2.4.24nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4079 tor<0.2.2.34 remote-security-bypass http://secunia.com/advisories/46634/ net6-[0-9]* multiple-vulnerabilities https://www.openwall.com/lists/oss-security/2011/10/30/3 obby-[0-9]* multiple-vulnerabilities https://www.openwall.com/lists/oss-security/2011/10/30/3 calibre<0.8.25 multiple-vulnerabilities http://secunia.com/advisories/46620/ squid>=3<3.1.16 denial-of-service http://secunia.com/advisories/46609/ qt4-tiff<4.7.3nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3194 wireshark<1.6.3 multiple-vulnerabilities http://secunia.com/advisories/46644/ php>=5.3<5.3.8nb1 arbitrary-code-execution http://secunia.com/advisories/46107/ phpmyadmin<3.4.7.1 information-disclosure http://secunia.com/advisories/46447/ ffmpeg<20110907.0.7.4 multiple-vulnerabilities http://secunia.com/advisories/46111/ apache>=2.2<2.2.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348 apache<2.0.65 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607 apache>=2.2<2.2.21nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607 xenkernel41<4.1.2 denial-of-service http://secunia.com/advisories/46105/ caml-light<0.74nb2 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4119 moscow_ml<2.01nb1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4119 adobe-flash-plugin<10.3.183.10 multiple-vulnerabilities http://secunia.com/advisories/46113/ p5-Parallel-ForkManager<1.0.0 insecure-temp-files https://nvd.nist.gov/vuln/detail/CVE-2011-4115 ffmpeg<20111104.0.7.7 multiple-vulnerabilities http://secunia.com/advisories/46736/ gnutls<2.12.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4128 adobe-flash-plugin>=10.1<10.3.183.11 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-28.html adobe-flash-plugin>=11<11.1.102.55 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-28.html firefox<8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox8 thunderbird<8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird8 proftpd<1.3.3g remote-system-access http://bugs.proftpd.org/show_bug.cgi?id=3711 audacious-plugins<3.0.3 remote-system-access http://jira.atheme.org/browse/AUDPLUG-394 freetype2<2.4.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3439 suse{,32}_freetype2<12.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3439 python25-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages bind<9.6.3.1.ESV.5pl1 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-4313 bind>=9.7.0<9.7.4pl1 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-4313 bind>=9.8.0<9.8.1pl1 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-4313 nginx<1.0.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4315 dovecot>=2<2.0.16 ssl-cert-spoofing http://secunia.com/advisories/46886/ ruby1{8,9,93}-actionpack>=3<3.0.11 cross-site-scripting http://secunia.com/advisories/46877/ apache>=2.2.12<2.2.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348 gnash<0.8.10 insecure-temp-files http://secunia.com/advisories/46955/ ffmpeg<20111121.0.7.8 multiple-vulnerabilities http://secunia.com/advisories/46888/ namazu<2.0.21 cross-site-scripting http://secunia.com/advisories/46925/ ejabberd<2.1.9 denial-of-service http://secunia.com/advisories/46915/ apache>=2.0<2.2.21nb4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3639 apache<2.2.21nb5 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4317 lighttpd<1.4.29nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4362 mediawiki<1.17.1 remote-information-exposure http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-November/000104.html py{25,26,27,31}-clearsilver<0.10.5nb1 denial-of-service http://secunia.com/advisories/47016/ p5-Proc-ProcessTable<0.47 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4363 phpmyadmin<3.4.8 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2011-18.php p5-PAR<1.003 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4114 libarchive<2.8.4nb4 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1777 libarchive<2.8.4nb4 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1778 opera<11.60 denial-of-service http://www.securityfocus.com/bid/50421 chasen-base>=2.4<2.4.4nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4000 privoxy>=3.0.5<3.0.18 http-response-splitting http://www.securityfocus.com/bid/50768 moodle<1.9.15 multiple-vulnerabilities http://secunia.com/advisories/47076/ moodle>2.1<2.1.3 multiple-vulnerabilities http://secunia.com/advisories/47103/ moodle>2.0<2.0.6 multiple-vulnerabilities http://secunia.com/advisories/47103/ acroread9<9.4.7 remote-system-access http://www.adobe.com/support/security/advisories/apsa11-04.html firefox<31 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4688 isc-dhcpd<4.2.3p1 denial-of-service https://www.isc.org/software/dhcp/advisories/cve-2011-4539 jasper<1.900.1nb6 remote-system-access http://secunia.com/advisories/47175/ asterisk>=1.6<1.6.2.21 information-leak http://downloads.digium.com/pub/security/AST-2011-013.html asterisk>=1.8<1.8.7.2 information-leak http://downloads.digium.com/pub/security/AST-2011-013.html asterisk>=1.6.2<1.6.2.21 denial-of-service http://downloads.digium.com/pub/security/AST-2011-014.html asterisk>=1.8<1.8.7.2 denial-of-service http://downloads.digium.com/pub/security/AST-2011-014.html opera<11.60 multiple-vulnerabilities http://secunia.com/advisories/47077/ cacti<0.8.7i cross-site-scripting http://secunia.com/advisories/47195/ icu<4.8.1nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4599 typo3<4.5.9 remote-code-execution http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-004/ typo3>=4.6.0<4.6.2 remote-code-execution http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-004/ unbound<1.4.14 denial-of-service http://secunia.com/advisories/47220/ adobe-flash-plugin<11.1.102.62 remote-system-access http://secunia.com/advisories/47161/ tor<0.2.2.35 remote-system-access http://secunia.com/advisories/47276/ firefox<9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox9 thunderbird<9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird9 seamonkey<2.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.6 xulrunner192<1.9.2.23 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox7 xulrunner>=2<9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html opera-[0-9]* sensitive-information-exposure http://secunia.com/advisories/47128/ ipmitool=6<6.0.35 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html apache-tomcat>=7<7.0.23 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html maradns<1.4.09 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html mpack<1.6nb3 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4919 bugzilla>=2.0<3.4.13 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3668 bugzilla>=3.5.1<3.6.7 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3668 bugzilla>=3.7.1<4.0.3 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3668 bugzilla>=4.1.1<4.2rc1 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3668 bugzilla>=2.0<3.4.12 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3669 bugzilla>=3.5.1<3.6.7 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3669 bugzilla>=3.7.1<4.0.3 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3669 bugzilla>=4.1.1<4.2rc1 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3669 bugzilla>=2.17.1<3.4.13 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3657 bugzilla>=3.5.1<3.6.7 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3657 bugzilla>=3.7.1<4.0.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3657 bugzilla>=4.1.1<4.2rc1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3657 bugzilla>=2.23.3<3.4.13 unauthorized-account-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3667 bugzilla>=3.5.1<3.6.7 unauthorized-account-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3667 bugzilla>=3.7.1<4.0.3 unauthorized-account-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3667 bugzilla>=4.1.1<4.2rc1 unauthorized-account-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3667 wordpress<3.3.1 unauthorized-account-creation http://secunia.com/advisories/47371/ suse{,32}_base<11.3nb8 information-disclosure http://secunia.com/advisories/47432/ suse{,32}_base<11.3nb8 local-system-compromise http://secunia.com/advisories/47409/ spamdyke<4.2.1 plaintext-injection http://secunia.com/advisories/47435/ firefox<10.0.3 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0455 openssl<0.9.8s multiple-vulnerabilities http://secunia.com/advisories/47426/ suse113{,32}_openssl<11.3nb6 multiple-vulnerabilities http://secunia.com/advisories/47426/ ffmpeg<20120112.0.7.11 multiple-vulnerabilities http://secunia.com/advisories/47383/ openttd<1.1.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0048 gnutls>=3<3.0.11 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0390 mysql-client-5.0.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-server-5.0.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages wireshark<1.6.5 remote-user-shell http://www.wireshark.org/security/wnpa-sec-2012-01.html wireshark<1.6.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-02.html wireshark<1.6.5 remote-user-shell http://www.wireshark.org/security/wnpa-sec-2012-03.html emacs>=23<23.3bnb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0035 emacs-nox11>=23<23.3bnb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0035 emacs>=24<24.0.93 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0035 powerdns<2.9.22.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0206 ruby{18,19,193}-rack>=1.3<1.3.6 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html ruby{18,19,193}-rack>=1.2<1.2.5 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html ruby{18,19,193}-rack<1.1.3 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html mediawiki<1.17.2 sensitive-information-exposure http://secunia.com/advisories/47547/ isc-dhcpd<4.2.3p2 denial-of-service https://www.isc.org/software/dhcp/advisories/cve-2011-4868 apache<2.0.65 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031 apache>=2.2.0<2.2.21nb6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031 tahoe-lafs<1.9.1 remote-data-manipulation http://secunia.com/advisories/47506/ apache-tomcat>=6.0.30<6.0.34 remote-security-bypass http://secunia.com/advisories/47554/ moodle<2.1.4 remote-security-bypass http://secunia.com/advisories/47559/ moodle>=2.2<2.2.1 remote-security-bypass http://secunia.com/advisories/47559/ jenkins<1.424.2 denial-of-service https://www.cloudbees.com/jenkins-security-advisory-2012-01-12 ffmpeg<20120112.0.7.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3893 ffmpeg<20120112.0.7.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3895 php<5.3.9 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0057 spamdyke<4.3.0 remote-system-access http://secunia.com/advisories/47548/ openssl<0.9.8t denial-of-service http://www.openssl.org/news/secadv_20120118.txt asterisk>=1.8<1.8.8.2 denial-of-service http://downloads.digium.com/pub/security/AST-2012-001.html asterisk>=10.0<10.0.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-001.html php53-suhosin<5.3.9.0.9.33 buffer-overflow http://www.securityfocus.com/archive/1/521309 suse{,32}_qt4<11.3nb2 remote-system-access http://secunia.com/advisories/47645/ smokeping<2.6.7 cross-site-scripting http://secunia.com/advisories/47678/ qemu<1.0.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0029 qemu<1.3.0 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6075 curl<7.23.1nb1 sensitive-information-disclosure http://secunia.com/advisories/47690/ php5-suhosin<5.2.17.0.9.33 buffer-overflow http://secunia.com/advisories/47689/ php53-suhosin<5.3.9.0.9.33 buffer-overflow http://secunia.com/advisories/47689/ libvpx<1 unknown-impact http://blog.webmproject.org/2012/01/vp8-codec-sdk-duclair-released.html openssh<5.6 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0814 apache>=2.2.17<2.2.21nb7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0021 apache<2.0.65 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053 apache>=2.2.0<2.2.21nb7 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053 opera<11.61 multiple-vulnerabilities http://secunia.com/advisories/47686/ samba>=3.6.0<3.6.3 denial-of-service http://www.samba.org/samba/history/samba-3.6.3.html drupal>6<6.23 multiple-vulnerabilities http://drupal.org/node/1425084 drupal>7<7.11 multiple-vulnerabilities http://drupal.org/node/1425084 firefox<10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox10 thunderbird<10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird10 seamonkey<2.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.7 xulrunner192<1.9.2.26 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox10 xulrunner>=2<10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox10 php>=5.3.9<5.3.9nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0830 xentools33<3.3.2nb10 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0029 xentools41<4.1.2nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0029 xkeyboard-2.4 local-access http://gu1.aeroxteam.fr/2012/01/19/bypass-screensaver-locker-program-xorg-111-and-up/ sudo>=1.8.0<1.8.3p2 privilege-escalation http://www.sudo.ws/sudo/alerts/sudo_debug.html ffmpeg<20120919.0.10.5 multiple-vulnerabilities http://secunia.com/advisories/47765/ phpldapadmin<1.2.2nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0834 png>=1.5.4<1.5.7 multiple-vulnerabilities http://secunia.com/advisories/47827/ bugzilla>=3.5.1<3.6.8 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0440 bugzilla>=3.7.1<4.0.4 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0440 bugzilla>=4.1.1<4.2rc2 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0440 bugzilla>=2.0<3.4.14 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0448 bugzilla>=3.5.1<3.6.8 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0448 bugzilla>=3.7.1<4.0.4 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0448 bugzilla>=4.1<4.2rc2 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0448 ocaml<4.00.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0839 imp<4.3.11 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0791 horde<3.3.13 cross-site-scripting http://secunia.com/advisories/47904/ putty<0.62 sensitive-information-exposure http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/password-not-wiped.html base-[0-9]* sql-injection http://www.securityfocus.com/bid/51874/discuss apr<1.4.5nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0840 suse{,32}<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_alsa<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_aspell<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_base<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_compat<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_expat<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_fontconfig<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_freetype2<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_glx<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_gtk2<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_krb5<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libcups<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libcurl<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libdrm<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libjpeg<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libpng<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libsigc++2<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libtiff<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libxml2<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_locale<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openmotif<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openssl<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_qt4<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_slang<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_vmware<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_x11<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ImageMagick<6.7.5.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0247 ImageMagick<6.7.5.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0248 firefox>=10<10.0.1 arbitrary-code-execution http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox10.0.1 thunderbird>=10<10.0.1 arbitrary-code-execution http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird10.0.1 seamonkey>=2.7<2.7.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.7.1 firefox36<3.6.24 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.24 firefox36<3.6.26 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.26 netsurf<2.9 sensitive-information-exposure http://secunia.com/advisories/48021/ mysql-server<5.1.62 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0882 mysql-server>=5.5<5.5.22 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0882 mysql-server>=5.5<5.5.20 unknown-impact http://secunia.com/advisories/47586/ mysql-server>=5.1<5.1.61 unknown-impact http://secunia.com/advisories/47928/ python25<2.5.6nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0845 python26<2.6.7nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0845 python27<2.7.2nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0845 python31<3.1.4nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0845 libvorbis<1.3.2nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0444 sun-{jdk,jre}6<6.0.31 multiple-vulnerabilities http://secunia.com/advisories/48009/ openjdk7<1.7.3 multiple-vulnerabilities http://secunia.com/advisories/48009/ openjdk7-icedtea-plugin-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libpng<12.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026 png<1.5.8nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026 adobe-flash-plugin<11.1.102.62 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-03.html phpmyadmin<3.4.10.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1190 firefox>=4<10.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-11.html thunderbird<10.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-11.html seamonkey<2.7.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-11.html firefox36<3.6.27 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-11.html xulrunner>=2<10.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-11.html xulrunner192-[0-9]* arbitrary-code-execution http://secunia.com/advisories/48069/ jenkins-[0-9]* cross-site-scripting http://secunia.com/advisories/48056/ samba<3.0.37nb9 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0870 samba>=3.1<3.3.16nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0870 php{5,53,54,55}-tiki6-[0-9]* cross-site-scripting http://secunia.com/advisories/48102/ powerdns-recursor<3.5 spoofing-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1193 libxml2<2.7.8nb8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0841 csound5<5.16.6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0270 bugzilla>=4.0.2<4.0.5 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0453 bugzilla>=4.1.1<4.2 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0453 contao29<2.9.5nb6 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1297 contao210<2.10.4nb2 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1297 contao211<2.11.2nb1 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1297 dropbear<2012.55 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0920 ruby1{8,9,93}-activesupport>=3<3.0.11nb1 cross-site-scripting http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2012-1098 ruby1{8,9,93}-activesupport>=3.1.0<3.1.3nb2 cross-site-scripting http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2012-1098 ruby1{8,9,93}-actionpack>=3<3.0.11nb3 cross-site-scripting http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2012-1098 ruby1{8,9,93}-actionpack>=3.1.0<3.1.3nb1 cross-site-scripting http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2012-1098 postgresql83{,-server,-client}<8.3.18 multiple-vulnerabilities http://www.postgresql.org/about/news/1377/ postgresql84{,-server,-client}<8.4.11 multiple-vulnerabilities http://www.postgresql.org/about/news/1377/ postgresql90{,-server,-client}<9.0.7 multiple-vulnerabilities http://www.postgresql.org/about/news/1377/ postgresql91{,-server,-client}<9.1.3 multiple-vulnerabilities http://www.postgresql.org/about/news/1377/ openssl<0.9.8tnb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7250 p5-XML-Atom<0.39 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1102 taglib<1.7.1 denial-of-service http://secunia.com/advisories/48211/ adobe-flash-plugin>10<11.1.102.63 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-05.html adobe-flash-plugin<10.3.183.16 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-05.html mantis<1.2.9 multiple-vulnerabilities http://secunia.com/advisories/48258/ freetype2<2.4.9 multiple-vulnerabilities http://secunia.com/advisories/48268/ puppet-[0-9]* privilege-escalation http://puppetlabs.com/security/cve/CVE-2012-1053/ ruby1{8,9,93}-puppet<2.6.14 privilege-escalation http://puppetlabs.com/security/cve/CVE-2012-1053/ puppet-[0-9]* privilege-escalation http://puppetlabs.com/security/cve/CVE-2012-1054/ ruby1{8,9,93}-puppet<2.6.14 privilege-escalation http://puppetlabs.com/security/cve/CVE-2012-1054/ kadu>=0.9.0<0.11.0 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1410 jenkins<1.424.5 cross-site-scripting http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-03-05.cb py{24,25,26,27,31}-sqlalchemy<0.7.0 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0805 ruby{18,19,193}-rails-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby{18,19,193}-activesupport-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby{18,19,193}-activerecord-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby{18,19,193}-actionpack-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby{18,19,193}-actionmailer-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby{18,19,193}-activeresource-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby{18,19,193}-actionpack>3<3.0.12 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1099 ruby{18,19,193}-actionpack>3.1<3.1.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1099 p5-YAML-LibYAML<0.38nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1152 phpldapadmin<1.2.2nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1114 phpldapadmin<1.2.2nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1115 p5-DBD-postgresql<2.19.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1151 libxslt<1.1.26nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3970 openssl<0.9.8u man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0884 openssl<0.9.8u denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4619 openldap-server<2.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1164 python25-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150 python26<2.6.7nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150 python27<2.7.2nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150 python31<3.1.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150 gnash-[0-9]* remote-system-access http://secunia.com/advisories/47183/ firefox>=4<10.0.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox11 thunderbird>=4<10.0.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird11 seamonkey<2.8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.8 firefox36<3.6.28 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.28 xulrunner>=2<11 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-19.html xulrunner10>=2<10.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-19.html xulrunner192<1.9.2.28 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-19.html libpurple<2.10.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1178 pidgin<2.10.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4939 nginx<1.0.14 sensitive-information-exposure http://secunia.com/advisories/48366/ lshell<0.9.15 security-bypass http://secunia.com/advisories/48367/ lshell<0.9.15.1 security-bypass http://secunia.com/advisories/48424/ libgdata<0.11.1 man-in-the-middle-attack http://secunia.com/advisories/48315/ audacious-plugins<3.1 remote-system-access http://secunia.com/advisories/48439/ gif2png<2.5.8 remote-system-access http://secunia.com/advisories/48437/ quagga<0.99.20.1 multiple-vulnerabilities http://secunia.com/advisories/48388/ asterisk>=1.6<1.6.2.23 denial-of-service http://downloads.digium.com/pub/security/AST-2012-002.html asterisk>=1.8<1.8.10.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-002.html asterisk>=10.0<10.2.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-002.html asterisk>=1.8<1.8.10.1 arbitrary-code-execution http://downloads.digium.com/pub/security/AST-2012-003.html asterisk>=10.0<10.2.1 arbitrary-code-execution http://downloads.digium.com/pub/security/AST-2012-003.html moodle<2.1.5 multiple-vulnerabilities http://docs.moodle.org/dev/Moodle_2.1.5_release_notes#Security_issues maradns<2 remote-spoofing http://secunia.com/advisories/48492/ vlc08-[0-9]* remote-system-access http://secunia.com/advisories/48503/ vlc-1.* remote-system-access http://secunia.com/advisories/48503/ vlc>=2<2.0.1 remote-system-access http://secunia.com/advisories/48500/ libzip<0.10.1 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1162 libzip<0.10.1 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1163 inspircd<2.0.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1836 openoffice3{,-bin}-[0-9]* sensitive-information-exposure http://www.openoffice.org/security/cves/CVE-2012-0037.html libreoffice3-bin<3.4.6 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0037 gnutls<2.12.17 local-system-compromise http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1573 libtasn1<2.12 local-system-compromise http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1569 openjpeg<1.5 arbitrary-code-execution http://secunia.com/advisories/48498/ raptor-[0-9]* sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0037 raptor2<2.0.7 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0037 mediawiki<1.17.3 multiple-vulnerabilities http://secunia.com/advisories/48504/ suse{,32}_openssl<12.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2006-7250.html opera<11.62 multiple-vulnerabilities http://secunia.com/advisories/48535/ typo3<4.5.14 multiple-vulnerabilities https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001/ typo3>=4.6.0<4.6.7 multiple-vulnerabilities https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001/ nginx>=0.1.0<0.7.65 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 nginx>=0.8.0<0.8.22 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 wireshark<1.6.6 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-04.html wireshark<1.6.6 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-05.html wireshark<1.6.6 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-06.html wireshark<1.6.6 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-07.html file<5.11 heap-based-buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1571 suse{,32}_libpng<12.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2011-3045.html phppgadmin<5.0.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1600 png<1.5.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3048 adobe-flash-plugin>10<11.2.202.228 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-07.html adobe-flash-plugin<10.3.183.18 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-07.html expat<2.1.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0876 expat<2.1.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1147 expat<2.1.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1148 suse{,32}_libexpat<12.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2012-0876.html suse{,32}_libexpat<12.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2012-1147.html suse{,32}_libexpat<12.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2012-1148.html jdbc-postgresql80-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages jdbc-postgresql81-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages jdbc-postgresql82-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages csound5-[0-9]* remote-system-access http://secunia.com/advisories/48719/ csound5<5.16.7 remote-system-access http://secunia.com/advisories/48148/ rpm<4.9.1.3 remote-system-access http://secunia.com/advisories/48651/ tiff<4.0.1nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1173 suse{,32}_libtiff<12.1nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1173 ImageMagick<6.7.5.10nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1610 ImageMagick<6.7.5.10nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0259 ImageMagick<6.7.5.10nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0260 ImageMagick<6.7.5.10nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1798 ap{2,22}-fcgid>=2.3.6<2.3.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1181 slock<1.0 local-security-bypass http://secunia.com/advisories/48700/ gajim<0.15 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2085 gajim<0.15 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2086 mysql-server>=5.5<5.5.20 unknown-impact http://secunia.com/advisories/48744/ mysql-client>=5.5<5.5.20 unknown-impact http://secunia.com/advisories/48744/ ffmpeg<20120919.0.10.5 multiple-vulnerabilities http://secunia.com/advisories/48770/ flightgear-[0-9]* buffer-overflow http://secunia.com/advisories/48780/ acroread9<9.5.1 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-08.html samba<3.0.37nb10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182 samba>=3.3<3.3.16nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182 samba>=3.5<3.5.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182 samba>=3.6<3.6.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182 puppet-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/48743/ ruby1{8,9}-puppet<2.7.13 multiple-vulnerabilities http://secunia.com/advisories/48743/ suse{,32}_openssl<12.1nb2 denial-of-service http://support.novell.com/security/cve/CVE-2012-1165.html openssl<0.9.8u denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1165 openssl>=1.0<1.0.0h denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1165 links{,-gui}<2.6 local-system-compromise http://secunia.com/advisories/48689/ gcc<4.5 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gcc3-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gcc34-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gcc44-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_freetype2<12.1nb1 local-system-compromise http://secunia.com/advisories/48805/ gallery>=2.0<2.3.2 cross-site-scripting http://secunia.com/advisories/48767/ gallery>=3.0<3.0.3 cross-site-scripting http://secunia.com/advisories/48767/ suse{,32}_libpng<12.1nb2 local-system-compromise http://support.novell.com/security/cve/CVE-2011-3048.html openjpeg<1.5.0 arbitrary-code-execution http://secunia.com/advisories/48781/ phpmyadmin>=3.4.0<3.4.10.2 information-disclosure http://www.phpmyadmin.net/home_page/security/PMASA-2012-2.php mysql-server<5.0.95 unknown-impact http://dev.mysql.com/doc/refman/5.0/en/news-5-0-95.html mysql-client<5.0.95 unknown-impact http://dev.mysql.com/doc/refman/5.0/en/news-5-0-95.html mysql-server>=5.1<5.1.62 unknown-impact http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html mysql-client>=5.1<5.1.62 unknown-impact http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html mysql-server>=5.1<5.1.63 unknown-impact http://dev.mysql.com/doc/refman/5.1/en/news-5-1-63.html mysql-client>=5.1<5.1.63 unknown-impact http://dev.mysql.com/doc/refman/5.1/en/news-5-1-63.html mysql-server>=5.5<5.5.22 unknown-impact http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html mysql-client>=5.5<5.5.22 unknown-impact http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html mysql-server>=5.5<5.5.23 unknown-impact http://dev.mysql.com/doc/refman/5.5/en/news-5-5-23.html mysql-client>=5.5<5.5.23 unknown-impact http://dev.mysql.com/doc/refman/5.5/en/news-5-5-23.html mysql-server>=5.5<5.5.24 unknown-impact http://dev.mysql.com/doc/refman/5.5/en/news-5-5-24.html mysql-client>=5.5<5.5.24 unknown-impact http://dev.mysql.com/doc/refman/5.5/en/news-5-5-24.html gajim<0.15 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2093 typo3<4.5.15 cross-site-scripting https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-002/ typo3>=4.6.0<4.6.8 cross-site-scripting https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-002/ openssl<0.9.8v denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110 openssl>=1.0<1.0.0i denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110 openssl>=1.0.1<1.0.1a denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110 php{5,53}-owncloud<3.0.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2269 php{5,53}-owncloud<3.0.2 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2270 bugzilla>=2.17.4<3.6.9 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0465 bugzilla>=3.7.1<4.0.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0465 bugzilla>=4.1.1<4.2.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0465 bugzilla>=2.17.4<3.6.9 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0466 bugzilla>=3.7.1<4.0.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0466 bugzilla>=4.1.1<4.2.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0466 php{5,53}-owncloud<3.0.2 remote-security-bypass https://seclists.org/fulldisclosure/2012/Apr/223 ruby1{8,9,93}-rubygems<1.8.23 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2126 ruby19-base<1.9.2pl320 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2126 ruby193-base<1.9.3p194 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2126 mysql-server>=5.1<5.1.61 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0583 mysql-server>=5.5<5.5.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0583 mysql-server>=5.1<5.1.62 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1688 mysql-server>=5.5<5.5.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1688 mysql-server>=5.1<5.1.62 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1690 mysql-server>=5.5<5.5.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1690 mysql-server>=5.5<5.5.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1696 mysql-server>=5.5<5.5.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1697 mysql-server>=5.1<5.1.62 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1703 mysql-server>=5.5<5.5.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1703 apache>=2.0<2.2.22nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0883 apache>=2.4<2.4.2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0883 asterisk>=1.6<1.6.2.24 privilege-escalation http://downloads.digium.com/pub/security/AST-2012-004.html asterisk>=1.8<1.8.11.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2012-004.html asterisk>=10.0<10.3.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2012-004.html asterisk>=1.6<1.6.2.24 buffer-overrun http://downloads.digium.com/pub/security/AST-2012-005.html asterisk>=1.8<1.8.11.1 buffer-overrun http://downloads.digium.com/pub/security/AST-2012-005.html asterisk>=10.0<10.3.1 buffer-overrun http://downloads.digium.com/pub/security/AST-2012-005.html asterisk>=1.8<1.8.11.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-006.html asterisk>=10.0<10.3.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-006.html firefox36-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xulrunner192-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openssl<12.1nb3 man-in-the-middle-attack http://support.novell.com/security/cve/CVE-2012-0884.html wordpress<3.3.2 multiple-vulnerabilities http://secunia.com/advisories/48957/ firefox10<10.0.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.4 firefox<12 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox12 thunderbird10<10.0.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.4 thunderbird<12 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird12 seamonkey<2.9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.9 xulrunner<12 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-20.html xulrunner10<10.0.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-20.html openssl<0.9.8w denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2131 net-snmp<5.6.1.1nb3 denial-of-service http://secunia.com/advisories/48938/ ruby1{8,9,93}-mail<2.4.4 multiple-vulnerabilities http://secunia.com/advisories/48970/ python32<3.2.4 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2135 php{5,53,54,55}-concrete5<5.7.4.2 cross-site-scripting http://secunia.com/advisories/48997/ samba>=3.5<3.5.15 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111 samba>=3.6<3.6.5 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111 drupal>=7<7.13 multiple-vulnerabilities http://secunia.com/advisories/49012/ p5-Config-IniFiles<2.71 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2451 php<5.3.12nb1 sensitive-information-exposure http://secunia.com/advisories/49014/ libpurple<2.10.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2214 adobe-flash-plugin<10.3.183.19 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb12-09.html adobe-flash-plugin>=11<11.2.202.235 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb12-09.html php{5,53}-orangehrm<2.7 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1506 php{5,53}-orangehrm<2.7 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1507 opera<11.64 arbitrary-code-execution http://www.opera.com/support/kb/view/1016/ openssl<0.9.8x denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2333 drupal<6.27 information-disclosure http://secunia.com/advisories/49131/ drupal>=7.0<7.15 information-disclosure http://secunia.com/advisories/49131/ sympa<6.1.11 multiple-vulnerabilities http://secunia.com/advisories/49045/ pidgin-otr<3.2.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2369 socat<1.7.2.1 remote-system-access http://secunia.com/advisories/49105/ gdk-pixbuf2<2.26.1nb2 remote-system-access http://secunia.com/advisories/49125/ taglib<1.7.2 denial-of-service http://secunia.com/advisories/49159/ libxml2<2.7.8nb10 remote-system-access http://secunia.com/advisories/49177/ openoffice3{,-bin}<3.4 remote-system-access http://secunia.com/advisories/46992/ libreoffice3{,-bin}<3.5.3 remote-system-access http://secunia.com/advisories/47244/ sudo<1.7.9p1 local-security-bypass http://secunia.com/advisories/49219/ ikiwiki<3.20120516 cross-site-scripting http://secunia.com/advisories/49232/ moodle<2.1.6 multiple-vulnerabilities http://secunia.com/advisories/49233/ wireshark<1.6.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-08.html wireshark<1.6.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-09.html wireshark<1.6.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-10.html rt<3.8.12 multiple-vulnerabilities http://secunia.com/advisories/49259/ haproxy<1.4.21 arbitrary-code-execution http://secunia.com/advisories/49261/ py{25,26,27,31,32}-crypto<2.6 brute-force-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2417 apache-ant<1.8.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2098 py{25,26,27,31,32}-feedparser<5.1.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2921 xentools41<4.1.3nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2625 xentools41<4.1.3nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4544 asterisk>=1.8<1.8.12.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-007.html asterisk>=10.0<10.4.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-007.html asterisk>=1.8<1.8.12.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-008.html asterisk>=10.0<10.4.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-008.html qemu<1.1.0 local-security-bypass http://secunia.com/advisories/49283/ focal81<0nb1 uses-gets http://gnats.netbsd.org/46510 asterisk<1.8 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages postgresql84-pgcrypto<8.4.12 multiple-vulnerabilities http://www.postgresql.org/about/news/1397/ postgresql90-pgcrypto<9.0.8 multiple-vulnerabilities http://www.postgresql.org/about/news/1397/ postgresql91-pgcrypto<9.1.4 multiple-vulnerabilities http://www.postgresql.org/about/news/1397/ ups-nut<2.6.4 denial-of-service http://secunia.com/advisories/49348/ ruby{18,19,193}-activerecord>=3<3.0.13 sql-injection http://secunia.com/advisories/49297/ ruby{18,19,193}-activerecord>=3.1<3.1.5 sql-injection http://secunia.com/advisories/49297/ ruby{18,19,193}-activerecord>=3.2<3.2.4 sql-injection http://secunia.com/advisories/49297/ ruby{18,19,193}-actionpack>=3<3.0.13 sql-injection http://secunia.com/advisories/49297/ ruby{18,19,193}-actionpack>=3.1<3.1.5 sql-injection http://secunia.com/advisories/49297/ ruby{18,19,193}-actionpack>=3.2<3.2.4 sql-injection http://secunia.com/advisories/49297/ gimp>=2.6.11<2.8.0 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2763 bind>=9.6<9.6.3.1.ESV.7pl1 sensitive-information-exposure http://www.isc.org/software/bind/advisories/cve-2012-1667 bind>=9.7<9.7.6pl1 sensitive-information-exposure http://www.isc.org/software/bind/advisories/cve-2012-1667 bind>=9.8<9.8.3pl1 sensitive-information-exposure http://www.isc.org/software/bind/advisories/cve-2012-1667 bind>=9.9<9.9.1pl1 sensitive-information-exposure http://www.isc.org/software/bind/advisories/cve-2012-1667 mit-krb5<1.8.6nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1013 xulrunner<13 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-34.html xulrunner<13 privilege-escalation http://www.mozilla.org/security/announce/2012/mfsa2012-35.html xulrunner<13 cross-site-scripting http://www.mozilla.org/security/announce/2012/mfsa2012-36.html xulrunner<13 information-disclosure http://www.mozilla.org/security/announce/2012/mfsa2012-37.html xulrunner<13 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-38.html nss<3.13.5 denial-of-service http://www.mozilla.org/security/announce/2012/mfsa2012-39.html xulrunner<13 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-40.html xulrunner10<10.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-34.html xulrunner10<10.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2012/mfsa2012-36.html xulrunner10<10.0.5 information-disclosure http://www.mozilla.org/security/announce/2012/mfsa2012-37.html xulrunner10<10.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-38.html xulrunner10<10.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-40.html firefox10<10.0.5 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.5 firefox<13 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox13 thunderbird10<10.0.5 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.5 thunderbird<13 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird13 seamonkey<2.10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.10 quagga-[0-9]* denial-of-service http://secunia.com/advisories/49401/ adobe-flash-plugin<10.3.183.20 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-14.html adobe-flash-plugin>=11<11.2.202.236 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-14.html xenkernel33-[0-9]* privilege-escalation http://wiki.xen.org/wiki/Security_Announcements#XSA-7_64-bit_PV_guest_privilege_escalation_vulnerability xenkernel3-[0-9]* privilege-escalation http://wiki.xen.org/wiki/Security_Announcements#XSA-7_64-bit_PV_guest_privilege_escalation_vulnerability xenkernel41<4.1.2nb1 privilege-escalation http://wiki.xen.org/wiki/Security_Announcements#XSA-7_64-bit_PV_guest_privilege_escalation_vulnerability xenkernel33-[0-9]* denial-of-service http://wiki.xen.org/wiki/Security_Announcements#XSA-8_guest_denial_of_service_on_syscall.2Fsysenter_exception_generation xenkernel3-[0-9]* denial-of-service http://wiki.xen.org/wiki/Security_Announcements#XSA-8_guest_denial_of_service_on_syscall.2Fsysenter_exception_generation xenkernel41<4.1.2nb2 denial-of-service http://wiki.xen.org/wiki/Security_Announcements#XSA-8_guest_denial_of_service_on_syscall.2Fsysenter_exception_generation xenkernel33-[0-9]* denial-of-service http://wiki.xen.org/wiki/Security_Announcements#XSA-9_PV_guest_host_Denial_of_Service_.28AMD_erratum_.23121.29 xenkernel3-[0-9]* denial-of-service http://wiki.xen.org/wiki/Security_Announcements#XSA-9_PV_guest_host_Denial_of_Service_.28AMD_erratum_.23121.29 xenkernel41<4.1.2nb2 denial-of-service http://wiki.xen.org/wiki/Security_Announcements#XSA-9_PV_guest_host_Denial_of_Service_.28AMD_erratum_.23121.29 mantis<1.2.11 remote-security-bypass http://secunia.com/advisories/49414/ mysql-server>=5.1<5.1.63 multiple-vulnerabilities http://secunia.com/advisories/49409/ mysql-server>=5.5<5.5.25 multiple-vulnerabilities http://secunia.com/advisories/49409/ sun-{jdk,jre}6<6.0.33 multiple-vulnerabilities http://secunia.com/advisories/49472/ ruby{18,19,193}-activerecord>=3<3.0.14 sql-injection http://secunia.com/advisories/49457/ ruby{18,19,193}-activerecord>=3.1<3.1.6 sql-injection http://secunia.com/advisories/49457/ ruby{18,19,193}-activerecord>=3.2<3.2.6 sql-injection http://secunia.com/advisories/49457/ ruby{18,19,193}-actionpack>=3<3.0.14 sql-injection http://secunia.com/advisories/49457/ ruby{18,19,193}-actionpack>=3.1<3.1.6 sql-injection http://secunia.com/advisories/49457/ ruby{18,19,193}-actionpack>=3.2<3.2.6 sql-injection http://secunia.com/advisories/49457/ asterisk>=10.0<10.5.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-009.html contao211<2.11.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2012-4383 mediawiki<1.19.1 cross-site-scripting http://secunia.com/advisories/49484/ opera<12 multiple-vulnerabilities http://www.opera.com/docs/changelogs/unix/1200/ suse{,32}_libxml2<12.1nb2 remote-system-access http://support.novell.com/security/cve/CVE-2011-3102.html ioquake3<1.36.20200125 arbitrary-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3345 tiff<4.0.2 arbitrary-code-execution http://secunia.com/advisories/49493/ ap{2,22}-modsecurity{,2}<2.6.6 remote-security-bypass http://secunia.com/advisories/49576/ apache-roller<5.0.1 cross-site-scripting http://secunia.com/advisories/49593/ mini_httpd-[0-9]* escape-sequence-injection http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4490 thttpd-[0-9]* escape-sequence-injection http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4491 wordpress<3.4.1 multiple-vulnerabilities http://wordpress.org/news/2012/06/wordpress-3-4-1/ typo3<4.5.17 cross-site-scripting https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-003/ typo3>=4.6.0<4.6.10 cross-site-scripting https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-003/ typo3>=4.7.0<4.7.2 cross-site-scripting https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-003/ suse{,32}_libtiff<12.1nb2 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2012-2088.html suse{,32}_libtiff<12.1nb2 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2012-2113.html asterisk>=1.8<1.8.13.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-010.html asterisk>=10.0<10.5.2 denial-of-service http://downloads.digium.com/pub/security/AST-2012-010.html asterisk>=1.8<1.8.13.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-011.html asterisk>=10.0<10.5.2 denial-of-service http://downloads.digium.com/pub/security/AST-2012-011.html libpurple<2.10.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3374 at-spi2-atk<2.5.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3378 mono<2.10.9nb12 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3382 vlc<2.0.2 remote-system-access http://secunia.com/advisories/49835/ libreoffice3{,-bin}<3.4.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2713 openoffice3{,-bin}-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2713 ruby1{8,9}-puppet<2.7.18 multiple-vulnerabilities http://secunia.com/advisories/49863/ libexif<0.6.21 multiple-vulnerabilities http://secunia.com/advisories/49857/ bash>4.2<4.2nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3410 tcl-snack-[0-9]* remote-system-access http://secunia.com/advisories/49889/ openjpeg<1.5.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3358 moodle<2.1.7 multiple-vulnerabilities http://docs.moodle.org/dev/Moodle_2.1.7_release_notes firefox10<10.0.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.6 firefox<14 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox14 thunderbird10<10.0.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.6 thunderbird<14 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird14 seamonkey<2.11 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.11 xulrunner<14 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-42.html xulrunner10<10.0.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-42.html tiff<4.0.2nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3401 suse{,32}_libtiff<12.1nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2012-3401.html php<5.3.15 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3365 nsd<3.2.12 denial-of-service http://secunia.com/advisories/49795/ suse{,32}_gtk2<12.1nb2 remote-system-access http://secunia.com/advisories/49983/ wireshark<1.6.9 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-11.html wireshark<1.6.9 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-12.html contao211<2.11.5 information-leak https://github.com/contao/core/issues/4535 squidclamav<6.7 denial-of-service https://secunia.com/advisories/49057/ isc-dhcp<4.2.4p1 multiple-vulnerabilities https://secunia.com/advisories/50018/ bind>=9.6<9.6.3.1.ESV.7pl2 denial-of-service http://secunia.com/advisories/50020/ bind>=9.7<9.7.6pl2 denial-of-service http://secunia.com/advisories/50020/ bind>=9.8<9.8.3pl2nb1 denial-of-service http://secunia.com/advisories/50020/ bind>=9.9<9.9.1pl2 denial-of-service http://secunia.com/advisories/50020/ RTFM<2.4.4 cross-site-scripting http://secunia.com/advisories/50024/ bugzilla>=2.17.5<3.6.10 sensitive-information-exposure https://secunia.com/advisories/50040/ bugzilla>=3.7.1<4.0.7 sensitive-information-exposure https://secunia.com/advisories/50040/ bugzilla>=4.1.1<4.2.2 sensitive-information-exposure https://secunia.com/advisories/50040/ bugzilla>=4.3.1<4.3.2 sensitive-information-exposure https://secunia.com/advisories/50040/ ganglia-webfrontend>=3.1.7<3.5.1 remote-code-execution https://secunia.com/advisories/50047/ ruby{18,19,193}-actionpack>=3<3.0.16 denial-of-service https://secunia.com/advisories/48682/ ruby{18,19,193}-actionpack>=3.1<3.1.7 denial-of-service https://secunia.com/advisories/48682/ ruby{18,19,193}-actionpack>=3.2<3.2.7 denial-of-service https://secunia.com/advisories/48682/ Transmission<2.61 cross-site-scripting https://secunia.com/advisories/50027/ xenkernel33<3.3.2nb6 denial-of-service http://lists.xen.org/archives/html/xen-devel/2012-07/msg01649.html xenkernel41<4.1.2nb3 denial-of-service http://lists.xen.org/archives/html/xen-devel/2012-07/msg01649.html openttd<1.2.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3436 libxml2<2.8.0nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2807 suse{,32}_libxml2<12.1nb3 denial-of-service http://support.novell.com/security/cve/CVE-2012-2807.html ImageMagick<6.7.6.6nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3437 GraphicsMagick<1.3.16nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3438 openldap-client<2.4.32 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2668 py{25,26,27,31,32}-django<1.4.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3442 py{25,26,27,31,32}-django<1.4.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3443 py{25,26,27,31,32}-django<1.4.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3444 mit-krb5>=1.8<1.10.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1014 mit-krb5>=1.10<1.10.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1015 libvirt-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3445 suse{,32}_libjpeg<12.1nb1 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2012-2806.html icedtea-web<1.2.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3422 icedtea-web<1.2.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3423 suse{,32}_libpng<12.1nb3 denial-of-service http://support.novell.com/security/cve/CVE-2012-3425.html libreoffice3-bin<3.5.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2665 libreoffice<3.5.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2665 opera<12.01 arbitrary-code-execution http://www.opera.com/support/kb/view/1016/ opera<12.01 cross-site-scripting http://www.opera.com/support/kb/view/1025/ opera<12.01 cross-site-scripting http://www.opera.com/support/kb/view/1026/ opera<12.01 remote-code-execution http://www.opera.com/support/kb/view/1027/ ntop<5.0 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4165 openoffice3<3.4.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2665 openoffice3-bin<3.4.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2665 phpmyadmin>=3.5<3.5.2.1 information-disclosure http://www.phpmyadmin.net/home_page/security/PMASA-2012-3.php koffice<2.3.3 buffer-overflow http://secunia.com/advisories/50199/ gnome-screensaver>=3.4.2<3.4.4 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3452 emacs24{,-nox11}<24.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3479 emacs{,-nox11}>23.1<23.4nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3479 typo3<4.5.19 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-004/ typo3>=4.6.0<4.6.12 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-004/ typo3>=4.7.0<4.7.4 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-004/ adobe-flash-plugin<11.2.202.238 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb12-18.html php{5,53}-owncloud<4.0.6 multiple-vulnerabilities http://secunia.com/advisories/49894/ php{5,53}-owncloud<4.0.7 multiple-vulnerabilities http://secunia.com/advisories/50214/ acroread9-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/50290/ fetchmail<6.3.21nb1 multiple-vulnerabilities http://www.fetchmail.info/fetchmail-SA-2012-02.txt fetchmail<6.3.22 information-disclosure http://www.fetchmail.info/fetchmail-SA-2012-01.txt ruby{18,19,193}-rails<3.0.17 cross-site-scripting http://secunia.com/advisories/50128/ ruby{18,19,193}-rails>=3.1<3.1.8 cross-site-scripting http://secunia.com/advisories/50128/ ruby{18,19,193}-rails>=3.2<3.2.8 cross-site-scripting http://secunia.com/advisories/50128/ rssh<2.3.4 remote-security-bypass http://secunia.com/advisories/50272/ wireshark<1.6.10 multiple-vulnerabilities http://secunia.com/advisories/50276/ postgresql83-server<8.3.20 multiple-vulnerabilities http://www.postgresql.org/about/news/1407/ postgresql84-server<8.4.13 multiple-vulnerabilities http://www.postgresql.org/about/news/1407/ postgresql90-server<9.0.9 multiple-vulnerabilities http://www.postgresql.org/about/news/1407/ postgresql91-server<9.1.5 multiple-vulnerabilities http://www.postgresql.org/about/news/1407/ phpmyadmin>=3.4<3.5.2.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2012-4.php nss<3.13.4 denial-of-service http://secunia.com/advisories/49288/ xenkernel41<4.1.2nb4 denial-of-service http://lists.xen.org/archives/html/xen-devel/2012-08/msg00855.html gimp<2.8.0nb3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3481 gimp<2.8.2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3403 tinyproxy<1.8.3nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-3505 inn<2.5.3 remote-data-manipulation http://secunia.com/advisories/50320/ apache>=2.4<2.4.3 multiple-vulnerabilities http://httpd.apache.org/security/vulnerabilities_24.html#2.4.3 adobe-flash-plugin<11.2.202.238 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-19.html gnugk<3.1 unknown http://secunia.com/advisories/50343/ jabberd>=2<2.2.17 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3525 xetex<0.9998 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3702 firefox10<10.0.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.7 firefox<15 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox15 thunderbird10<10.0.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.7 thunderbird<15 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird15 seamonkey<2.12 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.12 xulrunner<15 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-57.html xulrunner10<10.0.7 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-57.html openjpeg<1.5.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3535 mono<2.10.9nb12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3543 asterisk>=1.8<1.8.15.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2012-012.html asterisk>=10.0<10.7.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2012-012.html asterisk>=1.8<1.8.15.1 unauthorized-access http://downloads.digium.com/pub/security/AST-2012-013.html asterisk>=10.0<10.7.1 unauthorized-access http://downloads.digium.com/pub/security/AST-2012-013.html opera<12.02 arbitrary-code-execution http://www.opera.com/support/kb/view/1028/ sun-{jdk,jre}6<6.0.35 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4681 mediawiki<1.19.2 multiple-vulnerabilities https://lists.wikimedia.org/pipermail/mediawiki-announce/2012-August/000119.html bugzilla>=2.12<3.6.10 information-disclosure http://secunia.com/advisories/50433/ bugzilla>=3.7.1<4.0.7 information-disclosure http://secunia.com/advisories/50433/ bugzilla>=4.1.1<4.2.2 information-disclosure http://secunia.com/advisories/50433/ bugzilla>=4.3.1<4.3.2 information-disclosure http://secunia.com/advisories/50433/ ffmpeg<20121028.1.0 multiple-vulnerabilities http://secunia.com/advisories/50468/ wireshark<1.6.10nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3548 wireshark>=1.8.0<1.8.2nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3548 py{25,26,27,31,32}-moin<1.9.5 remote-security-bypass http://secunia.com/advisories/50496/ openjdk7{,-bin}<1.7.8 multiple-vulnerabilities http://secunia.com/advisories/50133/ php{53,54}-concrete5<5.6.0 multiple-vulnerabilities http://secunia.com/advisories/50001/ xenkernel41<4.1.3 denial-of-service http://lists.xen.org/archives/html/xen-announce/2012-09/msg00000.html xenkernel41<4.1.3 denial-of-service http://lists.xen.org/archives/html/xen-announce/2012-09/msg00001.html xenkernel41<4.1.3 denial-of-service http://lists.xen.org/archives/html/xen-announce/2012-09/msg00002.html xenkernel41<4.1.3 denial-of-service http://lists.xen.org/archives/html/xen-announce/2012-09/msg00005.html xenkernel41<4.1.3 privilege-escalation http://lists.xen.org/archives/html/xen-announce/2012-09/msg00003.html qemu<1.2.0 privilege-escalation http://secunia.com/advisories/50461/ php{53,54}-tiki6>=8<8.5 unknown-impact http://secunia.com/advisories/50488/ mcrypt<2.6.8nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4409 webmin<1.600 multiple-vulnerabilities http://secunia.com/advisories/50512/ xenkernel41<4.1.3 privilege-escalation http://lists.xen.org/archives/html/xen-announce/2012-09/msg00008.html wordpress<3.4.2 remote-security-bypass http://wordpress.org/news/2012/09/wordpress-3-4-2/ freeradius>=2<2.1.12nb4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3547 openslp<1.2.1nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4428 tor<0.2.2.39 denial-of-service http://secunia.com/advisories/50578/ vino-[0-9]* information-disclosure http://secunia.com/advisories/50527/ isc-dhcp<4.2.4p2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3955 bacula<5.2.11 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2012-4430 apache>=2.2<2.2.23 multiple-vulnerabilities http://www.apache.org/dist/httpd/Announcement2.2.html bind>=9.6<9.6.3.1.ESV.7pl3 denial-of-service https://kb.isc.org/article/AA-00778 bind>=9.7<9.7.6pl3 denial-of-service https://kb.isc.org/article/AA-00778 bind>=9.8<9.8.3pl3 denial-of-service https://kb.isc.org/article/AA-00778 bind>=9.9<9.9.1pl3 denial-of-service https://kb.isc.org/article/AA-00778 dbus>=1.5<1.6.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3524 xmlrpc-c-ss>=1.26<1.32 denial-of-service http://secunia.com/advisories/50648/ moodle<2.1.8 multiple-vulnerabilities http://secunia.com/advisories/50588/ optipng<0.7.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4432 jenkins<1.466.2 multiple-vulnerabilities http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb gnupg<1.4.12 remote-spoofing http://secunia.com/advisories/50639/ gnupg2<2.0.19 remote-spoofing http://secunia.com/advisories/50639/ wordpress<3.5 cross-site-scripting http://secunia.com/advisories/50715/ ghostscript<8.71nb10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4405 ap{2,22}-rpaf<0.6 denial-of-service http://secunia.com/advisories/50400/ libxslt<1.1.27 multiple-vulnerabilities http://secunia.com/advisories/50864/ wireshark<1.8.3 multiple-vulnerabilities http://secunia.com/advisories/50843/ apache-tomcat-5.5.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages firefox10<10.0.8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.8 firefox<16 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox16 thunderbird10<10.0.8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.8 thunderbird<16 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird16 seamonkey<2.13 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.13 xulrunner<16 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-74.html xulrunner10<10.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-74.html bind>=9.6<9.6.3.1.ESV.7pl4 denial-of-service https://www.isc.org/software/bind/advisories/cve-2012-5166 bind>=9.7<9.7.7 denial-of-service https://www.isc.org/software/bind/advisories/cve-2012-5166 bind>=9.8<9.8.4 denial-of-service https://www.isc.org/software/bind/advisories/cve-2012-5166 bind>=9.9<9.9.2 denial-of-service https://www.isc.org/software/bind/advisories/cve-2012-5166 thunderbird10<10.0.9 security-bypass http://www.mozilla.org/security/announce/2012/mfsa2012-89.html firefox10<10.0.9 security-bypass http://www.mozilla.org/security/announce/2012/mfsa2012-89.html firefox<16.0.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox16.0.1 thunderbird<16.0.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird16.0.1 seamonkey<2.13.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.13.1 xulrunner<16.0.1 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-88.html adobe-flash-plugin<10.3.183.20 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-22.html adobe-flash-plugin>=11<11.2.202.243 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-22.html phpmyadmin>=3.5<3.5.3 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2012-6.php phpmyadmin>=3.5<3.5.3 man-in-the-middle-attack http://www.phpmyadmin.net/home_page/security/PMASA-2012-7.php xlockmore-lite>=5.0<5.38nb2 local-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4524 xlockmore-lite>=5.39<5.41 local-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4524 xlockmore>=5.0<5.38nb7 local-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4524 xlockmore>=5.39<5.41 local-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4524 awstats<7.1 cross-site-scripting http://awstats.sourceforge.net/docs/awstats_changelog.txt sun-{jdk,jre}6<6.0.36 multiple-vulnerabilities http://secunia.com/advisories/50949/ drupal>=7.0<7.16 multiple-vulnerabilities http://drupal.org/node/1815912 ruby18-base<1.8.7.370nb2 security-bypass http://www.ruby-lang.org/en/news/2012/10/12/cve-2012-4464-cve-2012-4466/ ruby193-base<1.9.3p286 security-bypass http://www.ruby-lang.org/en/news/2012/10/12/cve-2012-4464-cve-2012-4466/ ffmpeg<20121028.1.0 multiple-vulnerabilities http://secunia.com/advisories/50963/ ap{2,22}-modsecurity{,2}<2.7.0 remote-security-bypass http://secunia.com/advisories/49853/ openjdk7{,-bin}<1.7.8 multiple-vulnerabilities http://secunia.com/advisories/51029/ py{25,26,27,31,32}-django<1.4.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4520 tiff<4.0.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4447 tiff<4.0.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3401 tiff<4.0.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5581 suse{,32}_libtiff<12.1nb3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4447 viewvc<1.1.16 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4533 exim<4.80.1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5671 php{53,54}-tiki6<6.8 remote-system-access https://secunia.com/advisories/51067/ rt<3.8.15 multiple-vulnerabilities https://secunia.com/advisories/51062/ firefox<16.0.2 cross-site-scripting https://www.mozilla.org/security/announce/2012/mfsa2012-90.html firefox10<10.0.10 cross-site-scripting https://www.mozilla.org/security/announce/2012/mfsa2012-90.html seamonkey<2.13.2 cross-site-scripting https://www.mozilla.org/security/announce/2012/mfsa2012-90.html thunderbird<16.0.2 cross-site-scripting https://www.mozilla.org/security/announce/2012/mfsa2012-90.html thunderbird10<10.0.10 cross-site-scripting https://www.mozilla.org/security/announce/2012/mfsa2012-90.html RTFM<2.4.5 security-bypass https://secunia.com/advisories/51062/ webkit-gtk<1.8.3 multiple-vulnerabilities https://secunia.com/advisories/51070/ kdelibs4<4.10.2 multiple-vulnerabilities https://secunia.com/advisories/51097/ suse{,32}_gtk2<12.1nb4 multiple-vulnerabilities https://secunia.com/advisories/51170/ tiff<4.0.3nb1 buffer-overflow https://secunia.com/advisories/51133/ pgbouncer<1.5.3 denial-of-service https://secunia.com/advisories/51128/ mysql-server>=5.1<5.1.66 multiple-vulnerabilities http://secunia.com/advisories/51008/ mysql-server>=5.5<5.5.28 multiple-vulnerabilities http://secunia.com/advisories/51008/ libproxy<0.3.1nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4505 libproxy<0.3.1nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5580 wbm-passwd<1.605 cross-site-scripting https://secunia.com/advisories/51201/ typo3<4.5.21 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-005/ typo3>=4.6.0<4.6.14 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-005/ typo3>=4.7.0<4.7.6 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-005/ ruby193-base<1.9.3p327 security-bypass http://www.ruby-lang.org/en/news/2012/11/09/ruby19-hashdos-cve-2012-5371/ opera<12.10 multiple-vulnerabilities http://secunia.com/advisories/51183/ adobe-flash-plugin<10.3.183.43 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-22.html adobe-flash-plugin>=11<11.2.202.251 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-22.html apache-tomcat<5.5.36 multiple-vulnerabilities http://secunia.com/advisories/51138/ apache-tomcat>=6<6.0.36 multiple-vulnerabilities http://secunia.com/advisories/51138/ apache-tomcat>=7<7.0.30 multiple-vulnerabilities http://secunia.com/advisories/51138/ gegl<0.2.0nb7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4433 icedtea-web<1.2.2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4540 weechat<0.3.9.1 remote-system-access http://secunia.com/advisories/51231/ gajim<0.15.3 remote-spoofing http://secunia.com/advisories/51209/ roundup<1.4.20 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2012-6130 roundup<1.4.20 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2012-6131 roundup<1.4.20 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2012-6132 roundup<1.4.20 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2012-6133 xenkernel3-[0-9]* denial-of-service http://secunia.com/advisories/51200/ xenkernel33-[0-9]* denial-of-service http://secunia.com/advisories/51200/ xenkernel41<4.1.3nb1 denial-of-service http://secunia.com/advisories/51200/ xmlrpc-c-ss<1.16.42 unknown-impact http://xmlrpc-c.sourceforge.net/change_super_stable.html moodle<2.1.9 multiple-vulnerabilities http://secunia.com/advisories/51243/ openvas-server<3.0.4 remote-system-access http://secunia.com/advisories/49128/ mantis<1.2.12 sensitive-information-exposure http://secunia.com/advisories/51300/ weechat<0.3.9.2 remote-system-access http://secunia.com/advisories/51294/ horde<4.0.9 cross-site-scripting http://secunia.com/advisories/51233/ kronolith<3.0.18 cross-site-scripting http://secunia.com/advisories/51233/ firefox10<10.0.11 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.11 firefox<17 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox17 thunderbird10<10.0.11 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.11 thunderbird<17 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17 seamonkey<2.14 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.14 xulrunner<17 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-91.html xulrunner10<10.0.11 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-91.html opera<12.11 multiple-vulnerabilities http://secunia.com/advisories/51331/ lighttpd-1.4.31 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5533 php{53,54}-owncloud<4.5.2 multiple-vulnerabilities http://secunia.com/advisories/51357/ jenkins<1.480.1 multiple-vulnerabilities https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20 tor<0.2.3.25 denial-of-service http://secunia.com/advisories/51329/ libssh<0.53 multiple-vulnerabilities http://www.libssh.org/2012/11/20/libssh-0-5-3-security-release/ rssh<2.3.4 remote-security-bypass http://secunia.com/advisories/51343/ mediawiki<1.19.3 multiple-vulnerabilities http://secunia.com/advisories/51424/ wireshark<1.8.4 multiple-vulnerabilities http://secunia.com/advisories/51422/ dovecot>=2<2.1.11 denial-of-service http://secunia.com/advisories/51455/ mysql-server>=5.1<5.1.67 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5611 mysql-server>=5.5<5.5.29 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5611 mysql-server>=5.5<5.5.29 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5612 mysql-server>=5.1<5.5 valid-account-enumeration http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615 mysql-server>=5.5<5.6 valid-account-enumeration http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615 bind>=9.8<9.8.4pl1 denial-of-service https://kb.isc.org/article/AA-00828 bind>=9.9<9.9.2pl1 denial-of-service https://kb.isc.org/article/AA-00828 opera<12.12 multiple-vulnerabilities http://secunia.com/advisories/51462/ apache-tomcat>=7.0<7.0.31 multiple-vulnerabilities http://secunia.com/advisories/51425/ apache-tomcat>=6.0<6.0.35 multiple-vulnerabilities http://secunia.com/advisories/51425/ p5-Locale-Maketext<1.23 arbitrary-code-execution http://secunia.com/advisories/51498/ perl<5.14.2nb6 arbitrary-code-execution http://secunia.com/advisories/51498/ perl>=5.16.1<5.16.2nb1 arbitrary-code-execution http://secunia.com/advisories/51498/ bogofilter<1.2.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5468 xenkernel3-[0-9]* denial-of-service http://secunia.com/advisories/51397/ xenkernel33-[0-9]* denial-of-service http://secunia.com/advisories/51397/ xenkernel41<4.1.3nb2 denial-of-service http://secunia.com/advisories/51397/ gimp<2.8.2nb7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5576 mupdf<1.1 remote-system-access https://nvd.nist.gov/vuln/detail/CVE-2012-5340 adobe-flash-plugin<10.3.183.48 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-27.html adobe-flash-plugin>=11<11.2.202.258 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-27.html ffmpeg<20121209.1.0.1nb1 remote-system-access http://secunia.com/advisories/51464/ libxml2<2.9.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5134 suse{,32}_libxml2<12.1nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5134 squid<2.7.9nb5 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2012_1.txt squid>=3.1<3.1.23 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2012_1.txt drupal<6.27 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5651 drupal<6.27 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5652 drupal<6.27 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5653 drupal>=7.0<7.18 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5651 drupal>=7.0<7.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5653 isearch<1.47.01nb1 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2012-5663 nagios-base<3.4.4 arbitrary-code-execution http://secunia.com/advisories/51537/ tiff<4.0.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5581 qt4-libs<4.8.4 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5624 horde-3.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages imp-4.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages turba-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ingo-1.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages kronolith-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php{53,54,55}-tiki6<6.9 remote-system-access http://secunia.com/advisories/51650/ php{53,54}-owncloud<4.5.5 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5665 php{53,54}-owncloud<4.5.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5666 grep<2.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5667 freetype2<2.4.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5668 freetype2<2.4.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5669 freetype2<2.4.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5670 elinks>0.11<0.12rc6 remote-security-bypass http://bugzilla.elinks.cz/show_bug.cgi?id=1124 vlc<2.0.5 buffer-overflow http://secunia.com/advisories/51692/ gnupg<1.4.13 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6085 asterisk>=1.8<1.8.19.1 stack-overflow http://downloads.digium.com/pub/security/AST-2012-014.html asterisk>=10.0<10.11.1 stack-overflow http://downloads.digium.com/pub/security/AST-2012-014.html asterisk>=11.0<11.1.2 stack-overflow http://downloads.digium.com/pub/security/AST-2012-014.html asterisk>=1.8<1.8.19.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-015.html asterisk>=10.0<10.11.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-015.html asterisk>=11.0<11.1.2 denial-of-service http://downloads.digium.com/pub/security/AST-2012-015.html py{26,27}-moin<1.9.6 multiple-vulnerabilities http://secunia.com/advisories/51663/ swi-prolog<6.2.5 buffer-overflow http://secunia.com/advisories/51709/ rpm>=4.10.0<4.10.2 security-bypass http://secunia.com/advisories/51706/ ruby{18,19,193}-activerecord>3.0<3.0.18 sql-injection http://secunia.com/advisories/51697/ ruby{18,19,193}-activerecord>3.1<3.1.9 sql-injection http://secunia.com/advisories/51697/ ruby{18,19,193}-activerecord>3.2<3.2.10 sql-injection http://secunia.com/advisories/51697/ ruby{18,19,193}-activerecord>3.0<3.0.19 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155 ruby{18,19,193}-activerecord>3.1<3.1.10 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155 ruby{18,19,193}-activerecord>3.2<3.2.11 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155 ruby{18,19,193}-actionpack>=3<3.0.19 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155 ruby{18,19,193}-actionpack>=3.1<3.1.10 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155 ruby{18,19,193}-actionpack>=3.2<3.2.11 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155 ruby{18,19,193}-activesupport>=3<3.0.19 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0156 ruby{18,19,193}-activesupport>=3.1<3.1.10 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0156 ruby{18,19,193}-activesupport>=3.2<3.2.11 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0156 php{53,54}-concrete5<5.6.0.2nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5181 proftpd<1.3.4c privilege-elevation http://bugs.proftpd.org/show_bug.cgi?id=3841 jenkins<1.480.2 multiple-vulnerabilities http://secunia.com/advisories/51712/ nginx<1.7.0 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4968 firefox10<10.0.12 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.12 firefox<18 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox18 thunderbird10<10.0.12 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.12 thunderbird<17.0.2 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.2 seamonkey<2.15 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.15 xulrunner<18 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-01.html xulrunner10<10.0.12 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-01.html adobe-flash-plugin<10.3.183.50 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-01.html adobe-flash-plugin>=11<11.2.202.261 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-01.html freeradius<2.2.0 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4966 sun-{jdk,jre}7<7.0.11 remote-system-access http://secunia.com/advisories/51820/ xenkernel41<4.1.4 denial-of-service http://secunia.com/advisories/51734/ ettercap<0.7.5.2 remote-system-access http://secunia.com/advisories/51731/ ettercap-NG<0.7.5.2 remote-system-access http://secunia.com/advisories/51731/ acroread9<9.5.3 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-02.html gnupg2<2.0.19nb2 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6085 couchdb<1.2.1 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5649 couchdb<1.2.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5650 drupal<6.28 multiple-vulnerabilities http://drupal.org/SA-CORE-2013-001 drupal>=7.0<7.19 multiple-vulnerabilities http://drupal.org/SA-CORE-2013-001 ruby{18,193}-rack<1.2.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6109 ruby{18,193}-rack>=1.3<1.3.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6109 ruby{18,193}-rack>=1.4<1.4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6109 ruby{18,193}-rack<1.2.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0183 ruby{18,193}-rack>=1.3<1.3.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0183 ruby{18,193}-rack>=1.4<1.4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0183 ruby{18,193}-rack<1.2.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0184 ruby{18,193}-rack>=1.3<1.3.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0184 ruby{18,193}-rack>=1.4<1.4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0184 mysql-server>=5.1<5.1.67 multiple-vulnerabilities http://secunia.com/advisories/51894/ mysql-server>=5.5<5.5.29 multiple-vulnerabilities http://secunia.com/advisories/51894/ xentools41<4.1.4nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6075 atheme-[0-9]* denial-of-service http://secunia.com/advisories/51852/ mantis<1.2.13 cross-site-scripting http://secunia.com/advisories/51853/ moodle<2.3.4 multiple-vulnerabilities http://secunia.com/advisories/51842/ php{53,54}-owncloud<4.5.6 multiple-vulnerabilities http://secunia.com/advisories/51872/ suse{,32}_qt4<12.1nb1 man-in-the-middle-attack http://support.novell.com/security/cve/CVE-2012-4929.html suse{,32}_qt4<12.1nb1 remote-information-disclosure http://support.novell.com/security/cve/CVE-2012-5624.html suse{,32}_freetype2<12.1nb2 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2012-5668.html suse{,32}_freetype2<12.1nb2 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2012-5669.html py{25,26,27,31,32}-django-cms<2.3.5 script-insertion http://secunia.com/advisories/51953/ wordpress<3.5.1 multiple-vulnerabilities http://secunia.com/advisories/51967/ bind>=9.8<9.8.4pl1 denial-of-service https://kb.isc.org/article/AA-00855 bind>=9.9<9.9.2pl1nb2 denial-of-service https://kb.isc.org/article/AA-00855 ruby{18,19,193}-activesupport>=3<3.0.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0333 ruby{18,19,193}-activemodel>=3<3.0.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0333 ffmpeg>=20121018.1.0.0<20130121.1.0.2 multiple-vulnerabilities http://secunia.com/advisories/51964/ ffmpeg>=20130128.1.1.0<20130120.1.1.1 multiple-vulnerabilities http://secunia.com/advisories/51975/ libupnp<1.6.18 buffer-overflow http://secunia.com/advisories/51949/ libssh<0.54 null-dereference http://www.libssh.org/2013/01/22/libssh-0-5-4-security-release/ libvirt<1.0.2 arbitrary-code-execution http://secunia.com/advisories/52003/ wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-01.html wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-02.html wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-03.html wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-04.html wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-05.html wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-06.html wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-07.html wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-08.html wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-09.html opera<12.13 multiple-vulnerabilities http://secunia.com/advisories/52005/ vlc<2.0.5nb2 buffer-overflow http://secunia.com/advisories/51995/ ircd-hybrid<7.2.3nb6 denial-of-service http://secunia.com/advisories/51948/ latd>=1.25<1.31 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0251 samba<3.5.21 clickjacking http://www.samba.org/samba/security/CVE-2013-0213 samba>=3.6<3.6.12 clickjacking http://www.samba.org/samba/security/CVE-2013-0213 samba<3.5.21 cross-site-scripting http://www.samba.org/samba/security/CVE-2013-0214 samba>=3.6<3.6.12 cross-site-scripting http://www.samba.org/samba/security/CVE-2013-0214 miniupnpd<1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0229 samba<3.5 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages sun-{jdk,jre}6<6.0.39 multiple-vulnerabilities http://secunia.com/advisories/52064/ sun-{jdk,jre}7<7.0.13 multiple-vulnerabilities http://secunia.com/advisories/52064/ ruby193-base<1.9.3p385 cross-site-scripting http://www.ruby-lang.org/en/news/2013/02/06/rdoc-xss-cve-2013-0256/ ruby{18,19,193}-rdoc<3.12.1 cross-site-scripting http://www.ruby-lang.org/en/news/2013/02/06/rdoc-xss-cve-2013-0256/ ruby19-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools41<4.1.4nb4 denial-of-service http://secunia.com/advisories/52055/ xenkernel33-[0-9]* denial-of-service http://secunia.com/advisories/51881/ xenkernel41<4.1.3nb2 denial-of-service http://secunia.com/advisories/51881/ openssl<0.9.8y multiple-vulnerabilities http://www.openssl.org/news/secadv_20130205.txt openssl>=1.0.0<1.0.1d multiple-vulnerabilities http://www.openssl.org/news/secadv_20130205.txt qt4-libs<4.8.5 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0254 curl>=7.26.0<7.28.1nb3 remote-system-access http://secunia.com/advisories/52103/ openssl-1.0.1d{,nb1} data-corruption http://www.mail-archive.com/openssl-dev@openssl.org/msg32009.html ruby{18,193}-rack<1.2.8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0263 ruby{18,193}-rack>=1.3<1.3.10 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0263 ruby{18,193}-rack>=1.4<1.4.5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0263 ruby{18,193}-rack>=1.4<1.4.5 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0262 roundcube<0.8.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6121 postgresql83-server<8.3.23 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255 postgresql84-server<8.4.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255 postgresql90-server<9.0.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255 postgresql91-server<9.1.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255 postgresql92-server<9.2.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255 polarssl<1.2.5 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169 gnutls<3.0.28 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1619 ffmpeg<20130206.1.1.2 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0862 ffmpeg<20130206.1.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0863 ffmpeg<20130206.1.1.2 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0864 ffmpeg<20130206.1.1.2 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0865 ffmpeg<20130206.1.1.2 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0866 ffmpeg<20130206.1.1.2 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0867 ffmpeg<20130206.1.1.2 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0868 ffmpeg<20130206.1.1.2 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0869 ffmpeg010<0.10.7 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0868 ruby1{8,93}-puppet<2.7.1 multiple-vulnerabilities http://secunia.com/advisories/52127/ adobe-flash-plugin<10.3.183.51 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-04.html adobe-flash-plugin>=11<11.2.202.262 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-04.html ruby{18,193}-activerecord<3.1.11 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0276 ruby{18,193}-activerecord>3.2<3.2.12 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0276 ruby{18,193}-rails<3.1.0 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0277 ruby{18,193}-json<1.7.7 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0269 ruby{18,193}-json-pure<1.7.7 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0269 ruby193-base<1.9.3p385nb2 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0269 ganglia-webfrontend-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0275 adobe-flash-plugin<10.3.183.61 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-05.html adobe-flash-plugin>=11<11.2.202.270 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-05.html libpurple<2.10.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0271 libpurple<2.10.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0272 libpurple<2.10.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0273 libpurple<2.10.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0274 openjdk7{,-bin}<1.7.12 multiple-vulnerabilities http://secunia.com/advisories/52154/ sun-{jdk,jre}6-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages jenkins<1.480.3 multiple-vulnerabilities http://secunia.com/advisories/52236/ lighttpd<1.4.30 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929 lighttpd<1.4.30 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 firefox10-[0-9]* multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html firefox17<17.0.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.3 firefox<19 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox19 thunderbird10-[0-9]* multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html thunderbird<17.0.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.3 seamonkey<2.16 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.16 xulrunner10-[0-9]* arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-21.html xulrunner17<17.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-21.html xulrunner<19 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-21.html firefox10-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages thunderbird10-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xulrunner10-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages dbus-glib<0.100.1 privilege-escalation http://secunia.com/advisories/52225/ sun-{jdk,jre}6<6.0.41 multiple-vulnerabilities http://secunia.com/advisories/52257/ sun-{jdk,jre}7<7.0.15 multiple-vulnerabilities http://secunia.com/advisories/52257/ py{25,26,27,31,32}-django<1.4.4 multiple-vulnerabilities http://secunia.com/advisories/52243/ ruby193-base<1.9.3p392 denial-of-service http://www.ruby-lang.org/en/news/2013/02/22/rexml-dos-2013-02-22/ drupal>=7.0<7.20 denial-of-service http://drupal.org/SA-CORE-2013-002 geeklog<1.8.2.1 cross-site-scripting http://www.geeklog.net/article.php/geeklog-1.8.2sr1 acroread9<9.5.4 remote-system-access http://www.adobe.com/support/security/advisories/apsa13-02.html php{53,54}-owncloud<4.5.7 multiple-vulnerabilities http://secunia.com/advisories/52303/ hplip{,3}<3.11.10 multiple-vulnerabilities http://secunia.com/advisories/42956/ openjdk7{,-bin}<1.7.13 multiple-vulnerabilities http://secunia.com/advisories/52257/ php{53,54}-piwigo<2.4.7 cross-site-request-forgery http://secunia.com/advisories/52228/ bugzilla>=2.0<3.6.13 multiple-vulnerabilities http://secunia.com/advisories/52254/ bugzilla>=3.7.1<4.0.10 multiple-vulnerabilities http://secunia.com/advisories/52254/ bugzilla>=4.1.1<4.2.5 multiple-vulnerabilities http://secunia.com/advisories/52254/ bugzilla>=4.3.1<4.4rc2 multiple-vulnerabilities http://secunia.com/advisories/52254/ suse{,32}_openssl<12.1nb4 multiple-vulnerabilities http://secunia.com/advisories/52292/ apache-maven<3.0.5 man-in-the-middle-attack http://secunia.com/advisories/52381/ mit-krb5>=1.6.3<1.10.3nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1415 mit-krb5>=1.6.3<1.10.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1016 scmgit-base<1.8.1.4 man-in-the-middle-attack http://secunia.com/advisories/52361/ apache>=2.2<2.2.24 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499 apache>=2.2<2.2.24 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558 apache>=2.4.0<2.4.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499 apache>=2.4.0<2.4.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558 sudo<1.7.10p6 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1776 poppler<0.22.1 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1788 poppler<0.22.1 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1789 poppler<0.22.1 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1790 adobe-flash-plugin<10.3.183.67 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-08.html adobe-flash-plugin>=11<11.2.202.273 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-08.html libxml2<2.9.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0338 libxml2<2.9.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0339 openafs<1.6.2 multiple-vulnerabilities https://www.openafs.org/security/OPENAFS-SA-2013-001.txt openafs<1.6.2 denial-of-service https://www.openafs.org/security/OPENAFS-SA-2013-002.txt sun-{jdk,jre}6<6.0.43 multiple-vulnerabilities http://secunia.com/advisories/52451/ sun-{jdk,jre}7<7.0.17 multiple-vulnerabilities http://secunia.com/advisories/52451/ ffmpeg<20130223.1.1.3 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0872 ffmpeg<20130223.1.1.3 double-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0873 ffmpeg<20130223.1.1.3 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0874 ffmpeg<20130223.1.1.3 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0875 ffmpeg<20130223.1.1.3 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0876 ffmpeg<20130223.1.1.3 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0877 ffmpeg<20130223.1.1.3 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0878 ffmpeg<20130223.1.1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2276 ffmpeg<20130223.1.1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2277 ruby{18,193}-extlib<0.9.16 remote-system-access http://secunia.com/advisories/52440/ stunnel<4.55 multiple-vulnerabilities http://secunia.com/advisories/52460/ perl<5.16.2nb4 denial-of-service http://secunia.com/advisories/52472/ mediawiki<1.20.3 multiple-vulnerabilities http://secunia.com/advisories/52485/ typo3<4.5.24 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-001/ typo3>=4.6.0<4.6.17 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-001/ typo3>=4.7.0<4.7.9 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-001/ php53-soap<5.3.22 sensitive-information-exposure http://secunia.com/advisories/52377/ php54-soap<5.4.12 sensitive-information-exposure http://secunia.com/advisories/52377/ icu<50.1.1 unknown-impact http://secunia.com/advisories/52511/ suse{,32}_qt4<12.1nb3 local-security-bypass http://support.novell.com/security/cve/CVE-2013-0254.html openjdk7{,-bin}<1.7.16 multiple-vulnerabilities http://secunia.com/advisories/52490/ wireshark<1.8.6 denial-of-service http://secunia.com/advisories/52471/ firefox17<17.0.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.4 firefox<19.0.2 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox19.0.2 thunderbird<17.0.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.4 seamonkey<2.16.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.16.1 webkit-gtk<2.1.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0912 webkit-gtk3<2.1.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0912 adobe-flash-plugin<10.3.183.68 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb13-09.html adobe-flash-plugin>=11<11.2.202.275 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb13-09.html ffmpeg<20130315.1.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2495 ffmpeg<20130315.1.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2496 ffmpeg010<20150312.0.10.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2495 ffmpeg010<20150312.0.10.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2496 ruby1{8,9,93}-puppet<3.1.1 remote-code-execution http://puppetlabs.com/security/cve/CVE-2013-1640/ ruby1{8,9,93}-puppet<3.1.1 insufficient-input-validation http://puppetlabs.com/security/cve/CVE-2013-1652/ ruby1{8,9,93}-puppet<3.1.1 remote-code-execution http://puppetlabs.com/security/cve/CVE-2013-1653/ ruby1{8,9,93}-puppet<3.1.1 weak-cryptography http://puppetlabs.com/security/cve/CVE-2013-1654/ ruby193-puppet<3.1.1 remote-code-execution http://puppetlabs.com/security/cve/CVE-2013-1655/ ruby1{8,9,93}-puppet<2.6.18 remote-code-execution http://puppetlabs.com/security/cve/CVE-2013-2274/ ruby1{8,9,93}-puppet<3.1.1 remote-security-bypass http://puppetlabs.com/security/cve/CVE-2013-2275/ squid>=3.2<3.3.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1839 php{53,54}-owncloud<4.5.8 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1851 clamav<0.97.7 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2013-7088 clamav<0.97.7 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2013-7087 clamav<0.97.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2013-7089 ptlib<2.10.10 denial-of-service http://secunia.com/advisories/52659/ mysql-server>=5.1<5.1.70 denial-of-service http://secunia.com/advisories/52639/ mysql-server>=5.5<5.5.32 denial-of-service http://secunia.com/advisories/52639/ mysql-server>=5.6<5.6.12 denial-of-service http://secunia.com/advisories/52639/ ruby{18,19,193}-ruby-activerecord<3.2.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1854 ruby{18,19,193}-ruby-actionpack<3.2.13 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1855 ruby{18,19,193}-ruby-activesupport<3.2.13 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1856 ruby{18,19,193}-ruby-actionpack<3.2.13 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1857 djvulibre-lib<3.5.25.3 remote-code-execution http://secunia.com/advisories/52697/ ptlib<2.10.10 denial-of-service http://secunia.com/advisories/52659/ ganglia-webfrontend-[0-9]* cross-site-scripting http://secunia.com/advisories/52673/ py{25,26,27,31,32}-pip<1.3 insecure-temp-files http://secunia.com/advisories/52674/ x3270<3.3.12ga12 man-in-the-middle-attack http://secunia.com/advisories/52650/ mysql-client>=5.1<5.1.65 multiple-vulnerabilities http://secunia.com/advisories/52445/ mysql-server>=5.1<5.1.65 multiple-vulnerabilities http://secunia.com/advisories/52445/ mysql-client>=5.1<5.1.65 sensitive-information-exposure http://secunia.com/advisories/52669/ mysql-server>=5.1<5.1.65 sensitive-information-exposure http://secunia.com/advisories/52669/ tnftpd<20130322 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0418 se<3.0.1 local-command-inject http://se-editor.org/security/SE-SA-2013-001.txt asterisk>=11.0<11.2.2 buffer-overflow http://downloads.digium.com/pub/security/AST-2013-001.html asterisk>=1.8<1.8.20.2 denial-of-service http://downloads.digium.com/pub/security/AST-2013-002.html asterisk>=10.0<10.12.2 denial-of-service http://downloads.digium.com/pub/security/AST-2013-002.html asterisk>=11.0<11.2.2 denial-of-service http://downloads.digium.com/pub/security/AST-2013-002.html asterisk>=1.8<1.8.20.2 information-disclosure http://downloads.digium.com/pub/security/AST-2013-003.html asterisk>=10.0<10.12.2 information-disclosure http://downloads.digium.com/pub/security/AST-2013-003.html asterisk>=11.0<11.2.2 information-disclosure http://downloads.digium.com/pub/security/AST-2013-003.html moodle>=2.3<2.3.5 multiple-vulnerabilities http://secunia.com/advisories/52691/ moodle>=2.4<2.4.2 multiple-vulnerabilities http://secunia.com/advisories/52691/ libxslt<1.1.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6139 roundcube<0.8.6 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1904 bind>=9.7<9.7.7nb5 denial-of-service https://kb.isc.org/article/AA-00871 bind>=9.8<9.8.4pl2 denial-of-service https://kb.isc.org/article/AA-00871 bind>=9.9<9.9.2pl2 denial-of-service https://kb.isc.org/article/AA-00871 pixman<0.28.2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1591 ap{2,22}-modsecurity{,2}<2.7.3 sensitive-information-exposure http://secunia.com/advisories/52847/ firefox17<17.0.5 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.5 firefox<20 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox20 thunderbird<17.0.5 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.5 seamonkey<2.17 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.17 xulrunner17<17.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-30.html xulrunner<20 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-30.html samba>=3.6<3.6.5 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0454 postgresql83-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages postgresql84-server<8.4.17 multiple-vulnerabilities http://www.postgresql.org/about/news/1456/ postgresql90-server<9.0.13 multiple-vulnerabilities http://www.postgresql.org/about/news/1456/ postgresql91-server<9.1.9 multiple-vulnerabilities http://www.postgresql.org/about/news/1456/ postgresql92-server<9.2.4 multiple-vulnerabilities http://www.postgresql.org/about/news/1456/ opera<12.15 multiple-vulnerabilities http://secunia.com/advisories/52859/ haproxy<1.4.23 denial-of-service http://secunia.com/advisories/52725/ php{53,54}-owncloud<5.0.1 multiple-vulnerabilities http://secunia.com/advisories/52833/ mantis<1.2.15 cross-site-scripting http://secunia.com/advisories/52843/ mantis<1.2.14 cross-site-scripting http://secunia.com/advisories/52883/ xenkernel33-[0-9]* privilege-escalation http://secunia.com/advisories/52857/ xenkernel41<4.1.4nb2 privilege-escalation http://secunia.com/advisories/52857/ ap{2,22}-subversion<1.7.9 denial-of-service http://secunia.com/advisories/52966/ adobe-flash-plugin<10.3.183.75 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb13-11.html adobe-flash-plugin>=11<11.2.202.280 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb13-11.html php{53,54}-owncloud<5.0.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1942 php{53,54}-owncloud<5.0.4 weak-password-generator http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1941 php{53,54}-owncloud<5.0.4 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1939 curl<7.30 remote-information-disclosure http://secunia.com/advisories/53051/ suse{,32}_libcurl<12.1nb1 remote-information-disclosure http://support.novell.com/security/cve/CVE-2013-1944.html mediawiki<1.20.4 multiple-vulnerabilities http://secunia.com/advisories/53054/ qemu<1.4.1 local-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1922 mit-krb5<1.10.4nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1416 xenkernel41<4.1.4nb2 denial-of-service http://lists.xen.org/archives/html/xen-announce/2013-04/msg00005.html xenkernel41<4.1.4nb2 denial-of-service http://lists.xen.org/archives/html/xen-announce/2013-04/msg00006.html libxml2<2.9.0nb3 multiple-vulnerabilities http://secunia.com/advisories/53061/ suse{,32}_libxml2<12.1nb6 multiple-vulnerabilities http://support.novell.com/security/cve/CVE-2013-1969.html sun-{jdk,jre}6<6.0.45 multiple-vulnerabilities http://secunia.com/advisories/53008/ sun-{jdk,jre}7<7.0.21 multiple-vulnerabilities http://secunia.com/advisories/53008/ icedtea-web<1.2.3 multiple-vulnerabilities http://secunia.com/advisories/53109/ mysql-server>=5.1<5.1.69 multiple-vulnerabilities http://secunia.com/advisories/53022/ mysql-server>=5.5<5.5.31 multiple-vulnerabilities http://secunia.com/advisories/53022/ mysql-server>=5.6<5.6.11 multiple-vulnerabilities http://secunia.com/advisories/53022/ php{53,54}-owncloud<5.0.5 multiple-vulnerabilities http://secunia.com/advisories/53118/ libxmp<4.1.0 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1980 tinc<1.0.21 remote-system-access http://secunia.com/advisories/53108/ phpmyadmin<3.5.8 remote-system-access http://www.phpmyadmin.net/home_page/security/PMASA-2013-3.php phpmyadmin<3.5.8.1 remote-system-access http://www.phpmyadmin.net/home_page/security/PMASA-2013-2.php clamav<0.97.8 multiple-vulnerabilities http://secunia.com/advisories/53150/ mediawiki<1.20.5 multiple-vulnerabilities http://secunia.com/advisories/53284/ memcached<1.4.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4971 jenkins<1.509.1 multiple-vulnerabilities http://secunia.com/advisories/53286/ jenkins<1.514 multiple-vulnerabilities http://secunia.com/advisories/53286/ xenkernel41<4.1.6.1 denial-of-service http://secunia.com/advisories/53187/ nginx>=1.3.9<1.4.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2028 abcmidi<20130430 arbitrary-code-execution http://secunia.com/advisories/53318/ qemu<1.4.2 data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2007 telepathy-idle<0.1.16 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6746 mit-krb5<1.10.4nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2443 mit-krb5>=1.10.5<1.10.5nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2443 firefox17<17.0.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.6 firefox<21 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox21 thunderbird<17.0.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.6 xulrunner17<17.0.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-41.html xulrunner<21 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-41.html tiff<4.0.3nb3 multiple-vulnerabilities http://secunia.com/advisories/53237/ xenkernel41<4.1.6.1 denial-of-service http://secunia.com/advisories/53312/ apache-tomcat>=7<7.0.33 session-hijack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2067 apache-tomcat>=6<6.0.37 session-hijack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2067 apache-tomcat>=6<6.0.37 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544 adobe-flash-plugin<10.3.183.86 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-14.html adobe-flash-plugin>=11<11.2.202.280 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-14.html php{53,54}-owncloud<5.0.6 multiple-vulnerabilities http://secunia.com/advisories/53392/ ruby193-base<1.9.3p429 local-security-bypass http://secunia.com/advisories/53432/ acroread9<9.5.5 multiple-vulnerabilities https://www.adobe.com/support/security/bulletins/apsb13-15.html libvirt>1.0.0 denial-of-service http://secunia.com/advisories/53440/ wireshark<1.8.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2486 wireshark<1.8.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2487 wireshark<1.8.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2488 moodle<2.4.4 multiple-vulnerabilities http://secunia.com/advisories/52522/ dovecot>=2<2.2.2 denial-of-service http://secunia.com/advisories/53492/ suse{,32}_libtiff<12.1nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2013-1960.html suse{,32}_libtiff<12.1nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2013-1961.html xentools41<4.1.6.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2072 xentools42<4.2.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2072 rt<3.8.17 multiple-vulnerabilities http://secunia.com/advisories/53522/ rt>=4<4.0.13 multiple-vulnerabilities http://secunia.com/advisories/53522/ transifex-client<0.9 ssl-certificate-spoofing http://secunia.com/advisories/53413/ xf86-video-openchrome<0.3.3 buffer-overflow http://secunia.com/advisories/53424/ MesaLib<7.11.2nb3 multiple-vulnerabilities http://secunia.com/advisories/53558/ libXinerama<1.1.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1985 libXtst<1.2.2 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXxf86vm<1.1.3 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXvmc<1.0.8 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXxf86dga<1.1.4 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXext<1.3.2 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXfixes<5.0.1 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXp<1.0.2 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libFS<1.0.5 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXrender<0.9.8 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXrandr<1.4.1 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXt<1.1.4 multiple-vulnerabilities http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXres<1.0.7 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXv<1.0.8 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXcursor<1.1.14 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libxcb<1.9.1 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libX11<1.5.99.902 multiple-vulnerabilities http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libraw<0.15.2 remote-system-access http://secunia.com/advisories/53547/ ap{2,22}-modsecurity{,2}<2.7.4 denial-of-service http://secunia.com/advisories/53535/ apache<2.0.65 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862 apache>=2.2<2.2.24nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862 gnutls>=2.12.23<3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2116 telepathy-gabble<0.16.6 remote-security-bypass http://www.secunia.com/advisories/53626/ subversion-base<1.7.10 denial-of-service http://subversion.apache.org/security/CVE-2013-2112-advisory.txt subversion16-base<1.6.23 denial-of-service http://subversion.apache.org/security/CVE-2013-2112-advisory.txt subversion-base<1.7.10 denial-of-service http://subversion.apache.org/security/CVE-2013-1968-advisory.txt subversion16-base<1.6.23 denial-of-service http://subversion.apache.org/security/CVE-2013-1968-advisory.txt bind>=9.6.3.1.ESV.9<9.6.3.1.ESV.9pl1 denial-of-service https://kb.isc.org/article/AA-00967 bind>=9.8.5<9.8.5pl1 denial-of-service https://kb.isc.org/article/AA-00967 bind>=9.9.3<9.9.3pl1 denial-of-service https://kb.isc.org/article/AA-00967 suse{,32}<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_alsa<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_aspell<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_base<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_compat<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_expat<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_fontconfig<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_freetype2<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_glx<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_gtk2<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_krb5<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libcups<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libcurl<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libdrm<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libjpeg<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libpng<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libsigc++2<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libtiff<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libxml2<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_locale<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openmotif<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openssl<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_qt4<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_slang<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_x11<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php{53,54}-owncloud<5.0.7 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2149 php{53,54}-owncloud<5.0.7 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2150 php>=5.3<5.3.26 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2110 php>=5.4<5.4.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2110 MesaLib<10 memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1872 xenkernel41<4.1.6.1 multiple-vulnerabilities http://secunia.com/advisories/53591/ xenkernel42<4.2.3 multiple-vulnerabilities http://secunia.com/advisories/53591/ wireshark<1.8.8 multiple-vulnerabilities http://secunia.com/advisories/53762/ adobe-flash-plugin<10.3.183.90 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-16.html adobe-flash-plugin>=11<11.2.202.280 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-16.html wordpress<3.5.2 denial-of-service http://secunia.com/advisories/53676/ xenkernel20-[0-9]* privilege-escalation http://secunia.com/advisories/53686/ xenkernel3-[0-9]* privilege-escalation http://secunia.com/advisories/53686/ xenkernel33-[0-9]* privilege-escalation http://secunia.com/advisories/53686/ xenkernel41<4.1.6.1 privilege-escalation http://secunia.com/advisories/53686/ xenkernel42<4.2.3 privilege-escalation http://secunia.com/advisories/53686/ ffmpeg<20130510-1.2.1 multiple-vulnerabilities http://secunia.com/advisories/53825/ dbus<1.6.12 denial-of-service http://secunia.com/advisories/53317/ haproxy<1.4.24 denial-of-service http://secunia.com/advisories/53803/ firefox17<17.0.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.7 firefox<22 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox22 thunderbird<17.0.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.7 xulrunner17<17.0.7 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-49.html xulrunner<22 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-49.html acroread9-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xml-security-c<1.7.1 remote-spoofing http://santuario.apache.org/secadv.data/CVE-2013-2153.txt xml-security-c<1.7.1 arbitrary-code-execution http://santuario.apache.org/secadv.data/CVE-2013-2154.txt xml-security-c<1.7.1 denial-of-service http://santuario.apache.org/secadv.data/CVE-2013-2155.txt xml-security-c<1.7.1 arbitrary-code-execution http://santuario.apache.org/secadv.data/CVE-2013-2156.txt ffmpeg1<1.2.12 multiple-vulnerabilities http://secunia.com/advisories/53766/ ffmpeg010<20150312.0.10.16 multiple-vulnerabilities http://secunia.com/advisories/53766/ #ffmpeg2 not affected by http://secunia.com/advisories/53766/ sun-{jdk,jre}6<6.0.51 multiple-vulnerabilities http://secunia.com/advisories/53846/ sun-{jdk,jre}7<7.0.25 multiple-vulnerabilities http://secunia.com/advisories/53846/ openjdk7{,-bin}<1.7.25 multiple-vulnerabilities http://secunia.com/advisories/53846/ vlc<2.0.7 multiple-vulnerabilities http://www.videolan.org/vlc/releases/2.0.7.html xentools41<4.1.6.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2211 xentools42<4.2.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2211 curl>=7.7<7.30.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2174 xml-security-c<1.7.2 arbitrary-code-execution http://santuario.apache.org/secadv.data/CVE-2013-2210.txt xenkernel41<4.1.6.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1432 xenkernel42<4.2.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1432 ruby18-base<1.8.7.374 remote-spoofing http://www.ruby-lang.org/en/news/2013/06/27/hostname-check-bypassing-vulnerability-in-openssl-client-cve-2013-4073/ ruby193-base<1.9.3p448 remote-spoofing http://www.ruby-lang.org/en/news/2013/06/27/hostname-check-bypassing-vulnerability-in-openssl-client-cve-2013-4073/ ruby18-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gallery-1.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gallery<3.0.8 cross-site-scripting http://secunia.com/advisories/53664/ gallery<3.0.9 unknown http://secunia.com/advisories/53964/ libzrtpcpp<3.2.0 multiple-vulnerabilities http://secunia.com/advisories/53818/ ruby1{8,9,93}-puppet<3.2.2 remote-system-access http://puppetlabs.com/security/cve/CVE-2013-3567/ libvirt<1.1.0 denial-of-service http://secunia.com/advisories/53969/ salt<0.15.1 multiple-vulnerabilities http://secunia.com/advisories/53958/ libXi<1.7.2 multiple-vulnerabilities http://www.debian.org/security/2013/dsa-2683 mantis<1.2.15 multiple-vulnerabilities http://www.mantisbt.org/blog/?p=249 quagga<0.99.22.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2236 suse{,32}_libcurl<13.1 remote-system-access http://support.novell.com/security/cve/CVE-2013-2174.html libkdcraw-[0-9]* remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2126 suse{,32}_x11<13.1 remote-system-access http://support.novell.com/security/cve/CVE-2013-2062.html suse{,32}_x11<13.1 remote-system-access http://support.novell.com/security/cve/CVE-2013-1981.html suse{,32}_x11<13.1 remote-system-access http://support.novell.com/security/cve/CVE-2013-1997.html suse{,32}_x11<13.1 remote-system-access http://support.novell.com/security/cve/CVE-2013-2004.html ffmpeg1<1.2.12 multiple-vulnerabilities http://secunia.com/advisories/54044/ ffmpeg010<20150312.0.10.16 multiple-vulnerabilities http://secunia.com/advisories/54044/ #ffmpeg2 not affected by http://secunia.com/advisories/54044/ subversion16{,-base}-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages adove-flash-plugin-10.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages adobe-flash-plugin>=11<11.2.202.297 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-17.html vlc<2.0.8 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3245 libxml2>2.8.0<2.9.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2877 squid<3.3.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4115 php<5.3.27 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4113 nagstamon<0.9.10 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4114 squid<3.3.8 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2013_3.txt apache<2.2.25 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1896 apache-ant<1.9.2 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1571 ffmpeg1<1.2.12 multiple-vulnerabilities http://secunia.com/advisories/54164/ ffmpeg010<20150312.0.10.16 multiple-vulnerabilities http://secunia.com/advisories/54164/ ffmpeg2<2.1 multiple-vulnerabilities http://secunia.com/advisories/54164/ moodle<2.5.1 multiple-vulnerabilities http://secunia.com/advisories/54130/ cyrus-saslauthd<2.1.26nb2 denial-of-service http://secunia.com/advisories/54098/ php{53,54,55}-tiki6<6.12 multiple-vulnerabilities http://secunia.com/advisories/54149/ openoffice3-[0-9]* remote-system-access http://secunia.com/advisories/54133/ openoffice3-bin-[0-9]* remote-system-access http://secunia.com/advisories/54133/ openafs<1.6.5 sensitive-information-exposure http://www.openafs.org/pages/security/OPENAFS-SA-2013-004.txt openafs>=1.7<1.7.26 sensitive-information-exposure http://www.openafs.org/pages/security/OPENAFS-SA-2013-004.txt xenkernel33-[0-9]* denial-of-service http://secunia.com/advisories/53797/ xenkernel41-[0-9]* denial-of-service http://secunia.com/advisories/53797/ xenkernel42<4.2.4 denial-of-service http://secunia.com/advisories/53797/ libvirt-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/54169/ apache>=2.4<2.4.6 multiple-vulnerabilities http://secunia.com/advisories/54241/ php>=5.4<5.4.17nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4113 icedtea-web<1.5prenb3 multiple-vulnerabilities http://secunia.com/advisories/53846/ minidlna<1.1.0 sql-injection http://secunia.com/advisories/54127/ wireshark<1.8.9 multiple-vulnerabilities http://secunia.com/advisories/54296/ wireshark>=1.9<1.10.1 multiple-vulnerabilities http://secunia.com/advisories/54296/ phpmyadmin<3.5.8.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-9.php phpmyadmin>=4<4.0.4.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-9.php phpmyadmin>=4<4.0.4.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-13.php phpmyadmin<=3.5.8.2 sql-injection http://www.phpmyadmin.net/home_page/security/PMASA-2013-15.php phpmyadmin>=4<4.0.4.2 sql-injection http://www.phpmyadmin.net/home_page/security/PMASA-2013-15.php bind>=9.8<9.8.5pl2 denial-of-service https://kb.isc.org/article/AA-01016 bind>=9.9<9.9.3pl2 denial-of-service https://kb.isc.org/article/AA-01016 py{26,27,32,33}-django<1.6 sensitive-information-exposure http://secunia.com/advisories/54197/ gnupg<1.4.14 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4242 libgcrypt<1.5.3 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4242 typo3<4.5.29 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-002/ typo3>=4.7<4.7.14 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-002/ typo3>=6.0<6.0.8 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-002/ typo3>=6.1<6.1.3 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-002/ libvirt-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4153 libvirt-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4154 apache-2.0.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages samba<3.5.22 denial-of-service http://www.samba.org/samba/security/CVE-2013-4124 samba>3.6<3.6.17 denial-of-service http://www.samba.org/samba/security/CVE-2013-4124 putty<0.62nb10 heap-overflow http://secunia.com/advisories/54354/ php{53,54}-owncloud<5.0.8 cross-site-scripting http://secunia.com/advisories/54357/ firefox<23 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox23 firefox17<17.0.8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.8 thunderbird<17.0.8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.8 seamonkey<2.20 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.20 xulrunner17<17.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-63.html xulrunner<23 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-63.html cacti<0.8.8b sql-injection http://secunia.com/advisories/54386/ filezilla<3.7.2 multiple-vulnerabilities http://secunia.com/advisories/54415/ libmodplug<0.8.8.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4233 libmodplug<0.8.8.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4234 vlc<2.0.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4233 vlc<2.0.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4234 vlc<2.0.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4388 chrony<1.29 multiple-vulnerabilities http://secunia.com/advisories/54385/ polarssl<1.2.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4623 dovecot>=2<2.2.5 denial-of-service http://secunia.com/advisories/54438/ libvirt-[0-9]* denial-of-service http://secunia.com/advisories/54400/ python26<2.6.8nb4 ssl-certificate-spoofing http://secunia.com/advisories/54393/ python27<2.7.5nb1 ssl-certificate-spoofing http://secunia.com/advisories/54393/ python32-[0-9]* ssl-certificate-spoofing http://secunia.com/advisories/54393/ python33<3.3.3 ssl-certificate-spoofing http://secunia.com/advisories/54393/ php>=5.3<5.3.27nb2 ssl-certificate-spoofing http://secunia.com/advisories/54480/ php>=5.4<5.4.17nb1 ssl-certificate-spoofing http://secunia.com/advisories/54480/ php>=5.5<5.5.1nb1 ssl-certificate-spoofing http://secunia.com/advisories/54480/ ruby193-puppet<3.2.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4761 phpmyadmin<4.0.5 clickjacking-attack http://www.phpmyadmin.net/home_page/security/PMASA-2013-10.php py{26,27,32,33}-django>=1.5<1.5.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4249 py{26,27,32,33}-django<1.4.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4249 xenkernel33-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-59.html xenkernel41-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-59.html xenkernel42<4.2.5 denial-of-service http://xenbits.xenproject.org/xsa/advisory-59.html ffmpeg1<1.2.12 denial-of-service http://secunia.com/advisories/54389/ ffmpeg010<20150312.0.10.16 denial-of-service http://secunia.com/advisories/54389/ ffmpeg2<2.1 denial-of-service http://secunia.com/advisories/54389/ py{26,27,32,33}-graphite-web<0.9.11 remote-system-access http://secunia.com/advisories/54556/ ffmpeg2<2.0.1 denial-of-service http://secunia.com/advisories/54541/ ruby1{8,9,93}-puppet<3.2.4 multiple-vulnerabilities http://secunia.com/advisories/54623/ cacti<0.8.8b multiple-vulnerabilities http://secunia.com/advisories/54531/ asterisk>=1.8.17<1.8.23.1 denial-of-service http://downloads.digium.com/pub/security/AST-2013-004.html asterisk>=11.0<11.5.1 denial-of-service http://downloads.digium.com/pub/security/AST-2013-004.html asterisk>=1.8<1.8.23.1 denial-of-service http://downloads.digium.com/pub/security/AST-2013-005.html asterisk>=10.0<10.12.3 information-disclosure http://downloads.digium.com/pub/security/AST-2013-005.html asterisk>=11.0<11.5.1 denial-of-service http://downloads.digium.com/pub/security/AST-2013-005.html roundcube<0.9.3 cross-site-scripting http://secunia.com/advisories/54536/ tiff<4.0.3nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4231 tiff<4.0.3nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4232 tiff<4.0.3nb6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4243 ImageMagick<6.7.8.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4298 mediawiki<1.21.2 multiple-vulnerabilities http://secunia.com/advisories/54715/ mediawiki<1.21.2 remote-security-bypass http://secunia.com/advisories/54723/ ansible<1.2.3 symlink-attack http://secunia.com/advisories/54686/ typo3>=6.0<6.0.9 remote-security-bypass http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-003/ typo3>=6.1<6.1.4 remote-security-bypass http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-003/ py{26,27,32,33}-OpenSSL<0.13.1 information-disclosure http://secunia.com/advisories/54691/ moodle<2.5.2 multiple-vulnerabilities http://secunia.com/advisories/54693/ wireshark<1.10.2 multiple-vulnerabilities http://secunia.com/advisories/54765/ adobe-flash-plugin<11.2.202.310 system-compromise http://www.adobe.com/support/security/bulletins/apsb13-21.html wordpress<3.6.1 multiple-vulnerabilities http://secunia.com/advisories/54803/ py{26,27,32,33}-django>=1.5<1.5.3 sensitive-information-disclosure http://secunia.com/advisories/54772/ py{26,27,32,33}-django<1.4.7 sensitive-information-disclosure http://secunia.com/advisories/54772/ xentools41<4.1.6.1 denial-of-service http://secunia.com/advisories/54593/ xentools42<4.2.3 denial-of-service http://secunia.com/advisories/54593/ py{26,27,32,33}-django>=1.5<1.5.4 denial-of-service http://secunia.com/advisories/54815/ py{26,27,32,33}-django<1.4.8 denial-of-service http://secunia.com/advisories/54815/ ffmpeg2<2.1 multiple-vulnerabilities http://secunia.com/advisories/54857/ firefox<24 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox24 firefox17<17.0.9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.9 thunderbird<17.0.9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird17.0.9 seamonkey<2.21 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.21 xulrunner17<17.0.9 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-76.html xulrunner<24 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-76.html mplayer<1.1.1 remote-data-manipulation http://secunia.com/advisories/54871/ hplip<3.13.10 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4325 polkit<0.112 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4288 ffmpeg2<2.1 multiple-vulnerabilities http://secunia.com/advisories/54921/ libvirt-0.[0-9]* denial-of-service http://secunia.com/advisories/54804/ ffmpeg2<2.1.4 denial-of-service http://secunia.com/advisories/54972/ ffmpeg2<2.1.4 denial-of-service http://secunia.com/advisories/54967/ ruby1{8,9,93}-rubygems<2.0.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4363 ruby193-base<1.9.3p448nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4363 ruby200-base<2.0.0p247nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4363 ffmpeg2<2.1.4 multiple-vulnerabilities http://secunia.com/advisories/55122/ vino<3.9.92 denial-of-service http://secunia.com/advisories/54995/ xenkernel41<4.1.6.1nb1 information-leak http://secunia.com/advisories/54838/ xenkernel42<4.2.4 information-leak http://secunia.com/advisories/54838/ xenkernel33-[0-9]* information-leak http://secunia.com/advisories/54838/ librsvg<2.36.4nb6 information-disclosure http://secunia.com/advisories/55088/ gnupg<1.4.15 denial-of-service http://secunia.com/advisories/55071/ gnupg2<2.0.22 denial-of-service http://secunia.com/advisories/55071/ dropbear<2013.59 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-4421 dropbear<2013.59 username-enumeration https://nvd.nist.gov/vuln/detail/CVE-2013-4434 nss<3.15.2 uninitialized-memory-read http://secunia.com/advisories/55050/ libtar-[0-9]* data-manipulation http://secunia.com/advisories/55138/ libvirt-1.[0-9]* denial-of-service http://secunia.com/advisories/55202/ libtar<1.2.20 arbitrary-code-execution http://secunia.com/advisories/55188/ ap{2,22}-fcgid<2.3.9 buffer-overflow http://secunia.com/advisories/55197/ vino<3.9.92 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5745 libvirt-1.[0-9]* multiple-vulnerabilities http://secunia.com/advisories/54786/ isync<1.0.6 man-in-the-middle-attack http://secunia.com/advisories/55190/ xentools42<4.2.4 denial-of-service http://secunia.com/advisories/55229/ xentools42<4.2.4 denial-of-service http://secunia.com/advisories/55239/ modular-xorg-server<1.12.4nb3 system-compromise http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4396 polarssl<1.2.9 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5915 ffmpeg2<2.1.4 multiple-vulnerabilities http://secunia.com/advisories/55293/ py{26,27,32,33}-scipy<0.12.1 privilege-escalation http://secunia.com/advisories/55256/ opera<12.16 unknown-impact http://www.opera.com/docs/changelogs/unified/1216/ sun-{jdk,jre}6<6.0.65 multiple-vulnerabilities http://secunia.com/advisories/55315/ sun-{jdk,jre}7<7.0.45 multiple-vulnerabilities http://secunia.com/advisories/55315/ openjdk7{,-bin}<1.7.45 multiple-vulnerabilities http://secunia.com/advisories/55315/ icu<51.2nb1 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2924 ruby1{8,9,93}-actionmailer<3.2.15 denial-of-service http://secunia.com/advisories/55240/ openldap-server<2.4.39nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4449 mysql-server>=5.1<5.1.71 multiple-vulnerabilities http://secunia.com/advisories/55327/ mysql-server>=5.5<5.5.33 multiple-vulnerabilities http://secunia.com/advisories/55327/ mysql-server>=5.6<5.6.13 multiple-vulnerabilities http://secunia.com/advisories/55327/ nodejs<0.10.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4450 ffmpeg2<2.2.1 denial-of-service http://secunia.com/advisories/55234/ roundcube<0.9.5 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6172 ffmpeg2<2.2.1 denial-of-service http://secunia.com/advisories/55460/ mantis<1.2.16 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4460 firefox<25 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox25 firefox24<24.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.1 firefox17<17.0.10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.10 thunderbird<17.0.10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird17.0.10 seamonkey<2.22 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.22 xulrunner17<17.0.10 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-93.html xulrunner<25 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-93.html poppler-utils<0.24.3 format-string http://secunia.com/advisories/55258/ php{53,54,55}-tiki6<6.13 multiple-vulnerabilities http://secunia.com/advisories/55403/ varnish<3.0.5 denial-of-service http://secunia.com/advisories/55452/ ffmpeg2<2.2.1 denial-of-service http://secunia.com/advisories/55504/ wireshark<1.10.3 multiple-vulnerabilities http://secunia.com/advisories/55492/ xenkernel41-[0-9]* denial-of-service http://secunia.com/advisories/55200/ xenkernel42<4.2.4 denial-of-service http://secunia.com/advisories/55200/ xenkernel33-[0-9]* denial-of-service http://secunia.com/advisories/55200/ python26-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages openssh>=6.2<6.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4548 samba<3.6.20 security-bypass http://www.samba.org/samba/security/CVE-2013-4475 samba>=4<4.1.1 security-bypass http://www.samba.org/samba/security/CVE-2013-4475 samba>=4<4.1.1 sensitive-information-exposure http://www.samba.org/samba/security/CVE-2013-4476 xenkernel41-[0-9]* denial-of-service http://secunia.com/advisories/55398/ xenkernel42<4.2.4 denial-of-service http://secunia.com/advisories/55398/ blender<2.71 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5105 freeradius<2.2.0 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3547 adobe-flash-plugin<11.2.202.327 remote-system-access http://www.adobe.com/support/security/bulletins/apsb13-26.html libjpeg-turbo<1.3.1 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6629 lighttpd<1.4.34 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4559 salt<0.17.1 multiple-vulnerabilities http://secunia.com/advisories/55625/ mit-krb5<1.10.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1418 mit-krb5<1.10.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6800 mediawiki<1.21.3 multiple-vulnerabilities http://secunia.com/advisories/55743/ nss<3.15.3 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1741 nss<3.14.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5605 nss<3.15.3 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5606 drupal<6.29 multiple-vulnerabilities https://drupal.org/SA-CORE-2013-003 drupal>=7.0<7.24 multiple-vulnerabilities https://drupal.org/SA-CORE-2013-003 python26<2.6.9 multiple-vulnerabilities http://www.python.org/getit/releases/2.6.9/ nginx>=0.8.41<1.4.4 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4547 nginx>=1.5<1.5.7 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4547 ruby193-base<1.9.3p484 arbitrary-code-execution https://www.ruby-lang.org/en/news/2013/11/22/heap-overflow-in-floating-point-parsing-cve-2013-4164/ ruby200-base<2.0.0p353 arbitrary-code-execution https://www.ruby-lang.org/en/news/2013/11/22/heap-overflow-in-floating-point-parsing-cve-2013-4164/ dovecot>=2<2.2.7 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6171 unrealircd<3.2.10.2 multiple-vulnerabilities http://secunia.com/advisories/55839/ moodle<2.5.3 multiple-vulnerabilities http://secunia.com/advisories/55835/ thunderbird<24.1.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.1.1 jetty<7.6.14 remote-security-bypass http://secunia.com/advisories/55861/ subversion{,-base}<1.8.5 remote-security-bypass http://secunia.com/advisories/55855/ php{53,54,55}-owncloud<5.0.13 remote-security-bypass http://secunia.com/advisories/55792/ xenkernel42<4.2.4 privilege-escalation http://secunia.com/advisories/55650/ ffmpeg2<2.1 multiple-vulnerabilities http://secunia.com/advisories/55802/ openttd<1.3.3 denial-of-service http://secunia.com/advisories/55589/ ganglia-webfrontend-[0-9]* cross-site-scripting http://secunia.com/advisories/55854/ links{,-gui}<2.8 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6050 gimp<2.8.10nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1978 pixman<0.32.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6425 ruby{193,200}-i18n<0.6.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4492 libmicrohttpd<0.9.32 multiple-vulnerabilities http://secunia.com/advisories/55903/ ffmpeg1<1.2.12 multiple-vulnerabilities http://secunia.com/advisories/55946/ ffmpeg010<20140629.0.10.14 multiple-vulnerabilities http://secunia.com/advisories/55946/ ffmpeg2<2.2 multiple-vulnerabilities http://secunia.com/advisories/55946/ openjpeg<1.5.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1447 openjpeg<1.5.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6045 openjpeg<1.5.2 information-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6052 openjpeg<1.5.2 information-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6053 openjpeg<1.5.2 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6054 openjpeg<1.5.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6887 xenkernel42<4.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6885 xenkernel41<4.1.6.1nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6885 typo3<4.5.32 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/ typo3>=4.7<4.7.17 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/ typo3>=6.0<6.0.12 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/ typo3>=6.1<6.1.7 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/ gimp<2.8.10nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1913 libwebp<0.2.1 remote-system-access http://secunia.com/advisories/55951/ xenkernel42<4.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6400 firefox17<17.0.10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.10 thunderbird17-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages thunderbird17-[0-9]* multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.2 thunderbird<24.2 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.2 seamonkey<2.23 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.23 xulrunner17-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xulrunner17-[0-9]* arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-104.html xulrunner24<24.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-104.html xulrunner<26 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-104.html modular-xorg-server<1.12.4nb7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6424 adobe-flash-plugin<11.2.202.332 remote-system-access http://www.adobe.com/support/security/bulletins/apsb13-28.html samba>=3.4.0<3.6.22 buffer-overflow http://www.samba.org/samba/security/CVE-2013-4408 samba>=4<4.1.3 buffer-overflow http://www.samba.org/samba/security/CVE-2013-4408 net-snmp<5.7.2nb5 denial-of-service http://secunia.com/advisories/55804/ ruby{193,200}-rails<3.2.16 multiple-vulnerabilities http://secunia.com/advisories/55864/ php>=5.3<5.3.28 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420 php>=5.4<5.4.23 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420 php>=5.5<5.5.7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420 asterisk>=1.8<1.8.24.1 denial-of-service http://downloads.digium.com/pub/security/AST-2013-006.html asterisk>=10.0<10.12.4 denial-of-service http://downloads.digium.com/pub/security/AST-2013-006.html asterisk>=11.0<11.6.1 denial-of-service http://downloads.digium.com/pub/security/AST-2013-006.html asterisk>=1.8<1.8.24.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2013-007.html asterisk>=10.0<10.12.4 privilege-escalation http://downloads.digium.com/pub/security/AST-2013-007.html asterisk>=11.0<11.6.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2013-007.html asterisk>=10<11 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php{53,54,55}-piwigo-[0-9]* cross-site-scripting http://secunia.com/advisories/56099/ wireshark<1.10.4 denial-of-service http://secunia.com/advisories/56097/ qt4-libs<4.8.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4549 gnumeric<1.12.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6836 firefox<26 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox26 firefox24<24.2 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.2 gnupg<1.4.16 information-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4576 py{33,32,27,26}-denyhosts<2.6nb4 denial-of-service http://seclists.org/oss-sec/2013/q4/535 libvirt-[0-9]* denial-of-service http://secunia.com/advisories/56245/ ruby{193,200}-will-paginate<3.0.5 cross-site-scripting http://secunia.com/advisories/56180/ ruby{193,200}-nokogiri<1.5.11 denial-of-service http://secunia.com/advisories/56179/ ruby{19,193,200}-puppet<3.4.1 insecure-temp-file http://secunia.com/advisories/56253/ icinga-base<1.8.5 multiple-vulnerabilities https://www.icinga.org/2013/12/17/icinga-security-releases-1-10-2-1-9-4-1-8-5/ memcached<1.4.17 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7239 poppler<0.24.5 denial-of-service http://secunia.com/advisories/56268/ openssl<1.0.1f denial-of-service http://secunia.com/advisories/56286/ graphviz<2.34.0nb4 buffer-overflow http://secunia.com/advisories/55666/ mapserver<6.4.1 arbitrary-sql-injection http://secunia.com/advisories/56155/ nagios-base-<3.5.0nb2 denial-of-service http://secunia.com/advisories/55976/ p5-Proc-Daemon<0.14nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7135 libXfont>=1.1<1.4.6nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6462 kwallet<4.12 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7252 freerdp-[0-9]* unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0791 ntp<4.2.7p26 traffic-amplification http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5211 flite<2.1 local-symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0027 libvirt-[0-9]* denial-of-service http://secunia.com/advisories/56186/ ffmpeg2<2.2.1 multiple-vulnerabilities http://secunia.com/advisories/56352/ py{33,32,27,26}-jinja2<2.7.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1402 bind<9.6.3.1.ESV.10pl2 denial-of-service https://kb.isc.org/article/AA-01078 bind>=9.7<9.8.6pl2 denial-of-service https://kb.isc.org/article/AA-01078 bind>=9.9<9.9.4pl2 denial-of-service https://kb.isc.org/article/AA-01078 suse{,32}_openssl<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2013-6449.html suse{,32}_openssl<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2013-6450.html nss<3.15.4 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1740 libxslt<1.1.25 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4520 sun-{jdk,jre}7<7.0.51 multiple-vulnerabilities http://secunia.com/advisories/56485/ openjdk7{,-bin}<1.7.51 multiple-vulnerabilities http://secunia.com/advisories/56485/ libvirt-[0-9]* denial-of-service http://secunia.com/advisories/56321/ suse{,32}_x11<13.1nb3 privilege-escalation http://support.novell.com/security/cve/CVE-2013-6462.html ejabberd<2.1.12 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6169 ffmpeg2<2.2.1 denial-of-service http://secunia.com/advisories/56414/ drupal<6.30 multiple-vulnerabilities https://drupal.org/SA-CORE-2014-001 drupal>=7.0<7.26 multiple-vulnerabilities https://drupal.org/SA-CORE-2014-001 ffmpeg2<2.2.1 denial-of-service http://secunia.com/advisories/56525/ moodle<2.5.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0009 moodle<2.5.4 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0010 mediawiki<1.21.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-6451 mediawiki<1.21.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-6452 mediawiki<1.21.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2013-6453 mediawiki<1.21.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-6454 mediawiki<1.21.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2013-6472 mysql-server>=5.1<5.1.73 multiple-vulnerabilities http://secunia.com/advisories/56491/ mysql-server>=5.5<5.5.35 multiple-vulnerabilities http://secunia.com/advisories/56491/ mysql-server>=5.6<5.6.15 multiple-vulnerabilities http://secunia.com/advisories/56491/ jenkins-[0-9]* script-insertion http://secunia.com/advisories/56152/ hplip<3.14.1 multiple-vulnerabilities http://secunia.com/advisories/53644/ mupdf<1.3nb2 buffer-overflow http://secunia.com/advisories/56538/ xenkernel42<4.2.4 memory-corruption http://lists.xen.org/archives/html/xen-announce/2014-01/msg00001.html xenkernel41<4.1.6.1nb6 denial-of-service http://lists.xen.org/archives/html/xen-announce/2014-01/msg00002.html xenkernel42<4.2.4 denial-of-service http://lists.xen.org/archives/html/xen-announce/2014-01/msg00002.html contao211<2.11.14 php-object-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1860 contao31-[0-9]* php-object-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1860 contao32<3.2.5 php-object-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1860 libyaml<0.1.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6393 p5-YAML-LibYAML<0.41nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6393 firefox17-[0-9]* multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.1 firefox17-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages firefox24<24.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.3 firefox<27 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox27 thunderbird<24.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.3 seamonkey<2.24 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.24 xulrunner24<24.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2014-01.html xulrunner<27 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2014-01.html libpurple<2.10.8 multiple-vulnerabilities http://secunia.com/advisories/56693/ VLC<2.1.2 remote-system-access http://secunia.com/advisories/56676/ adobe-flash-plugin<11.2.202.335 remote-system-access http://www.adobe.com/support/security/bulletins/apsb14-02.html adobe-flash-plugin<11.2.202.336 remote-system-access http://www.adobe.com/support/security/bulletins/apsb14-04.html curl>=7.10.6<7.35.0 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0015 mpg123>1.14<1.18.0 remote-system-access http://secunia.com/advisories/56729/ apache-tomcat>=6<6.0.39 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1571 mysql-client<5.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0001 mysql-client>5.5<5.5.37 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0001 mysql-client>5.6<5.6.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0001 mediawiki<1.21.5 multiple-vulnerabilities http://secunia.com/advisories/56695/ ruby{19,193,200}-puppet<3.1.2 denial-of-service http://secunia.com/advisories/56670/ py{33,32,27,26}-denyhosts<2.6nb5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6890 python27<2.7.6nb1 remote-system-access http://secunia.com/advisories/56624/ python31-[0-9]* remote-system-access http://secunia.com/advisories/56624/ python32-[0-9]* remote-system-access http://secunia.com/advisories/56624/ python33<3.3.3nb1 remote-system-access http://secunia.com/advisories/56624/ python31-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages horde-[0-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1691 apache-tomcat>=7<7.0.51 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050 ap{2,22,24}-subversion<1.8.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0032 python32-[0-9]* denial-of-service http://secunia.com/advisories/56627/ python33<3.3.4 denial-of-service http://secunia.com/advisories/56627/ py{33,32,27,26}-logilab-common-[0-9]* insecure-temp-file http://secunia.com/advisories/56720/ xenkernel41-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-84.html xenkernel42<4.2.4 denial-of-service http://xenbits.xenproject.org/xsa/advisory-84.html xenkernel42<4.2.4 multiple-vulnerabilities http://xenbits.xenproject.org/xsa/advisory-85.html mantis<1.2.16 multiple-vulnerabilities http://www.ocert.org/advisories/ocert-2014-001.html contao211<2.11.14 multiple-vulnerabilities http://secunia.com/advisories/56755/ contao32>=3<3.2.5 multiple-vulnerabilities http://secunia.com/advisories/56755/ contao210-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages contao29-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages contao30-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages contao31-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ImageMagick<6.8.8.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1958 ImageMagick<6.8.8.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2030 ffmpeg2<2.2.1 multiple-vulnerabilities http://secunia.com/advisories/56838/ ffmpeg2<2.2.1 arbitrary-code-execution http://secunia.com/advisories/56847/ gnutls<3.2.11 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1959 php55-gd<5.5.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7226 ffmpeg2<2.2.1 arbitrary-code-execution http://secunia.com/advisories/56971/ icinga-base<1.9.5 buffer-overflow https://www.icinga.org/2014/02/11/bugfix-releases-1-10-3-1-9-5-1-8-6/ maradns<2.0.09 denial-of-service http://secunia.com/advisories/57033/ png<1.6.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6954 flite<1.4 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0027 socat<1.7.2.3 buffer-overflow http://www.dest-unreach.org/socat/contrib/socat-secadv5.txt file<5.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943 file<5.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270 ffmpeg2<2.2.1 multiple-vulnerabilities http://secunia.com/advisories/56987/ ffmpeg2<2.2.1 multiple-vulnerabilities http://secunia.com/advisories/57066/ freeradius<2 denial-of-service http://secunia.com/advisories/56956/ freeradius>=2<2.2.0nb8 denial-of-service http://secunia.com/advisories/56956/ ruby{193,200}-actionpack<3.2.17 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0081 ruby{193,200}-actionpack<3.2.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0082 adobe-flash-plugin<11.2.202.341 remote-system-access http://www.adobe.com/support/security/bulletins/apsb14-07.html phpmyadmin<4.0.10nb1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-1.php phpmyadmin>=4.1<4.1.7 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-1.php postgresql84-server<8.4.20 multiple-vulnerabilities http://www.postgresql.org/about/news/1506/ postgresql90-server<9.0.16 multiple-vulnerabilities http://www.postgresql.org/about/news/1506/ postgresql91-server<9.1.12 multiple-vulnerabilities http://www.postgresql.org/about/news/1506/ postgresql92-server<9.2.7 multiple-vulnerabilities http://www.postgresql.org/about/news/1506/ postgresql93-server<9.3.3 multiple-vulnerabilities http://www.postgresql.org/about/news/1506/ libvirt>=1.0.1<1.2.1 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6456 apache-tomcat>=6<6.0.39 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286 apache-tomcat>=6<6.0.39 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322 apache-tomcat>=6<6.0.39 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590 apache-tomcat>=6.0.33<6.0.39 session-fixation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0033 apache-tomcat>=7<7.0.40 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2071 apache-tomcat>=7<7.0.47 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286 apache-tomcat>=7<7.0.50 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322 apache-tomcat>=7<7.0.50 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590 gnutls<3.2.12 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0092 php<5.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943 php>=5.4<5.4.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943 php>=5.5<5.5.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943 libssh<0.63 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0017 typo3-[0-9]* cross-site-scripting http://secunia.com/advisories/57094/ sudo<1.7.10p8 local-security-bypass http://www.sudo.ws/sudo/alerts/env_add.html stunnel<5 multiple-vulnerabilities http://secunia.com/advisories/57118/ net-snmp<5.7.2.1 denial-of-service http://secunia.com/advisories/57124/ icedtea-web<1.4.2 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6493 png<1.6.10rc01 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0333 p5-Capture-Tiny<0.24 insecure-temp-file http://secunia.com/advisories/56823/ ffmpeg2<2.2.1 denial-of-service http://secunia.com/advisories/57282/ ffmpeg2<2.1.4 multiple-vulnerabilities http://secunia.com/advisories/57298/ ffmpeg<20140305.1.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2097 ffmpeg<20140305.1.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2098 ffmpeg<20140305.1.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2099 ffmpeg<20140305.1.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2263 ffmpeg2<2.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2097 ffmpeg2<2.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2098 ffmpeg2<2.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2099 ffmpeg2<2.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2263 wireshark<1.10.6 multiple-vulnerabilities http://secunia.com/advisories/57265/ freetype2>=2.4.12<2.5.4 arbitrary-code-execution http://secunia.com/advisories/57291/ asterisk>=1.8<1.8.26.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-001.html asterisk>=11.0<11.8.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-001.html asterisk>=12.0<12.1.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-001.html asterisk>=1.8<1.8.26.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-002.html asterisk>=11.0<11.8.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-002.html asterisk>=12.0<12.1.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-002.html asterisk>=12.0<12.1.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-003.html asterisk>=12.0<12.1.0 denial-of-service http://downloads.digium.com/pub/security/AST-2014-004.html php{53,54,55}-orangehrm<3.1.2 cross-site-scripting http://secunia.com/advisories/57206/ mediawiki<1.22.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2242 mediawiki<1.22.3 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2243 mediawiki<1.22.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2244 squid<3.4.4 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2014_1.txt adobe-flash-plugin<11.2.202.346 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb14-08.html mutt>=1.5<1.5.23 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0467 lighttpd<1.4.35 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2323 lighttpd<1.4.35 path-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2324 php{53,54,55}-owncloud<6.0.2 multiple-vulnerabilities http://secunia.com/advisories/57283/ php55-gd<5.5.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7327 php>=5.5<5.5.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270 php>=5.4<5.4.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270 php<5.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270 samba-3.5.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages samba>=3.4<3.6.23 brute-force-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4496 imapsync<=1.564 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4279 imapsync<1.584 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2014 gnutls<2.7.6 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5138 oath-toolkit<2.4.1 unauthorized-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7322 suse{,32}_openssl<13.1nb2 denial-of-service http://support.novell.com/security/cve/CVE-2013-4353.html suse{,32}_x11<13.1nb2 denial-of-service http://support.novell.com/security/cve/CVE-2013-6425.html suse{,32}_libpng<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2013-6954.html suse{,32}_qt4<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2013-4549.html suse{,32}_libpng>=13.1<13.1nb2 denial-of-service http://support.novell.com/security/cve/CVE-2014-0333.html php53-gd<5.3.28nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497 php54-gd<5.4.28nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497 php55-gd<5.5.12nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497 moodle<2.5.5 multiple-vulnerabilities http://secunia.com/advisories/57331/ mutt-kz<1.5.22.1rc1nb1 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0467 firefox<28 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox28 firefox24<24.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.4 thunderbird<24.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.4 seamonkey<2.25 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.25 apache>=2.4<2.4.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438 apache>=2.4<2.4.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098 apache>=2.2<2.2.27 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438 apache>=2.2<2.2.27 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098 xulrunner24<24.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2014-15.html xulrunner<28 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2014-15.html jansson<2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-6401 ruby{193,200,21}-rack-ssl<1.3.3nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2538 nss<3.16 multiple-vulnerabilities http://secunia.com/advisories/57465/ openssl>=1.0.1<1.0.1fnb1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 openssh<6.6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2532 cacti<0.8.8c cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2326 cacti<0.8.8c cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2327 cacti<0.8.8c arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2328 icinga-base<1.9.4 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7106 icinga-base<1.9.4 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7108 php>=5.4<5.4.26nb2 denial-of-service http://secunia.com/advisories/57564/ php>=5.5<5.5.10nb2 denial-of-service http://secunia.com/advisories/57564/ claws-mail-vcalendar<3.10.0 remote-spoofing http://secunia.com/advisories/57336/ claws-mail-rssyl<3.10.0 remote-spoofing http://secunia.com/advisories/57336/ libyaml<0.1.5nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2525 p5-YAML-LibYAML<0.41nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2525 curl<7.36.0 multiple-vulnerabilities http://secunia.com/advisories/57434/ couchdb<1.5.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2668 ffmpeg010<20130927.0.10.9 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7009 ffmpeg010<20130927.0.10.9 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7010 ffmpeg010<20130927.0.10.9 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7014 ffmpeg010<20130927.0.10.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7015 ffmpeg010<20130927.0.10.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7018 ffmpeg010<20130927.0.10.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7023 ffmpeg010<20140310.0.10.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2098 ffmpeg010<20140310.0.10.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2099 ffmpeg010<20140310.0.10.12 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2263 {ap22,ap24}-modsecurity<2.7.6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5705 a2ps<4.14nb6 multiple-vulnerabilities http://secunia.com/advisories/57663/ sylpheed<3.3.1 buffer-overflow http://secunia.com/advisories/57584/ suse{,32}_openssl<13.1nb3 sensitive-information-disclosure http://support.novell.com/security/cve/CVE-2014-0076.html PAM-[0-9]* security-bypass http://secunia.com/advisories/57317/ icinga-base<1.9.6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2386 prosody<0.9.4 denial-of-service http://blog.prosody.im/prosody-0-9-4-released/ lua-expat<1.3.0 denial-of-service http://matthewwild.co.uk/projects/luaexpat/index.html#history openssl>=1.0.1<1.0.1g sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 suse{,32}_openssl>=12.3<13.1nb4 sensitive-information-disclosure http://support.novell.com/security/cve/CVE-2014-0160.html cacti<0.8.8c sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2708 cacti<0.8.8c arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2709 adobe-flash-plugin<11.2.202.350 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb14-09.html jbigkit<2.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6369 wordpress<3.8.2 multiple-vulnerabilities http://secunia.com/advisories/57769/ php{53,54,55}-ja-wordpress<3.8.2 multiple-vulnerabilities http://secunia.com/advisories/57769/ wireshark<1.10.4 arbitrary-code-execution http://www.wireshark.org/security/wnpa-sec-2014-05.html py{33,27,26}-Pillow<2.3.1 insecure-temp-file http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1932 py{27,26}-imaging<1.1.7nb8 insecure-temp-file http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1932 py{33,27,26}-Pillow<2.3.1 insecure-temp-file http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1933 py{27,26}-imaging-<1.1.7nb8 insecure-temp-file http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1933 suse{,32}_libcurl<13.1nb3 privilege-escalation http://support.novell.com/security/cve/CVE-2014-0138.html suse{,32}_libcurl<13.1nb3 ssl-certificate-spoofing http://support.novell.com/security/cve/CVE-2014-0139.html dillo<3.0.4 arbitrary-code-execution http://secunia.com/advisories/57797/ openjpeg15<1.5.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1447 openjpeg15<1.5.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4289 openjpeg15<1.5.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4290 openjpeg15<1.5.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6045 openjpeg15<1.5.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6052 openjpeg15<1.5.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6053 openjpeg15<1.5.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6054 openjpeg15<1.5.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6087 cups<1.5.4nb11 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2856 openafs<1.6.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0159 openafs>=1.7<1.7.31 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0159 openssh<6.6.1nb3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2653 file<5.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345 nagios-base<3.5.1nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2386 qemu>=1.4.0<1.7.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4377 libmms<0.6.4 buffer-overflow http://secunia.com/advisories/57875/ sun-{jdk,jre}7<7.0.55 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA openjdk7{,-bin}<1.7.55 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA mysql-server>5.5<5.5.37 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixMSQL mysql-server>5.6<5.6.17 arbitrary-code-execution http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixMSQL qemu<2.0 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2894 qemu<2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4544 json-c<0.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6370 json-c<0.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6371 rsync<3.1.0nb1 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2855 suse{,32}_libjson<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2013-6370.html suse{,32}_libjson<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2013-6371.html wireshark<1.10.7 denial-of-service http://secunia.com/advisories/58217/ bugzilla>=4.5<4.5.3 spoofing-attack http://secunia.com/advisories/58059/ bugzilla>=4.4<4.4.3 spoofing-attack http://secunia.com/advisories/58059/ bugzilla>=4.2<4.2.8 spoofing-attack http://secunia.com/advisories/58059/ bugzilla>=4.0<4.0.12 spoofing-attack http://secunia.com/advisories/58059/ drupal>=6<6.31 sensitive-information-disclosure http://secunia.com/advisories/58132 drupal>=7<7.27 sensitive-information-disclosure http://secunia.com/advisories/58132 qemu<2.0.0nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4151 qemu<2.0.0nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4535 qemu<2.0.0nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4536 qemu<2.0.0nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6399 qemu<2.0.0nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0182 gnustep-base<1.24.0nb11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2980 poco<1.4.6p4 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0350 mediawiki<1.22.6 script-insertion-vulnerability http://lists.wikimedia.org/pipermail/mediawiki-announce/2014-April/000149.html adobe-flash-plugin<11.2.202.356 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-13.html firefox<29 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox29 firefox24<24.5 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.5 thunderbird<24.5 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.5 seamonkey<2.26 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.26 xulrunner24<24.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2014/mfsa2014-34.html xulrunner<29 arbitrary-code-execution http://www.mozilla.org/security/announce/2014/mfsa2014-34.html synergy<1.4.14 sensitive-information-disclosure http://synergy-foss.org/blog/synergy-1-4-14/ py{33,32,27,26}-lxml<3.3.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3146 knot<1.4.5 signature-spoofing https://www.knot-dns.cz/ suse{,32}_openssl<13.1nb6 denial-of-service http://support.novell.com/security/cve/CVE-2010-5298.html suse{,32}_mozilla-nss<13.1nb2 man-in-the-middle-attack http://support.novell.com/security/cve/CVE-2014-1492.html openssl>=1<1.0.0m denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198 openssl>=1.0.1<1.0.1h denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198 python32-[0-9]* insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2667 python33<3.3.5nb2 insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2667 python34<3.4.0nb1 insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2667 python32-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libpng<13.1nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2013-7354.html suse{,32}_libpng<13.1nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2013-7353.html python33<3.3.4rc1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7338 python26-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912 python27<2.7.6nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912 python32-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912 python33<3.3.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912 python34<3.4rc1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912 cacti<0.8.8c cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5588 cacti<0.8.8c sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5589 cacti-spine-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5588 cacti-spine-[0-9]* sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5589 cacti-spine-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2326 cacti-spine-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2328 cacti-spine-[0-9]* sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2708 cacti-spine-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2709 sks<1.1.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3207 openssl>=1<1.0.0m denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298 openssl>=1.0.1<1.0.1h denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298 libxml2<2.9.1nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0191 suse{,32}_libxml2<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2014-0191.html openjdk7{,-bin}<1.7.40 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5772 sun-{jdk,jre}7<7.0.40 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5772 sun-{jdk,jre}6<6.0.60 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5772 openjdk7{,-bin}<1.7.40 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5802 sun-{jdk,jre}7<7.0.40 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5802 sun-{jdk,jre}6<6.0.60 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5802 sun-{jre,jdk}15<5.0.51 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5802 sun-{jre,jdk}15>=5.0.55<5.0.56 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411 sun-{jre,jdk}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411 openssl>=1.0.0<1.0.0l man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6450 openssl>=1.0.1<1.0.1f man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6450 p5-LWP-Protocol-https>=6.04<6.04nb1 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3230 p5-LWP-Protocol-https>=6.06<6.06nb1 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3230 jpeg>=6b<6c sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6629 libjpeg-turbo<1.3.1 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6629 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0446 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0446 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0446 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0448 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0448 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0448 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0449 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0449 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0449 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0449 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0454 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0454 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0454 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0455 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0455 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0455 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0459 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0459 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0459 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0461 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0461 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0461 openjdk7{,-bin}>=1.7.51<1.7.52 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1876 sun-{jdk,jre}7>=7.0.51<7.0.52 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1876 sun-{jdk,jre}8>=8.0.0<8.0.1 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1876 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2401 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2401 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2401 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2401 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2402 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2402 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2402 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2409 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2409 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2409 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2420 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2420 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2420 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2428 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2428 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2428 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2428 fish>=1.16.0<2.1.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2905 fish<2.1.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2014-2906 fish<2.1.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2014-2914 fish<2.1.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2014-3856 tiff<4.0.3nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4244 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5888 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5888 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5888 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5907 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5907 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5907 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5910 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5910 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5910 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0368 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0368 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0368 libvirt>=0.7.5<1.2.5 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0179 rxvt-unicode<9.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3121 mediawiki<1.19.14 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2665 mediawiki>=1.20<1.21 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2665 mediawiki>=1.21<1.21.8 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2665 mediawiki>=1.22<1.22.5 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2665 ruby{193,200,21}-actionpack>=3.2<3.2.18 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0130 bind>=9.10<9.10.0pl1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3214 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5878 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5878 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5878 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5887 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5887 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5887 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5889 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5889 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5889 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5898 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5898 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5898 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5899 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5899 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5899 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0373 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0373 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0373 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0375 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0375 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0375 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0387 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0387 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0387 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0403 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0403 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0403 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0410 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0410 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0410 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0415 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0415 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0415 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0416 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0416 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0416 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0417 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0417 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0417 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0422 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0422 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0422 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0423 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0423 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0423 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0424 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0424 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0424 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428 libvirt<1.1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7336 png<1.5.14beta08 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7353 png<1.5.14rc03 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7354 py{34,33,32,27,26}-jinja2<2.7.2nb1 temporary-files-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0012 emacs23<23.3nb27 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3421 emacs23-nox11<23.3nb3 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3421 emacs24<24.3nb14 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3421 emacs24-nox11<24.3nb1 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3421 emacs23<23.3nb27 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3422 emacs23-nox11<23.3nb3 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3422 emacs24<24.3nb14 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3422 emacs24-nox11<24.3nb1 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3422 emacs23<23.3nb27 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3424 emacs23-nox11<23.3nb3 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3424 emacs24<24.3nb14 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3424 emacs24-nox11<24.3nb1 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3424 adobe-flash-plugin<11.2.202.359 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-14.html suse{,32}_openssl<13.1nb7 denial-of-service http://support.novell.com/security/cve/CVE-2014-0198.html qt4-libs<4.8.6nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0190 qt5-qtbase<5.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0190 libXfont<1.4.7nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0209 libXfont<1.4.7nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0210 libXfont<1.4.7nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0211 ldns<1.6.16nb4 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3209 php53-fpm-[0-9]* local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185 php54-fpm<5.4.28 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185 php55-fpm<5.5.12 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185 nagios-base-<3.5.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1878 icinga-base<1.9.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1878 dovecot<1.2.17nb15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3430 dovecot>=2<2.2.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3430 py{34,33,32,27,26}-django>=1.5<1.6.5 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1418 py{34,33,32,27,26}-django<1.4.13 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1418 py{34,33,32,27,26}-django>=1.5<1.6.5 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3730 py{34,33,32,27,26}-django<1.4.13 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3730 php{53,54,55}-owncloud<6.0.3 unknown-impact http://secunia.com/advisories/58586/ moodle<2.5.6 multiple-vulnerabilities http://docs.moodle.org/dev/Moodle_2.5.6_release_notes suse{,32}_x11<13.1nb5 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-0209.html suse{,32}_x11<13.1nb5 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-0210.html suse{,32}_x11<13.1nb5 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-0211.html typo3<4.5.34 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/ typo3>=4.7<4.7.19 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/ typo3>=6.0<6.0.14 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/ typo3>=6.1<6.1.9 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/ chicken<4.8.0.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4385 chicken<4.8.0.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3776 apache-tomcat>=6.0<6.0.41 multiple-vulnerabilities http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.41 apache-tomcat>=7.0<7.0.53 information-disclosure http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.53 apache-tomcat>=6.0<6.0.39 denial-of-service http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.39 apache-tomcat>=7.0<7.0.53 denial-of-service http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_7.0.53 apache-tomcat>=7.0<7.0.54 information-disclosure http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.54 gnutls<3.2.15 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3466 webmin<1.690 cross-site-scripting http://freecode.com/projects/webmin/releases/363920 suse{,32}_openssl<13.1nb8 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-0195.html suse{,32}_openssl<13.1nb8 denial-of-service http://support.novell.com/security/cve/CVE-2014-0221.html suse{,32}_openssl<13.1nb8 man-in-the-middle-attack http://support.novell.com/security/cve/CVE-2014-0224.html suse{,32}_openssl<13.1nb8 denial-of-service http://support.novell.com/security/cve/CVE-2014-3470.html openssl<0.9.8za man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 openssl>=1<1.0.0m man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 openssl>=1.0.1<1.0.1h man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 openssl<0.9.8za denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 openssl>=1<1.0.0m denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 openssl>=1.0.1<1.0.1h denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 openssl<0.9.8za arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 openssl>=1<1.0.0m arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 openssl>=1.0.1<1.0.1h arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 openssl<0.9.8za denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 openssl>=1<1.0.0m denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 openssl>=1.0.1<1.0.1h denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 openssl<0.9.8za sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 openssl>=1<1.0.0m sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 py{34,33,32,27,26}-gnupg<0.3.6 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7323 py{34,33,32,27,26}-gnupg<0.3.6 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1927 py{34,33,32,27,26}-gnupg<0.3.6 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1928 py{34,33,32,27,26}-gnupg<0.3.6 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1929 python27<2.7.7nb1 denial-of-service http://seclists.org/oss-sec/2013/q4/558 php>=5.4<5.4.29 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237 php>=5.4<5.4.29 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238 php>=5.5<5.5.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237 php>=5.5<5.5.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238 mediawiki<1.22.7 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3966 libtasn1<3.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3467 libtasn1<3.6 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3468 libtasn1<3.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3469 openpam<20140912 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3879 chkrootkit<0.50 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0476 bottle<0.12.6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3137 mupdf<1.4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2013 sendmail<8.14.9 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3956 dpkg<1.16.15 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3864 dpkg<1.16.15 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3865 firefox<30 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox30 firefox24<24.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.6 thunderbird<24.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.6 xulrunner24<24.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2014/mfsa2014-48.html xulrunner<30 arbitrary-code-execution http://www.mozilla.org/security/announce/2014/mfsa2014-48.html file<5.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237 file<5.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238 nspr<4.10.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2014/mfsa2014-55.html emacs24{,-nox11}<24.5 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3423 icinga-base<1.9.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7107 icinga-base>1.9.5<1.10.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7107 icinga-base>1.9.5<1.10.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1878 icinga-base<1.10.3 stack-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2386 tor<0.2.4.20 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7295 gnupg2<2.0.22 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4351 gnupg<1.4.15 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4351 gnupg2<2.0.22 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4402 gnupg<1.4.15 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4402 py{34,33,32,27,26}-django>=1.5<1.6.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0472 py{33,32,27,26}-django<1.4.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0472 py{34,33,32,27,26}-django>=1.5<1.6.3 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0473 py{33,32,27,26}-django<1.4.11 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0473 py{33,32,27,26}-django<1.4.11 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0474 adobe-flash-plugin<11.2.202.379 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-16.html php{53,54,55}-soycms<=1.4.0c cross-site-scripting http://jvn.jp/en/jp/JVN54650130/index.html asterisk>=12.0<12.3.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-005.html asterisk>=11.0<11.10.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2014-006.html asterisk>=12.0<12.3.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2014-006.html asterisk>=1.8<1.8.28.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-007.html asterisk>=11.0<11.10.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-007.html asterisk>=12.0<12.3.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-007.html asterisk>=12.0<12.3.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-008.html libarchive>=2.9<3.1.2 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1779 bind>=9.10<9.10.0pl2 denial-of-service https://kb.isc.org/article/AA-01166/0/CVE-2014-3859%3A-BIND-named-can-crash-due-to-a-defect-in-EDNS-printing-processing.html ruby18-puppet<3.6.2 arbitrary-code-execution http://puppetlabs.com/security/cve/cve-2014-3248 ruby18-hiera<1.3.4 arbitrary-code-execution http://puppetlabs.com/security/cve/cve-2014-3248 ruby18-mcollective<2.5.2 arbitrary-code-execution http://puppetlabs.com/security/cve/cve-2014-3248 wireshark>=1.10.0<1.10.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2014-07.html ap{22,24}-py{33,32,27,26}-wsgi<3.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0240 ap{22,24}-py{33,32,27,26}-wsgi<3.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0242 suse{,32}_base<13.1nb10 denial-of-service http://support.novell.com/security/cve/CVE-2014-4043.html xalan-j>=2.7.0<2.7.2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0107 gnutls>=3.0<3.1.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3465 gnutls>=3.2<3.2.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3465 lighttpd<1.4.34 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4560 lighttpd>=1.4.24<1.4.34 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4508 suse{,32}_mozilla-nspr<13.1nb2 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-1545.html mysql-client-5.1.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-server-5.1.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel33-[0-9]* sensitive-information-exposure http://xenbits.xenproject.org/xsa/advisory-100.html xenkernel41<4.1.6.1nb1 sensitive-information-exposure http://xenbits.xenproject.org/xsa/advisory-100.html xenkernel42<4.2.5 sensitive-information-exposure http://xenbits.xenproject.org/xsa/advisory-100.html suse{,32}_libdbus<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2014-3477.html memcached<1.4.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0179 memcached<1.4.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7290 memcached<1.4.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7291 kdirstat-[0-9]* arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2527 kdirstat-[0-9]* arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2528 seamonkey<2.26.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.26.1 iodine<0.7.0 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4168 samba>=3.6<3.6.24 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493 samba>=3.6<3.6.24 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244 p5-Email-Address<1.905 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0477 php>=5.4<5.4.30 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049 php>=5.5<5.5.14 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049 nagios-plugins<2.0.2 sensitive-information-disclosure http://seclists.org/fulldisclosure/2014/May/74 openafs>=1.6.8<1.6.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4044 gnupg2<2.0.24 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617 gnupg<1.4.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617 php-5.2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php{53,54,55}-piwigo<2.6.3 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4649 kdelibs4<4.13.3 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3494 php>=5.4<5.4.30 multiple-vulnerabilities http://www.php.net/ChangeLog-5.php#5.4.30 php>=5.5<5.5.14 multiple-vulnerabilities http://www.php.net/ChangeLog-5.php#5.5.14 php{53,54,55}-owncloud<6.0.4 unknown-impact http://secunia.com/advisories/59543/ python27<2.7.7nb2 directory-traversal http://bugs.python.org/issue21766 python32-[0-9]* directory-traversal http://bugs.python.org/issue21766 python33<3.3.5nb4 directory-traversal http://bugs.python.org/issue21766 python34<3.4.1nb1 directory-traversal http://bugs.python.org/issue21766 lzo<2.0.7 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4607 pulseaudio<5.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3970 cacti<0.8.8c multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4002 dbus<1.8.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3532 dbus<1.8.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3533 libreoffice4>=4.1.4<4.2.5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0247 libreoffice4-bin>=4.1.4<4.2.5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0247 adobe-flash-plugin<11.2.202.379 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-17.html suse{,32}_base<13.1nb5 directory-traversal http://support.novell.com/security/cve/CVE-2014-0475.html openttd>=0.3.6<1.3.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6411 vlc<2.0.4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1868 vlc<2.0.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1954 dbus>1.6.20<1.8.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3477 dbus<1.6.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3477 php>=5.4<5.4.30nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4698 php>=5.5<5.5.14nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4698 php>=5.4<5.4.30nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670 php>=5.5<5.5.14nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670 file<5.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478 php>=5.4<5.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478 php>=5.5<5.5.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478 file<5.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479 php>=5.4<5.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479 php>=5.5<5.5.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479 file<5.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480 php>=5.4<5.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480 php>=5.5<5.5.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480 file<5.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487 php>=5.4<5.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487 php>=5.5<5.5.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487 ffmpeg<20140623.1.2.7 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2263 ffmpeg2<2.2.4 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2263 ffmpeg010<20140629.0.10.14 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4609 ffmpeg010<20140629.0.10.14 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4610 php>=5.4<5.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515 php>=5.5<5.5.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515 file<5.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207 php>=5.4<5.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207 php>=5.5<5.5.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207 php>=5.4<5.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721 php>=5.5<5.5.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721 phpmyadmin>=4.2<4.2.4 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-2.php phpmyadmin>=4.1<4.1.14.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-3.php phpmyadmin>=4.2<4.2.4 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-3.php samba>=3.6.6<3.6.24 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178 samba>=4.1<4.1.8 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178 ruby{193,200,21}-activerecord>=3.2<3.2.19 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3482 transmission<2.84 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4909 polarssl<1.2.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4911 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4227 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4219 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2490 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4216 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4247 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4283 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4223 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4262 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4209 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4220 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4218 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4252 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4266 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4268 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4264 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4221 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4244 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4263 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4208 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4227 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4219 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2490 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4216 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4247 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4283 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4223 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4262 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4209 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4220 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4218 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4252 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4266 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4268 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4264 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4221 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4244 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4263 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4208 ruby1{8,9,93}-rubygems<1.8.23 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2125 ruby1{8,9,93}-rubygems<2.0.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4287 ruby200-base<2.0.0p247nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4287 ruby193-base<1.9.3p448nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4287 mit-krb5<1.10.7nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341 mit-krb5>=1.7<1.10.7nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342 mit-krb5>=1.10<1.10.7nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343 mit-krb5>=1.5<1.10.7nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344 ansible<1.6.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4657 ansible<1.6.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4678 drupal>=6<6.32 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2014-003 drupal>=7<7.29 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2014-003 php>=5.5<5.5.16 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587 php>=5.4<5.4.32 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587 mysql-server>=5.6<5.6.19 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2484 mysql-server>=5.5<5.5.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2494 mysql-server>=5.5<5.5.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4207 mysql-server>=5.6<5.6.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4214 mysql-server>=5.6<5.6.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4233 mysql-server>=5.6<5.6.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4228 mysql-server>=5.6<5.6.19 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4240 mysql-server>=5.6<5.6.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4243 mysql-server>=5.5<5.5.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4243 mysql-server>=5.6<5.6.19 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4258 mysql-server>=5.5<5.5.38 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4258 mysql-server>=5.6<5.6.19 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4260 mysql-server>=5.5<5.5.38 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4260 phpmyadmin<=3.5.8.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-8.php phpmyadmin>=4<4.0.4.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-8.php phpmyadmin<=3.5.8.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-11.php phpmyadmin>=4<4.0.4.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-11.php phpmyadmin<=3.5.8.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-14.php phpmyadmin>=4<4.0.4.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-14.php php>=5.5<5.5.14 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3981 php>=5.4<5.4.30 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3981 php<5.3.29 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3981 suse{,32}_libdbus<13.1nb2 denial-of-service http://support.novell.com/security/cve/CVE-2014-3532.html suse{,32}_libdbus<13.1nb2 denial-of-service http://support.novell.com/security/cve/CVE-2014-3533.html apache>=2.2<2.2.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231 apache>=2.4<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231 apache>=2.4<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3523 apache>=2.4.6<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0117 apache>=2.2<2.2.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118 apache>=2.4<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118 apache>=2.2<2.2.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226 apache>=2.4<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226 softhsm<1.3.7nb2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3209 xpdf<3.04 multiple-vulnerabilities http://www.foolabs.com/xpdf/CHANGES ansible<1.6.9 input-validation http://www.ocert.org/advisories/ocert-2014-004.html phpmyadmin<4.2.6 multiple-vulnerabilities http://www.phpmyadmin.net/home_page/security/PMASA-2014-6.php phpmyadmin<4.2.6 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-7.php firefox<31 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox31 firefox24<24.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.7 nss<3.16.2 memory-corruption https://www.mozilla.org/security/announce/2014/mfsa2014-63.html cups<1.7.4 symlink-attack http://www.cups.org/str.php?L4450 exim<4.83 input-validation https://lists.exim.org/lurker/message/20140722.152452.d6c019e8.en.html tor<0.2.4.23 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5117 tor>=0.2.5<0.2.5.7 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5117 mysql-server>=5.6<5.6.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 mysql-server>=5.5<5.5.39 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 mediawiki<1.22.9 multiple-vulnerabilities https://www.mediawiki.org/wiki/Release_notes/1.22#MediaWiki_1.22.9 suse{,32}_mozilla-nss<13.1nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-1544.html wireshark<1.10.9 multiple-vulnerabilities https://www.wireshark.org/docs/relnotes/wireshark-1.10.9.html#_bug_fixes kdelibs4<4.14 privilege-escalation http://www.kde.org/info/security/advisory-20140730-1.txt samba>=4<4.1.11 buffer-overflow http://www.samba.org/samba/security/CVE-2014-3560 gpgme<1.4.4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3564 file<5.1.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538 nginx>=1.5.6<1.6 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3556 nginx>=1.6<1.6.1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3556 nginx>=1.7<1.7.4 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3556 php>=5.4<5.4.32 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538 php>=5.5<5.5.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538 php{53,54,55}-owncloud<5.0.17 unspecified http://owncloud.org/changelog/ phpmyadmin<4.2.6 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-4.php phpmyadmin>=4.2<4.2.6 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-5.php phpmyadmin>=4.1<4.1.14.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-5.php phpmyadmin>=4.0<4.0.10.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-5.php liblive<20131129 buffer-overflow http://live555.com/liveMedia/public/changelog.txt nss<3.15.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1491 nss<3.16 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1492 gcc{,34,44,45,46,47}-[0-9]* denial-of-service https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61601 gcc3-c++-[0-9]* denial-of-service https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61601 gcc48-cc++-[0-9]* denial-of-service https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61601 gcc{,34,44,45,46,47}-[0-9]* memory-corruption https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61582 gcc3-c++-[0-9]* memory-corruption https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61582 gcc48-cc++-[0-9]* memory-corruption https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61582 ruby{18,193,200,21}-puppet<3.3.3 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4969 ruby{18,193,200,21}-puppet>=3.4<3.4.1 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4969 ruby{18,193,200,21}-puppet>=2.8.4<3.1.1 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4969 ruby18-base>=1.8.7<1.8.7.331 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4481 curl>=7.27.0<7.35.1 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2522 openssl>=0.9.8<0.9.8zb multiple-vulnerabilities https://www.openssl.org/news/secadv_20140806.txt openssl>=1.0.0<1.0.0n multiple-vulnerabilities https://www.openssl.org/news/secadv_20140806.txt openssl>=1.0.1<1.0.1i multiple-vulnerabilities https://www.openssl.org/news/secadv_20140806.txt suse{,32}_openssl<13.1nb9 multiple-vulnerabilities https://www.openssl.org/news/secadv_20140806.txt cups<1.7.4 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5029 cups<2.0 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5030 cups<2.0 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5031 readline>=6.2<6.3 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2524 openssl>=0.9.8<0.9.8y sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169 openssl>=1.0.0<1.0.0k sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169 openssl>=1.0.1<1.0.1d sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169 durupal>=6<6.33 denial-of-service https://www.drupal.org/SA-CORE-2014-004 durupal>=7<7.31 denial-of-service https://www.drupal.org/SA-CORE-2014-004 wordpress>=3.8<3.8.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2053 wordpress>=3.7<3.7.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2053 php{53,54,55}-ja-wordpress>=3.8<3.8.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2053 php{53,54,55}-ja-wordpress>=3.7<3.7.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2053 py{34,33,27,26}-ipython<1.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3429 serf<1.3.7 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3504 subversion-base>=1.8<1.8.10 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3522 adobe-flash-plugin<11.2.202.400 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-18.html suse{,32}_libtiff<13.1nb1 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2013-6369.html suse{,32}_krb5<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2014-4341.html suse{,32}_krb5<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2014-4342.html suse{,32}_krb5<13.1nb1 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-4343.html suse{,32}_krb5<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2014-4344.html poppler<0.13.3 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5110 php-5.3.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages subversion-base>=1.8<1.8.10 spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3528 qemu>=1.6<2.0.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5263 py{34,33,27,26}-Pillow<2.5.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3589 cacti<0.8.8c arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-5261 cacti<0.8.8c sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-5262 py{26,27}-moin<1.9.7 script-insertion-vulnerability http://moinmo.in/SecurityFixes mit-krb5>=1.6<1.10.7nb3 buffer-overflow http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2014-001.txt py{27,26}-imaging<1.1.7nb9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3589 py{33,32,27,26}-django<1.4.14 multiple-vulnerabilities https://docs.djangoproject.com/en/1.4/releases/1.4.14/ py{33,32,27,26}-django>=1.5<1.6.6 multiple-vulnerabilities https://docs.djangoproject.com/en/1.6/releases/1.6.6/ phpmyadmin<4.2.7.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-8.php phpmyadmin<4.2.7.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-9.php salt<2014.1.10 data-manipulation http://docs.saltstack.com/en/latest/topics/releases/2014.1.10.html squid<3.4.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3609 bozohttpd<20140708 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5015 procmail<3.22nb4 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3618 firefox<31.1 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox31.1 thunderbird<31.1 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird31.1 firefox>31.1<32 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox32 firefox24<24.8 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.8 thunderbird24<24.8 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.8 ImageMagick<6.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1958 ImageMagick<6.9 stack-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1947 ImageMagick<6.8.8 stack-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1947 php>=5.4<5.4.32 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587 php>=5.5<5.5.16 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587 php>=5.4<5.4.32 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597 php>=5.5<5.5.16 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597 php54-gd>=5.4<5.4.32 remote-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5120 php55-gd>=5.5<5.5.16 remote-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5120 net-snmp>=5.7<5.7.2.1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3565 net-snmp>=5.6<=5.6.2.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3565 net-snmp>=5.5<=5.5.2.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3565 net-snmp>=5.4<=5.4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3565 lua51<5.1.5nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5461 lua52>=5.2<5.2.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5461 nodejs<0.10.30 denial-of-service http://blog.nodejs.org/2014/07/31/v8-memory-corruption-stack-overflow/ thunderbird24<24.8.1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5369 thunderbird<31.5.0nb1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5369 seamonkey<2.32.1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5369 libreoffice4<4.3.1 multiple-vulnerabilities http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/ dhcpcd<6.4.3 denial-of-service http://advisories.mageia.org/MGASA-2014-0334.html bugzilla<4.0 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1546 libvncserver<0.9.10 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4607 file<=5.19 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587 cups<1.7.4 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3537 cups<1.7.4 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5029 cups<2.0 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5030 cups<2.0 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5031 suse{,32}_libcups-[0-9]* symlink-attack http://support.novell.com/security/cve/CVE-2014-3537.html suse{,32}_libcups-[0-9]* symlink-attack http://support.novell.com/security/cve/CVE-2014-5029.html suse{,32}_libcups-[0-9]* symlink-attack http://support.novell.com/security/cve/CVE-2014-5030.html suse{,32}_libcups-[0-9]* symlink-attack http://support.novell.com/security/cve/CVE-2014-5031.html ruby193-base<1.9.3p547nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4975 ruby200-base<2.0.0p481nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4975 ruby21-base<2.1.2nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4975 libgcrypt<1.5.4 side-channel http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5270 pppd<2.4.7 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3158 adobe-flash-plugin<11.2.202.406 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-21.html curl<7.38.0 data-manipulation http://curl.haxx.se/docs/adv_20140910A.html curl>7.31.0<7.38.0 data-manipulation http://curl.haxx.se/docs/adv_20140910B.html apache-tomcat>7<7.0.40 script-insertion-vulnerability http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.40 suse{,32}_base<13.1nb5 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-5119.html suse{,32}_base<13.1nb5 denial-of-service http://support.novell.com/security/cve/CVE-2014-6040.html haproxy<1.5.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-6269 squid<3.4.8 buffer-overflow http://www.squid-cache.org/Advisories/SQUID-2014_3.txt squid<3.4.8 buffer-overflow http://www.squid-cache.org/Advisories/SQUID-2014_4.txt fengoffice<2.7.0 cross-site-scripting http://sourceforge.net/projects/opengoo/files/fengoffice/fengoffice_2.7.0/ wireshark<1.10 denial-of-service https://www.wireshark.org/docs/relnotes/wireshark-1.10.10.html asterisk>=12.0<12.5.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-009.html asterisk>=11.0<11.12.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-010.html asterisk>=12.0<12.5.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-010.html dbus<1.8.8 arbitrary-code-execution https://bugs.freedesktop.org/show_bug.cgi?id=83622 dbus<1.8.8 denial-of-service https://bugs.freedesktop.org/show_bug.cgi?id=82820 dbus<1.8.8 denial-of-service https://bugs.freedesktop.org/show_bug.cgi?id=80559 dbus<1.8.8 denial-of-service https://bugs.freedesktop.org/show_bug.cgi?id=81053 dbus<1.8.8 denial-of-service https://bugs.freedesktop.org/show_bug.cgi?id=80919 nodejs<0.10.31 unspecified http://blog.nodejs.org/2014/08/19/node-v0-10-31-stable/ nginx>=1.7<1.7.5 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3616 nginx<1.6.2 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3616 phpmyadmin<4.2.8.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-10.php moodle<2.7.2 security-bypass https://moodle.org/mod/forum/discuss.php?d=269590 qemu<2.2 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3615 bash>=4.3<4.3.025 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271 bash>=4.3<4.3.025nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169 xenkernel41<4.1.6.1nb11 local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-104.html xenkernel41<4.1.6.1nb11 local-privilege-escalation http://xenbits.xenproject.org/xsa/advisory-105.html xenkernel41<4.1.6.1nb11 local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-106.html xenkernel42<4.2.5 local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-104.html xenkernel42<4.2.5 local-privilege-escalation http://xenbits.xenproject.org/xsa/advisory-105.html xenkernel42<4.2.5 local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-106.html xenkernel33-[0-9]* local-privilege-escalation http://xenbits.xenproject.org/xsa/advisory-105.html xenkernel33-[0-9]* local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-106.html xenkernel33-[0-9]* local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-104.html xenkernel3-[0-9]* local-privilege-escalation http://xenbits.xenproject.org/xsa/advisory-105.html xenkernel3-[0-9]* local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-106.html xenkernel3-[0-9]* local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-104.html nss>=3.16.2<3.16.2.1 spoofing https://www.mozilla.org/security/announce/2014/mfsa2014-73.html nss>=3.16.3<3.16.5 spoofing https://www.mozilla.org/security/announce/2014/mfsa2014-73.html nss>=3.17<3.17.1 spoofing https://www.mozilla.org/security/announce/2014/mfsa2014-73.html mediawiki<1.23.4 filtering-bypass https://www.mediawiki.org/wiki/Release_notes/1.23#MediaWiki_1.23.4 libvncserver-[0-9]* multiple-vulnerabilities http://www.ocert.org/advisories/ocert-2014-007.html perl<5.20.0nb2 stack-overflow https://www.lsexperts.de/advisories/lse-2014-06-10.txt wordpress<3.8.3 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6242 php{53,54,55}-ja-wordpress<3.8.3 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6242 c-icap<2.6 denial-of-service http://www.gentoo.org/security/en/glsa/glsa-201409-07.xml bash>=2.05<2.05.2.9nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271 bash>=2.05<2.05.2.9nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169 libvirt>=0.7.5<1.2.5 denial-of-service http://security.libvirt.org/2014/0003.html libvirt<1.2.9 sensitive-information-disclosure http://security.libvirt.org/2014/0004.html mediawiki<1.23.5 cross-site-scripting https://www.mediawiki.org/wiki/Release_notes/1.23#MediaWiki_1.23.5 phpmyadmin<4.2.9.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-11.php elasticsearch<1.4.0 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6439 xenkernel41<4.1.6.1nb12 denial-of-service http://xenbits.xenproject.org/xsa/advisory-108.html xenkernel41<4.1.6.1nb13 denial-of-service http://xenbits.xenproject.org/xsa/advisory-109.html xenkernel41<4.1.6.1nb13 denial-of-service http://xenbits.xenproject.org/xsa/advisory-110.html xenkernel41<4.1.6.1nb13 denial-of-service http://xenbits.xenproject.org/xsa/advisory-111.html xenkernel41<4.1.6.1nb13 denial-of-service http://xenbits.xenproject.org/xsa/advisory-112.html xenkernel41<4.1.6.1nb13 denial-of-service http://xenbits.xenproject.org/xsa/advisory-113.html xenkernel42<4.2.5nb1 denial-of-service http://xenbits.xenproject.org/xsa/advisory-108.html bash>=4.3<4.3.027 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7186 bash>=4.3<4.3.027 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7187 qemu<2.1.2 denial-of-service https://lists.gnu.org/archive/html/qemu-stable/2014-09/msg00231.html apache>=2.4<2.4.10nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3581 exctags<5.8nb1 denial-of-service http://seclists.org/oss-sec/2014/q3/842 php>=5.5<5.5.18 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3669 php55-exif<5.5.18 heap-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3670 php55-xmlrpc<5.5.18 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3668 php>=5.4<5.4.34 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3669 php54-exif<5.4.34 heap-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3670 php54-xmlrpc<5.4.34 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3668 php>=5.3<5.3.29nb1 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3669 php53-exif<5.3.29nb1 heap-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3670 php53-xmlrpc<5.3.29nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3668 bugzilla<4.5.6 multiple-vulnerabilities http://www.bugzilla.org/security/4.0.14/ bash>=4.3<4.3.027 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277 bash>=3.0<4.3.027 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6278 bash>=2.05<2.05.2.13 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277 bash>=2.05<2.05.2.13 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6278 libvirt<1.2.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3633 libvirt<1.2.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3657 kdelibs4<4.14 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5033 jenkins<1.565.3 multiple-vulnerabilities https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01 rsyslog<8.4.2 denial-of-service http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/ python26-[0-9]* integer-overflow http://bugs.python.org/issue22518 python33<3.3.6 integer-overflow http://bugs.python.org/issue22518 python27<2.7.8nb1 integer-overflow http://bugs.python.org/issue22518 python34<3.4.3 integer-overflow http://bugs.python.org/issue22520 python33<3.3.6 integer-overflow http://bugs.python.org/issue22520 adobe-flash-plugin<11.2.202.411 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-22.html mysql-server>=5.5<5.5.40 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL mysql-client>=5.5<5.5.40 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL sun-{jdk,jre}7<7.0.72 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixJAVA sun-{jdk,jre}6-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixJAVA openjdk7<1.7.72 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixJAVA durupal>=7<7.32 sql-injection https://www.drupal.org/SA-CORE-2014-005 openssl>=0.9.8<0.9.8zc multiple-vulnerabilities https://www.openssl.org/news/secadv_20141015.txt openssl>=1.0.0<1.0.0o multiple-vulnerabilities https://www.openssl.org/news/secadv_20141015.txt openssl>=1.0.1<1.0.1j multiple-vulnerabilities https://www.openssl.org/news/secadv_20141015.txt wpa_supplicant<2.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3686 getmail<4.46.0 spoofing http://pyropus.ca/software/getmail/CHANGELOG libxml2<2.9.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660 suse{,32}_libxml2-[0-9]* denial-of-service http://support.novell.com/security/cve/CVE-2014-0191.html python27<2.7.8 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7185 suse{,32}_base<13.1nb6 multiple-vulnerabilities http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html file<5.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710 libpurple<2.10.10 ssl-certificate-spoofing http://pidgin.im/news/security/?id=86 libpurple<2.10.10 denial-of-service http://pidgin.im/news/security/?id=87 libpurple<2.10.10 denial-of-service http://pidgin.im/news/security/?id=88 libpurple<2.10.10 sensitive-information-disclosure http://pidgin.im/news/security/?id=90 phpmyadmin<4.2.10.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-12.php claws-mail<3.10.0 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2576 ejabberd<14.07nb4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8760 wget<1.16 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4877 ruby193-base<1.9.3p550 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8080 ruby200-base<2.0.0p594 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8080 ruby21-base<2.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8080 tnftp<20141031 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8517 wireshark<1.10.11 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8710 wireshark<1.10.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8711 wireshark<1.10.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8712 wireshark<1.10.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8713 wireshark<1.10.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8714 thunderbird<31.2 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird/#thunderbird31.2 firefox>31<31.2 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox-esr/#firefoxesr31.2 libreoffice4>=4.2<4.2.7 arbitrary-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2014-3693/ libreoffice4-bin>=4.2<4.2.7 arbitrary-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2014-3693/ libreoffice4>=4.3<4.3.3 arbitrary-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2014-3693/ libreoffice4-bin>=4.3<4.3.3 arbitrary-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2014-3693/ suse{,32}_openssl<13.1nb10 multiple-vulnerabilities https://www.openssl.org/news/secadv_20141015.txt qemu<2.2.0 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3689 qemu<2.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7815 konversation>=1.5<1.5.1 denial-of-service http://openwall.com/lists/oss-security/2014/10/26/1 ffmpeg1<1.2.9 multiple-vulnerabilities http://secunia.com/advisories/60739/ ffmpeg2<2.4.2 multiple-vulnerabilities http://secunia.com/advisories/60739/ curl>=7.17.1<7.39.0 sensitive-information-disclosure http://curl.haxx.se/docs/adv_20141105.html ap{22,24}-auth-mellon<0.8.1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8566 ap{22,24}-auth-mellon<0.8.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8567 libvirt<1.2.11 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7823 libvirt<1.2.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8131 adobe-flash-plugin<11.2.202.418 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-24.html gnutls>=3.3<3.3.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8564 gnutls>=3.2<3.2.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8564 gnutls>=3.1<3.1.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8564 polarssl>=1.2<1.2.12 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8627 polarssl>=1.3<1.3.9 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8627 polarssl>=1.2<1.2.12 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8628 polarssl>=1.3<1.3.9 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8628 php{53,54,55}-owncloud<5.0.18 unspecified http://owncloud.org/releases/Changelog php{53,54,55}-owncloud>=6.0<6.0.6 unspecified http://owncloud.org/releases/Changelog krfb<4.14.3 multiple-vulnerabilities http://www.ocert.org/advisories/ocert-2014-007.html ImageMagick<6.8.9.9 multiple-vulnerabilities http://secunia.com/advisories/61943/ GraphicsMagick<1.3.21 heap-overflow http://sourceforge.net/p/graphicsmagick/code/ci/4426024497f9ed26cbadc5af5a5de55ac84796ff/ zeromq<4.0.5 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7202 zeromq<4.0.5 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7203 tcpdump>=3.8<4.7.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8769 tcpdump>=3.5.0<4.7.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8768 tcpdump>=3.9.6<4.7.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8767 xenkernel42<4.2.5nb2 denial-of-service http://xenbits.xenproject.org/xsa/advisory-109.html xenkernel42<4.2.5nb2 denial-of-service http://xenbits.xenproject.org/xsa/advisory-110.html xenkernel42<4.2.5nb2 denial-of-service http://xenbits.xenproject.org/xsa/advisory-111.html xenkernel42<4.2.5nb2 denial-of-service http://xenbits.xenproject.org/xsa/advisory-112.html xenkernel42<4.2.5nb2 denial-of-service http://xenbits.xenproject.org/xsa/advisory-113.html moodle>=2.5<2.5.9 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275146 moodle>=2.6<2.6.6 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275146 moodle>=2.7<2.7.3 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275146 moodle>=2.5<2.5.9 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275147 moodle>=2.6<2.6.6 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275147 moodle>=2.7<2.7.3 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275147 moodle-2.7 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275153 moodle-2.7.2 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275153 moodle>=2.5<2.5.9 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275154 moodle>=2.6<2.6.6 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275154 moodle>=2.7<2.7.3 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275154 moodle>=2.5<2.5.9 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275155 moodle>=2.6<2.6.6 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275155 moodle>=2.7<2.7.3 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275155 moodle>=2.5<2.5.9 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275159 moodle>=2.6<2.6.6 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275159 moodle>=2.7<2.7.3 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275159 moodle>=2.6<2.6.6 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275161 moodle>=2.7<2.7.3 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275161 moodle>=2.5<2.5.9 cross-site-request-forgery https://moodle.org/mod/forum/discuss.php?d=275162 moodle>=2.6<2.6.6 cross-site-request-forgery https://moodle.org/mod/forum/discuss.php?d=275162 moodle>=2.7<2.7.3 cross-site-request-forgery https://moodle.org/mod/forum/discuss.php?d=275162 moodle>=2.5<2.5.9 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=275163 moodle>=2.6<2.6.6 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=275163 moodle>=2.7<2.7.3 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=275163 moodle>=2.5<2.5.9 cross-site-request-forgery https://moodle.org/mod/forum/discuss.php?d=275164 moodle>=2.6<2.6.6 cross-site-request-forgery https://moodle.org/mod/forum/discuss.php?d=275164 moodle>=2.7<2.7.3 cross-site-request-forgery https://moodle.org/mod/forum/discuss.php?d=275164 clamav<0.98.5 denial-of-service https://bugzilla.clamav.net/show_bug.cgi?id=11088 drupal>=6<6.34 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2014-006 drupal>=7<7.34 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2014-006 asterisk>=1.8<1.8.32.1 security-bypass http://downloads.digium.com/pub/security/AST-2014-012.html asterisk>=11<11.14.1 security-bypass http://downloads.digium.com/pub/security/AST-2014-012.html asterisk>=11<11.14.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2014-017.html asterisk>=1.8<1.8.32.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2014-018.html asterisk>=11<11.14.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2014-018.html wordpress<4.0.1 multiple-vulnerabilities https://wordpress.org/news/2014/11/wordpress-4-0-1/ php{53,54,55}-ja-wordpress<4.0.1 multiple-vulnerabilities https://wordpress.org/news/2014/11/wordpress-4-0-1/ dbus<1.8.10 denial-of-service https://bugs.freedesktop.org/show_bug.cgi?id=85105 suse{,32}_libdbus-[0-9]* denial-of-service https://bugs.freedesktop.org/show_bug.cgi?id=85105 mit-krb5<1.10.7nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5351 ruby193-base<1.9.3p551 denial-of-service https://www.ruby-lang.org/en/news/2014/11/13/rexml-dos-cve-2014-8090/ ruby200-base<2.0.0p598 denial-of-service https://www.ruby-lang.org/en/news/2014/11/13/rexml-dos-cve-2014-8090/ ruby21-base<2.1.5 denial-of-service https://www.ruby-lang.org/en/news/2014/11/13/rexml-dos-cve-2014-8090/ phpmyadmin<4.2.12 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-13.php phpmyadmin<4.2.12 local-file-reading http://www.phpmyadmin.net/home_page/security/PMASA-2014-14.php phpmyadmin<4.2.12 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-15.php ImageMagick<6.8.9.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8716 flac<1.3.1 multiple-vulnerabilities http://www.ocert.org/advisories/ocert-2014-008.html qemu<2.2.0 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7840 adobe-flash-plugin<11.2.202.424 arbitrary-code-execution http://helpx.adobe.com/security/products/flash-player/apsb14-26.html phpmyadmin<4.2.12 input-validation http://www.phpmyadmin.net/home_page/security/PMASA-2014-16.php pcre<8.36nb1 denial-of-service http://bugs.exim.org/show_bug.cgi?id=1546 gcpio-[0-9]* out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9112 libksba<1.3.2 heap-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2014q4/000359.html clamav<0.98.5 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9050 mediawiki<1.23.7 multiple-vulnerabilities https://www.mediawiki.org/wiki/Release_notes/1.23#MediaWiki_1.23.7 icecast<2.4.1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9018 mantis<1.2.18 arbitrary-code-execution http://seclists.org/oss-sec/2014/q4/576 mantis<1.2.18 cross-site-scripting http://seclists.org/oss-sec/2014/q4/617 mantis<1.2.18 multiple-vulnerabilities http://seclists.org/oss-sec/2014/q4/577 mantis<1.2.18 sensitive-information-disclosure http://seclists.org/oss-sec/2014/q4/623 mantis<1.2.18 sql-injection http://seclists.org/oss-sec/2014/q4/795 p5-Plack<1.0031 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5269 python{26,33}-[0-9]* arbitrary-code-execution http://bugs.python.org/issue22885 python27<2.7.9nb1 arbitrary-code-execution http://bugs.python.org/issue22885 python34<3.4.3 arbitrary-code-execution http://bugs.python.org/issue22885 libyaml<0.1.6 denial-of-service http://www.openwall.com/lists/oss-security/2014/11/28/1 p5-YAML-LibYAML<0.54 denial-of-service http://www.openwall.com/lists/oss-security/2014/11/28/1 graphviz<2.38.0nb3 format-string https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9157 p5-Mojolicious<5.48 parameter-injection http://advisories.mageia.org/MGASA-2014-0488.html libjpeg-turbo<1.4.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9092 jasper<1.900.1nb8 arbitrary-code-execution http://www.ocert.org/advisories/ocert-2014-009.html nss<3.17.3 security-bypass https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.3_release_notes phpmyadmin<4.2.13.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-18.php phpmyadmin<4.2.13.1 denial-of-service http://www.phpmyadmin.net/home_page/security/PMASA-2014-17.php wpa_supplicant<2.3 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3686 mutt<1.5.23nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9116 gettext-tools<0.19.4 denial-of-service https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769901 opera<26 multiple-vulnerabilities http://www.opera.com/docs/changelogs/unified/2600/ firefox>=33<34 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox34 seamonkey<2.31 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/seamonkey/#seamonkey2.31 thunderbird<31.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.3 firefox31>=31<31.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.3 openvpn<2.3.6 denial-of-service https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-97597e732b mpfr<3.1.2pl11 buffer-overflow http://www.mpfr.org/mpfr-3.1.2/#p11 getmail>=4.0.0<4.43.0 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7273 getmail>=4.44.0<4.45.0 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7274 getmail>=4.0.0<4.44.0 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7275 qemu<2.2.0 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8106 bind>=9.0<9.9.6pl1 denial-of-service https://kb.isc.org/article/AA-01216/74/CVE-2014-8500 bind>=9.10<9.10.1pl1 denial-of-service https://kb.isc.org/article/AA-01216/74/CVE-2014-8500 ap{22,24}-py{34,33,27,26}-wsgi<4.2.4 security-bypass http://modwsgi.readthedocs.org/en/latest/release-notes/version-4.2.4.html xenkernel42<4.2.5nb3 denial-of-service http://xenbits.xenproject.org/xsa/advisory-114.html adobe-flash-plugin<11.2.202.425 arbitrary-code-execution http://helpx.adobe.com/security/products/flash-player/apsb14-27.html binutils<2.25 multiple-vulnerabilities https://sourceware.org/bugzilla/show_bug.cgi?id=17510 binutils<2.25 multiple-vulnerabilities https://sourceware.org/bugzilla/show_bug.cgi?id=17552 php{53,54,55,56}-concrete5<5.7.4.2 cross-site-scripting http://morxploit.com/morxploits/morxconxss.txt ghostscript-gpl<9.06nb3 arbitrary-code-execution http://www.ocert.org/advisories/ocert-2014-009.html asterisk>=11.0<11.14.2 denial-of-service http://downloads.asterisk.org/pub/security/AST-2014-019.html asterisk>=12.0<12.7.2 denial-of-service http://downloads.asterisk.org/pub/security/AST-2014-019.html asterisk>=13.0<13.0.2 denial-of-service http://downloads.asterisk.org/pub/security/AST-2014-019.html modular-xorg-server<1.12.4nb6 multiple-vulnerabilities http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/ pdns-recursor<3.6.2 denial-of-service https://doc.powerdns.com/md/security/powerdns-advisory-2014-02/ unbound<1.4.22nb1 denial-of-service http://www.unbound.net/downloads/CVE-2014-8602.txt libxml2<2.9.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660 suse{,32}_libxml2-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660 file<5.21 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116 file<5.21 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117 ffmpeg2<2.5 multiple-vulnerabilities http://ffmpeg.org/security.html typo3>=4.5.0<4.5.37 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-002/ typo3>=4.7.0<4.7.20 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-002/ typo3>=6.1.0<6.1.11 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-002/ typo3>=4.5.0<4.5.39 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003/ typo3>=4.7.0<4.7.21 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003/ typo3>=6.1.0<6.1.12 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003/ rpm<4.11.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6435 rpm<4.12.0.1nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8118 libyaml<0.1.6nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9130 p5-YAML-LibYAML<0.53 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9130 python26-[0-9]* security-bypass http://bugs.python.org/issue22417 python27<2.7.9 security-bypass http://bugs.python.org/issue22417 python33-[0-9]* security-bypass http://bugs.python.org/issue22417 python34<3.4.3 security-bypass http://bugs.python.org/issue22417 suse{,32}_gtk2<13.1nb4 arbitrary-code-execution http://lists.opensuse.org/opensuse-updates/2014-12/msg00062.html git-base<2.2.1 client-code-execution-from-hostile-server http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9390 c-icap<0.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7401 c-icap<0.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7402 ruby{193,200,215}-mcollective<2.5.3 security-bypass http://puppetlabs.com/security/cve/cve-2014-3251 ettercap-[0-9]* multiple-vulnerabilities https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/ heirloom-mailx<12.5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2771 heirloom-mailx<12.5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7844 rrdtool<1.4.9 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2131 ap{22,24}-subversion<1.8.11 denial-of-service http://subversion.apache.org/security/CVE-2014-3580-advisory.txt ap{22,24}-subversion<1.8.11 denial-of-service http://subversion.apache.org/security/CVE-2014-8108-advisory.txt ruby{193,200,215}-puppet<3.7.1 sensitive-information-disclosure http://puppetlabs.com/security/cve/cve-2014-9355 php>=5.4<5.4.36 denial-of-service http://php.net/ChangeLog-5.php#5.4.36 mit-krb5>=1.5<1.10.7nb3 multiple-vulnerabilities http://web.mit.edu/kerberos/krb5-1.12/ libvirt<1.2.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8135 libvirt<1.2.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8136 varnish<3.0.4 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0345 varnish<3.0.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4484 jasper<1.900.1nb9 heap-overflow http://www.ocert.org/advisories/ocert-2014-012.html ghostscript-gpl<9.06nb4 heap-overflow http://www.ocert.org/advisories/ocert-2014-012.html php>=5.5<5.5.20 denial-of-service http://php.net/ChangeLog-5.php#5.5.20 php>=5.6<5.6.4 denial-of-service http://php.net/ChangeLog-5.php#5.6.4 ntp<4.2.8 multiple-vulnerabilities http://www.kb.cert.org/vuls/id/852879 unzip<6.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8139 unzip<6.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8140 unzip<6.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8141 unzip<6.0nb2 denial-of-service http://seclists.org/oss-sec/2014/q4/1131 sox<1.14.2 heap-overflow http://www.ocert.org/advisories/ocert-2014-010.html mediawiki<1.24.1 multiple-vulnerabilities https://www.mediawiki.org/wiki/Release_notes/1.23#MediaWiki_1.23.8 libssh<0.64 multiple-vulnerabilities http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/ exiv2<0.25 heap-overflow http://dev.exiv2.org/issues/960 libsndfile<1.0.25nb2 multiple-vulnerabilities http://secunia.com/advisories/61132 wireshark<1.10.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2015-03.html wireshark<1.10.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2015-04.html wireshark<1.10.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2015-05.html ImageMagick<6.9.0.2 denial-of-service http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26682 ImageMagick<6.9.0.2 denial-of-service http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26699 libreoffice4>=4.3<4.3.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9093 libreoffice4-bin>=4.3<4.3.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9093 apache>=2.4<2.4.10nb3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8109 gnupg2<2.0.26 arbitrary-code-execution http://secunia.com/advisories/61939/ png>=1.5<1.5.21 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9495 png>=1.6<1.6.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9495 png>=1.5<1.5.21 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0973 png>=1.6<1.6.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0973 libevent<2.0.22 integer-overflow https://raw.githubusercontent.com/libevent/libevent/release-2.0.22-stable/ChangeLog arc-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2015-9275 privoxy<3.0.22 multiple-vulnerabilities http://secunia.com/advisories/62123 zoneminder<1.28.0 system-compromise https://github.com/ZoneMinder/ZoneMinder/releases/tag/v1.28.0 curl>=7.31.0<7.39.0nb1 security-bypass http://curl.haxx.se/docs/adv_20150108B.html lftp<4.4.6nb4 ssl-certificate-spoofing https://github.com/lavv17/lftp/issues/116 webmin<1.730 sensitive-information-disclosure http://www.webmin.com/changes.html pwgen<2.07 weak-password-generator http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4440 pwgen<2.07 insufficiently-random-numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4442 mit-krb5<1.10.7nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5353 file<5.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116 file<5.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117 openssl>=0.9.8<0.9.8zd multiple-vulnerabilities http://www.openssl.org/news/secadv_20150108.txt openssl>=1.0.0<1.0.0p multiple-vulnerabilities http://www.openssl.org/news/secadv_20150108.txt openssl>=1.0.1<1.0.1k multiple-vulnerabilities http://www.openssl.org/news/secadv_20150108.txt mantis<1.2.19 multiple-vulnerabilities https://www.mantisbt.org/bugs/changelog_page.php?version_id=238 adobe-flash-plugin<11.2.202.429 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb15-01.html chicken<4.9.0.2 multiple-vulnerabilities http://lists.gnu.org/archive/html/chicken-announce/2015-01/msg00001.html firefox>=34<35 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox35 seamonkey<2.32 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/seamonkey/#seamonkey2.32 thunderbird<31.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.4 firefox31>=31<31.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.4 py{33,32,27}-django>=1.5<1.7.3 multiple-vulnerabilities https://docs.djangoproject.com/en/1.7/releases/1.7.3/ samba>=4<4.1.16 security-bypass https://www.samba.org/samba/security/CVE-2014-8143 asterisk>=12.0<12.8.1 denial-of-service http://downloads.digium.com/pub/security/AST-2015-001.html asterisk>=13.0<13.1.1 denial-of-service http://downloads.digium.com/pub/security/AST-2015-001.html asterisk>=1.8<1.8.32.2 security-bypass http://downloads.digium.com/pub/security/AST-2015-002.html asterisk>=11.0<11.15.1 security-bypass http://downloads.digium.com/pub/security/AST-2015-002.html asterisk>=12.0<12.8.1 security-bypass http://downloads.digium.com/pub/security/AST-2015-002.html asterisk>=13.0<13.1.1 security-bypass http://downloads.digium.com/pub/security/AST-2015-002.html djvulibre-tools-[0-9]* insecure-temp-file https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775193 xdg-utils>=1.1.0-rc2<1.1.0-rc4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9622 moodle>=2.8<2.8.2 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=278612 moodle>=2.8<2.8.2 cross-site-request-forgery https://moodle.org/mod/forum/discuss.php?d=278613 moodle>=2.8<2.8.2 information-leak https://moodle.org/mod/forum/discuss.php?d=278614 moodle>=2.8<2.8.2 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=278615 moodle>=2.8<2.8.2 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=278616 moodle>=2.8<2.8.2 denial-of-service https://moodle.org/mod/forum/discuss.php?d=278617 kde-workspace-[0-9]* sensitive-information-disclosure https://www.kde.org/info/security/advisory-20150122-2.txt websvn-[0-9]* symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6892 py{34,33,27,26}-Pillow<2.7.0 denial-of-service http://pillow.readthedocs.org/releasenotes/2.7.0.html#png-text-chunk-size-limits ffmpeg2<2.5.2 multiple-vulnerabilities http://ffmpeg.org/security.html mysql-server>=5.5<5.5.42 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL mysql-client>=5.5<5.5.42 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL mysql-server>=5.6<5.6.23 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL mysql-client>=5.6<5.6.23 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL sympa<6.1.24 remote-file-access https://www.sympa.org/security_advisories#security_breaches_in_newsletter_posting_cve-2015-1306 jasper<1.900.1nb10 multiple-vulnerabilities http://www.ocert.org/advisories/ocert-2015-001.html adobe-flash-plugin<11.2.202.438 security-bypass http://helpx.adobe.com/security/products/flash-player/apsb15-02.html adobe-flash-plugin<11.2.202.440 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb15-03.html sun-{jdk,jre}7<7.0.76 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA sun-{jdk,jre}6-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA openjdk7<1.7.76 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA rabbitmq<3.4.1 multiple-vulnerabilities https://www.rabbitmq.com/release-notes/README-3.4.1.txt polarssl-[0-9]* arbitrary-code-execution https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04 bugzilla<4.4.7 multiple-vulnerabilities http://www.bugzilla.org/security/4.0.15/ libvirt<1.2.12 security-bypass http://security.libvirt.org/2015/0001.html webkit-gtk<2.4.8 multiple-vulnerabilities http://webkitgtk.org/security/WSA-2015-0001.html privoxy<3.0.23 multiple-vulnerabilities http://secunia.com/advisories/62147/ clamav<0.98.6 multiple-vulnerabilities http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html adobe-flash-plugin<11.2.202.442 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb15-04.html php{53,54,55}-piwigo<2.5.6 sql-injection http://piwigo.org/forum/viewtopic.php?id=25016 rabbitmq<3.4.3 multiple-vulnerabilities https://www.rabbitmq.com/release-notes/README-3.4.3.txt mit-krb5<1.10.7nb5 multiple-vulnerabilities http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt icu<54.1nb2 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923 icu<54.1nb2 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926 ntp<4.2.8p1 multiple-vulnerabilities http://www.kb.cert.org/vuls/id/852879 squid<3.4.12 security-bypass http://bugs.squid-cache.org/show_bug.cgi?id=4066 squid>=3.5.0<3.5.2 security-bypass http://bugs.squid-cache.org/show_bug.cgi?id=4066 py{34,33,27,26}-requests<2.3.0 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1830 py{34,33,27,26}-requests<2.3.0 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1829 openldap>=2.4.13<2.4.41 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1545 openldap<2.4.41 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1546 moodle<2.8.3 directory-traversal http://www.secunia.com/advisories/62769/ php>=5.4<5.4.36 http-response-splitting http://secunia.com/advisories/62831 php>=5.5<5.5.22 http-response-splitting http://secunia.com/advisories/62831 php>=5.6<5.6.6 http-response-splitting http://secunia.com/advisories/62831 postgresql90-server<9.0.19 multiple-vulnerabilities https://www.postgresql.org/about/news/1569/ postgresql91-server<9.1.15 multiple-vulnerabilities https://www.postgresql.org/about/news/1569/ postgresql92-server<9.2.10 multiple-vulnerabilities https://www.postgresql.org/about/news/1569/ postgresql93-server<9.3.6 multiple-vulnerabilities https://www.postgresql.org/about/news/1569/ postgresql94-server<9.4.1 multiple-vulnerabilities https://www.postgresql.org/about/news/1569/ postgresql90-pgcrypto<9.0.19 buffer-overrun http://secunia.com/advisories/62806 postgresql91-pgcrypto<9.1.15 buffer-overrun http://secunia.com/advisories/62806 postgresql92-pgcrypto<9.2.10 buffer-overrun http://secunia.com/advisories/62806 postgresql93-pgcrypto<9.3.6 buffer-overrun http://secunia.com/advisories/62806 postgresql94-pgcrypto<9.4.1 buffer-overrun http://secunia.com/advisories/62806 ghostscript-gpl<9.06nb4 multiple-vulnerabilities http://www.ocert.org/advisories/ocert-2015-001.html e2fsprogs<1.42.12 heap-overflow http://www.ocert.org/advisories/ocert-2015-002.html vorbis-tools<1.4.0nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9640 apache-tomcat>=7.0<7.0.55 security-bypass http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55 apache-tomcat>=6.0<6.0.43 security-bypass http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.43 modular-xorg-server<1.12.4nb8 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0255 cabextract<1.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9556 ruby{18,193,200,215}-facter<2.4.1 information-leakage http://puppetlabs.com/security/cve/cve-2015-1426 elasticsearch<1.4.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1427 ruby18-base>=1.8.7<1.8.7.374nb2 denial-of-service http://secunia.com/advisories/62920 antiword<0.37nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8123 cups<2.0.2 buffer-overflow https://www.cups.org/str.php?L4551 contao33-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages contao32<3.2.19 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0269 contao33<3.3.7nb1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0269 contao34<3.4.4 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0269 jabberd>=2<999 information-disclosure https://github.com/jabberd2/jabberd2/issues/85 py{25,26,27,33,34}-django<1.6.6 multiple-vulnerabilities http://secunia.com/advisories/60181/ ffmpeg1<1.2.11 multiple-vulnerabilities http://secunia.com/advisories/62968/ ffmpeg2<2.5.2 multiple-vulnerabilities http://secunia.com/advisories/62968/ gnupg2<2.0.27 multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2015/02/13/14 roundcube<1.0.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1433 gcpio<2.13 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1197 sun-j{re,dk}7<7.0.71 multiple-vulnerabilities http://secunia.com/advisories/62516 sudo<1.7.10p9 arbitrary-file-access http://www.sudo.ws/sudo/alerts/tz.html patch>=2.7.1<2.7.3 multiple-vulnerabilities http://seclists.org/oss-sec/2015/q1/189 zoneminder<1.28.1 security-bypass http://secunia.com/advisories/62918/ php>=5.4<5.4.37nb1 multiple-vulnerabilities https://bugs.php.net/bug.php?id=68942 php>=5.5<5.5.21nb1 multiple-vulnerabilities https://bugs.php.net/bug.php?id=68942 php>=5.6<5.6.5nb1 multiple-vulnerabilities https://bugs.php.net/bug.php?id=68942 php{53,54,55,56}-piwigo<2.7.4 sql-injection http://seclists.org/fulldisclosure/2015/Feb/73 bind>=9.7.0<9.9.6pl2 denial-of-service https://kb.isc.org/article/AA-01235/0 bind>=9.10.1<9.10.1pl2 denial-of-service https://kb.isc.org/article/AA-01235/0 cabextract<1.6 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2015-2060 suse{,32}_base<13.1 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235 typo3>=4.5.0<4.5.39 authentication-bypass http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-001/ lame<3.99.5nb2 arbitrary-code-execution http://secunia.com/advisories/62995/ php>=5.4<5.4.37 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231 php>=5.5<5.5.21 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231 php>=5.6<5.6.5 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231 php>=5.4<5.4.36 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9427 php>=5.5<5.5.20 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9427 php>=5.6<5.6.4 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9427 ffmpeg2<2.5.4 unknown http://secunia.com/advisories/62944 ffmpeg1<1.2.12 unknown http://secunia.com/advisories/63009 clamav<0.96.6 denial-of-service http://secunia.com/advisories/62443 sun-{jdk,jre}7>=6.0.85<6.0.86 unspecified http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA sun-{jdk,jre}7>=7.0.72<7.0.73 unspecified http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA mit-krb5<1.10.7nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5355 php>=5.4<5.4.36 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8142 php>=5.5<5.5.20 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8142 php>=5.6<5.6.4 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8142 php>=5.4<5.4.37 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0232 php>=5.5<5.5.21 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0232 php>=5.6<5.6.5 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0232 php>=5.4<5.4.37 out-of-bounds-read https://bugs.php.net/bug.php?id=68735 php>=5.5<5.5.21 out-of-bounds-read https://bugs.php.net/bug.php?id=68735 php>=5.6<5.6.5 out-of-bounds-read https://bugs.php.net/bug.php?id=68735 mysql-client>5.6<5.6.21 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL mysql-server>5.6<5.6.21 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL suse{,32}_krb5-[0-9]* denial-of-service http://www.secunia.com/advisories/62976 openjdk7-bin-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages samba>=3.6<3.6.25 unexpected-code-execution https://www.samba.org/samba/security/CVE-2015-0240 ruby{18,193,200,215}-redcloth-[0-9]* cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6684 xdg-utils<1.1.1 command-injection https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777722 xentools45<4.5.0nb2 unexpected-backend http://xenbits.xen.org/xsa/#XSA-119 xentools42<4.2.5nb3 unexpected-backend http://xenbits.xen.org/xsa/#XSA-119 xentools41-[0-9]* possibly-unexpected-backend http://xenbits.xen.org/xsa/#XSA-119 xentools33-[0-9]* possibly-unexpected-backend http://xenbits.xen.org/xsa/#XSA-119 xentools3-[0-9]* possibly-unexpected-backend http://xenbits.xen.org/xsa/#XSA-119 xentools3-hvm-[0-9]* possibly-unexpected-backend http://xenbits.xen.org/xsa/#XSA-119 xenkernel45<4.5.0nb1 information-leak http://xenbits.xen.org/xsa/advisory-121.html xenkernel42<4.2.5nb4 information-leak http://xenbits.xen.org/xsa/advisory-121.html xenkernel41<4.1.6.1nb14 information-leak http://xenbits.xen.org/xsa/advisory-121.html xenkernel33-[0-9]* information-leak http://xenbits.xen.org/xsa/advisory-121.html xenkernel3-[0-9]* information-leak http://xenbits.xen.org/xsa/advisory-121.html xenkernel45<4.5.0nb1 information-leak http://xenbits.xen.org/xsa/advisory-122.html xenkernel42<4.2.5nb4 information-leak http://xenbits.xen.org/xsa/advisory-122.html xenkernel41<4.1.6.1nb14 information-leak http://xenbits.xen.org/xsa/advisory-122.html xenkernel33-[0-9]* information-leak http://xenbits.xen.org/xsa/advisory-122.html xenkernel3-[0-9]* information-leak http://xenbits.xen.org/xsa/advisory-122.html xenkernel45<4.5.0nb2 memory-corruption http://xenbits.xen.org/xsa/advisory-123.html xenkernel42<4.2.5nb5 memory-corruption http://xenbits.xen.org/xsa/advisory-123.html xenkernel41<4.1.6.1nb15 memory-corruption http://xenbits.xen.org/xsa/advisory-123.html xenkernel33-[0-9]* memory-corruption http://xenbits.xen.org/xsa/advisory-123.html xenkernel3-[0-9]* memory-corruption http://xenbits.xen.org/xsa/advisory-123.html ImageMagick<6.9.0.5 denial-of-service http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26929 ImageMagick<6.9.0.5 denial-of-service http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26931 ImageMagick<6.9.0.5 denial-of-service http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26932 ImageMagick<6.9.0.5 denial-of-service http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26933 suse{,32}_base<13.1nb8 denial-of-service http://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html firefox31>=31<31.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.5 xulrunner31>=31<31.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.5 thunderbird<31.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.5 firefox>=35.0.1<36 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox36 dojo<1.10.3 multiple-vulnerabilities http://dojotoolkit.org/blog/dojo-security-advisory-2014-12-08 p5-gtk2-[0-9]* arbitrary-code-execution https://www.debian.org/security/2015/dsa-3173 rt4<4.2.10 multiple-vulnerabilities http://blog.bestpractical.com/2015/02/rt-4210-released.html rt<3.8.17nb4 multiple-vulnerabilities http://blog.bestpractical.com/2015/02/security-vulnerabilities-in-rt.html tcllib<1.15nb1 cross-site-scripting http://core.tcl.tk/tcllib/tktview/09110adc430de8c91d26015f9697cdd099755e63 tcl-snack-[0-9]* heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6303 glusterfs<3.5.3 denial-of-service https://github.com/gluster/glusterfs/blob/v3.5.3/doc/release-notes/3.5.3.md gnupg<1.4.19 multiple-vulnerabilities http://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000363.html libgcrypt<1.6.3 multiple-vulnerabilities http://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000364.html jenkins<1.596.1 multiple-vulnerabilities https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27 qt4-libs<4.8.6nb4 denial-of-service http://lists.qt-project.org/pipermail/announce/2015-February/000059.html qt5-qtbase<5.4.0nb1 denial-of-service http://lists.qt-project.org/pipermail/announce/2015-February/000059.html unace-[0-9]* buffer-overflow https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775003 gnats<4.2.0 local-privilege-escalation http://permalink.gmane.org/gmane.org.fsf.announce/2284 py{26,27}-rope-[0-9]* remote-code-execution https://github.com/python-rope/rope/issues/105 wireshark<1.10.13 multiple-vulnerabilities https://www.wireshark.org/docs/relnotes/wireshark-1.10.13.html openssl>1.0.2<1.0.2a denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209 openssl>1.0.2<1.0.2a denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288 tcpdump<4.6.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9140 tcpdump<4.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0261 tcpdump<4.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2153 tcpdump<4.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2154 tcpdump<4.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2155 librsvg<2.40.8 denial-of-service https://download.gnome.org/sources/librsvg/2.40/librsvg-2.40.8.news libssh2<1.5.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1782 cups-filters<1.0.66 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4336 cups-filters<1.0.53 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4337 opera<28 unknown-impact http://www.opera.com/docs/changelogs/unified/2800/ suse{,32}_freetype2-<13.1nb2 multiple-vulnerabilities http://www.suse.com/support/update/announcement/2015/suse-su-20150463-1.html adobe-flash-plugin<11.2.202.451 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb15-05.html py{26,27,33,34}-django<1.7.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2241 percona-toolkit<2.2.13 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1027 libXfont<1.5.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1802 libXfont<1.5.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1803 libXfont<1.5.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1804 phpmyadmin<4.3.11.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2015-1.php openssl>0.9.8<0.9.8zf multiple-vulnerabilities https://www.openssl.org/news/secadv_20150319.txt openssl>1.0.0<1.0.0r multiple-vulnerabilities https://www.openssl.org/news/secadv_20150319.txt openssl>1.0.1<1.0.1m multiple-vulnerabilities https://www.openssl.org/news/secadv_20150319.txt openssl>1.0.2<1.0.2a multiple-vulnerabilities https://www.openssl.org/news/secadv_20150319.txt suse{,32}_openssl>=12.1 multiple-vulnerabilities https://www.openssl.org/news/secadv_20150319.txt suse{,32}_openssl>=13.1 multiple-vulnerabilities https://www.openssl.org/news/secadv_20150319.txt binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/ binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/ binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/ avr-binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/ avr-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/ avr-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/ binutils-mips-current<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/ binutils-mips-current<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/ binutils-mips-current<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/ freemint-binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/ freemint-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/ freemint-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/ h8300-elf-binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/ h8300-elf-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/ h8300-elf-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/ h8300-hms-binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/ h8300-hms-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/ h8300-hms-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/ mingw-binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/ mingw-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/ mingw-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/ nios2-binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/ nios2-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/ nios2-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/ cross-binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/ cross-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/ cross-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/ xerces-c<3.1.2 multiple-vulnerabilities http://secunia.com/advisories/63516/ firefox<36.0.3 privilege-escalation https://www.mozilla.org/en-US/security/advisories/mfsa2015-29/ firefox<36.0.4 privilege-escalation https://www.mozilla.org/en-US/security/advisories/mfsa2015-28/ firefox31<31.5.2 privilege-escalation https://www.mozilla.org/en-US/security/advisories/mfsa2015-29/ firefox31<31.5.3 privilege-escalation https://www.mozilla.org/en-US/security/advisories/mfsa2015-28/ seamonkey<2.33.1 privilege-escalation https://www.mozilla.org/en-US/security/advisories/mfsa2015-28/ seamonkey<2.33.1 privilege-escalation https://www.mozilla.org/en-US/security/advisories/mfsa2015-29/ icu<55.1 integer-overflow http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654 nodejs<0.10.37 privilege-escalation http://blog.nodejs.org/2015/03/14/node-v0-10-37-stable tiff<4.0.4beta multiple-vulnerabilities http://advisories.mageia.org/MGASA-2015-0112.html suse{,32}_libtiff>=10.0 multiple-vulnerabilities http://advisories.mageia.org/MGASA-2015-0112.html suse{,32}_libtiff>=12.1 multiple-vulnerabilities http://advisories.mageia.org/MGASA-2015-0112.html suse{,32}_libtiff>=13.1 multiple-vulnerabilities http://advisories.mageia.org/MGASA-2015-0112.html putty<0.64 privacy-leak http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html ffmpeg2<2.5.1 use-after-free http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7933 gnutls<3.1.0 signature-forgery https://nvd.nist.gov/vuln/detail/CVE-2015-0282 gnutls<3.3.13 ssl-certificate-spoofing https://nvd.nist.gov/vuln/detail/CVE-2015-0294 moodle>=2.6<2.6.8 multiple-vulnerabilities http://secunia.com/advisories/62957/ moodle>=2.7<2.7.5 multiple-vulnerabilities http://secunia.com/advisories/62957/ moodle>=3.8<3.8.3 multiple-vulnerabilities http://secunia.com/advisories/62957/ lasso<2.4.1 denial-of-service http://secunia.com/advisories/63310/ cups-filters<1.0.66 remote-code-execution http://secunia.com/advisories/63033/ file<5.21 multiple-vulnerabilities http://secunia.com/advisories/63423/ file<5.22 denial-of-service https://www.debian.org/security/2015/dsa-3196 php>=5.4<5.4.39 multiple-vulnerabilities https://www.debian.org/security/2015/dsa-3195.en.html php>=5.5<5.5.23 multiple-vulnerabilities https://www.debian.org/security/2015/dsa-3195.en.html php>=5.6<5.6.7 multiple-vulnerabilities https://www.debian.org/security/2015/dsa-3195.en.html py{26,27,33,34}-django>=1.4<1.4.20 cross-site-scripting https://www.djangoproject.com/weblog/2015/mar/18/security-releases/ py{26,27,33,34}-django>=1.6<1.6.11 cross-site-scripting https://www.djangoproject.com/weblog/2015/mar/18/security-releases/ py{26,27,33,34}-django>=1.7<1.7.7 cross-site-scripting https://www.djangoproject.com/weblog/2015/mar/18/security-releases/ python27<2.7.7 arbitrary-memory-access http://openwall.com/lists/oss-security/2014/06/24/7 python33<3.3.6 arbitrary-memory-access http://openwall.com/lists/oss-security/2014/06/24/7 python34<3.4.1 arbitrary-memory-access http://openwall.com/lists/oss-security/2014/06/24/7 python33<3.3.4 denial-of-service http://seclists.org/oss-sec/2013/q4/558 python34<3.4.0 denial-of-service http://seclists.org/oss-sec/2013/q4/558 drupal>=6<6.35 spoofing-attacks https://www.drupal.org/SA-CORE-2015-001 drupal>=7<7.35 spoofing-attacks https://www.drupal.org/SA-CORE-2015-001 suse{,32}_base>=10.0<13.1nb9 invalid-file-descriptor-reuse http://www.openwall.com/lists/oss-security/2015/01/28/20 suse{,32}_base>=10.0<13.1nb9 buffer-overrun http://www.openwall.com/lists/oss-security/2015/02/04/1 libzip<0.11.2nb1 integer-overflow http://www.openwall.com/lists/oss-security/2015/03/18/1 py{26,27,34,35,36}-mercurial<3.2.4 command-injection http://chargen.matasano.com/chargen/2015/3/17/this-new-vulnerability-mercurial-command-injection-cve-2014-9462.html php>5.5<5.5.22 use-after-free https://bugs.php.net/bug.php?id=68901 php>5.6<5.6.6 use-after-free https://bugs.php.net/bug.php?id=68901 tor>=0.2.4<0.2.4.26 denial-of-service https://lists.torproject.org/pipermail/tor-talk/2015-March/037281.html tor>=0.2.5<0.2.5.11 denial-of-service https://lists.torproject.org/pipermail/tor-talk/2015-March/037281.html gnupg<1.4.19 sensitive-information-disclosure http://lists.gnupg.org/pipermail/gnupg-users/2015-March/053276.html gnupg2<2.0.27 sensitive-information-disclosure http://lists.gnupg.org/pipermail/gnupg-users/2015-March/053276.html php>=5.4<5.4.39 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.4.39 php>=5.5<5.5.23 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.5.23 php>=5.6<5.6.7 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.7 mono>=3<3.12.1 multiple-vulnerabilities http://seclists.org/oss-sec/2015/q1/869 jenkins<1.596.2 multiple-vulnerabilities https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23 qemu<2.3.0 denial-of-service https://lists.gnu.org/archive/html/qemu-devel/2015-03/msg04894.html suse{,32}_qt4-[0-9]* denial-of-service http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html e2fsprogs<1.42.12 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1572 py{26,27,33,34}-numpy<1.9.2 insecure-temp-file https://github.com/numpy/numpy/commit/0bb46c1448b0d3f5453d5182a17ea7ac5854ee15 libtasn1<4.4 stack-overflow http://lists.gnu.org/archive/html/help-libtasn1/2015-03/msg00002.html nginx>=1.5<1.5.12 heap-overflow http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html nginx>=1.3.15<1.4.7 heap-overflow http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html py{26,27,33,34}-dulwich<0.9.9 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9706 py{26,27,33,34}-dulwich<0.9.9 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0838 shibboleth-sp<2.5.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2684 mailman<2.1.20 input-validation https://mail.python.org/pipermail/mailman-announce/2015-March/000207.html stunnel<5.14 security-bypass http://www.stunnel.org/pipermail/stunnel-announce/2015-March/000096.html subversion<1.8.13 denial-of-service http://subversion.apache.org/security/CVE-2015-0202-advisory.txt ap{22,24}-subversion<1.8.13 denial-of-service http://subversion.apache.org/security/CVE-2015-0248-advisory.txt ap{22,24}-subversion<1.8.13 spoofing http://subversion.apache.org/security/CVE-2015-0251-advisory.txt mediawiki<1.24.2 multiple-vulnerabilities https://www.mediawiki.org/wiki/Release_notes/1.24#MediaWiki_1.24.2 xentools45<4.5.0nb3 denial-of-service http://xenbits.xenproject.org/xsa/advisory-125.html xentools42<4.2.5nb4 denial-of-service http://xenbits.xenproject.org/xsa/advisory-125.html xentools41<4.1.6.1nb7 denial-of-service http://xenbits.xenproject.org/xsa/advisory-125.html xentools33-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-125.html xentools3-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-125.html xentools3-hvm-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-125.html xenkernel45<4.5.0nb3 denial-of-service http://xenbits.xenproject.org/xsa/advisory-126.html xenkernel42<4.2.5nb6 denial-of-service http://xenbits.xenproject.org/xsa/advisory-126.html xenkernel41<4.1.6.1nb16 denial-of-service http://xenbits.xenproject.org/xsa/advisory-126.html xenkernel33-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-126.html xenkernel3-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-126.html apache-cassandra<2.1.4 remote-code-execution http://www.openwall.com/lists/oss-security/2015/04/01/6 firefox<37 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox37 firefox<37.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox37.0.1 firefox31<31.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.6 thunderbird<31.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.6 tor<0.2.5.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2928 ntp<4.2.8p2 spoofing-attacks http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1798 ntp<4.2.8p2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1799 pigz<2.3.3 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1191 chrony<1.31.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1853 asterisk>=1.8<1.8.32.3 man-in-the-middle http://downloads.digium.com/pub/security/AST-2015-003.html asterisk>=11.0<11.17.1 man-in-the-middle http://downloads.digium.com/pub/security/AST-2015-003.html asterisk>=12.0<12.8.2 man-in-the-middle http://downloads.digium.com/pub/security/AST-2015-003.html asterisk>=13.0<13.3.2 man-in-the-middle http://downloads.digium.com/pub/security/AST-2015-003.html dpkg<1.16.16 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0840 icecast<2.4.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3026 php55-gd<5.5.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9709 php56-gd<5.6.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9709 gd<2.1.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9709 arj<3.10.22nb2 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0556 arj<3.10.22nb2 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0557 arj<3.10.22nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2782 coreutils<8.22nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9471 less<475 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9488 gtk3+<3.11.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1949 erlang<17.0 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1693 xlockmore{,-lite}<5.45 security-bypass http://calypso.tux.org/pipermail/xlock-announce/2014/000059.html jetty-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0254 wesnoth<1.12.2 remote-file-read https://bugs.mageia.org/show_bug.cgi?id=15685 php{53,54,55,56}-orangehrm-[0-9]* multiple-vulnerabilities http://www.securityfocus.com/archive/1/535245 tor>=0.2.4.0<0.2.4.27 multiple-vulnerabilities https://blog.torproject.org/blog/tor-02512-and-0267-are-released tor>=0.2.5.0<0.2.5.12 multiple-vulnerabilities https://blog.torproject.org/blog/tor-02512-and-0267-are-released socat<1.7.3.0 denial-of-service http://www.dest-unreach.org/socat/contrib/socat-secadv6.txt xenkernel45<4.5.0nb4 denial-of-service http://xenbits.xen.org/xsa/advisory-127.html xenkernel33-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-125.html xenkernel41<4.1.6.1nb16 denial-of-service http://xenbits.xen.org/xsa/advisory-125.html xenkernel42<4.2.5nb6 denial-of-service http://xenbits.xen.org/xsa/advisory-125.html xenkernel45<4.5.0nb3 denial-of-service http://xenbits.xen.org/xsa/advisory-125.html libX11<1.6.0 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7439 chrony<1.31.1 multiple-vulnerabilities https://www.debian.org/security/2015/dsa-3222 php>=5.4<5.4.40 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.4.40 php>=5.5<5.5.24 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.5.24 php>=5.6<5.6.8 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.8 qt4-libs<4.8.7 multiple-vulnerabilities http://lists.qt-project.org/pipermail/announce/2015-April/000067.html qt5-libs<5.4.2 multiple-vulnerabilities http://lists.qt-project.org/pipermail/announce/2015-April/000067.html suse{,32}_qt4-[0-9]* multiple-vulnerabilities http://lists.qt-project.org/pipermail/announce/2015-April/000067.html adobe-flash-plugin<11.2.202.457 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-06.html ruby200-base<2.0.0p645 ssl-cert-spoofing https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ ruby21-base<2.1.6 ssl-cert-spoofing https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ ruby22-base<2.2.2 ssl-cert-spoofing https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ libX11<1.5.1 multiple-vulnerabilities http://www.x.org/wiki/Development/Security/Advisory-2015-03-17/ sun-{jdk,jre}6-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA sun-{jdk,jre}7-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA openjdk7<1.7.80 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA openjdk8<1.8.45 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA libxml2<2.9.2nb2 denial-of-service https://bugzilla.redhat.com/show_bug.cgi?id=1211278 #not applicable: mod_copy not enabled and no option to enable it #proftpd-[0-9]* security-bypass http://bugs.proftpd.org/show_bug.cgi?id=4169 sqlite3<3.8.9 multiple-vulnerabilities http://lcamtuf.blogspot.dk/2015/04/finding-bugs-in-sqlite-easy-way.html suse{,32}_sqlite3-[0-9]* multiple-vulnerabilities http://lcamtuf.blogspot.dk/2015/04/finding-bugs-in-sqlite-easy-way.html icecast<2.4.2 denial-of-service http://lists.xiph.org/pipermail/icecast-dev/2015-April/002460.html ruby18-rest-client<1.7.3 sensitive-information-exposure https://github.com/rest-client/rest-client/issues/349 ruby193-rest-client<1.7.3 sensitive-information-exposure https://github.com/rest-client/rest-client/issues/349 ruby200-rest-client<1.7.3 sensitive-information-exposure https://github.com/rest-client/rest-client/issues/349 ruby215-rest-client<1.7.3 sensitive-information-exposure https://github.com/rest-client/rest-client/issues/349 gst-plugins0.10-bad-[0-9]* arbitrary-code-execution https://www.debian.org/security/2015/dsa-3225 pppd<2.4.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3310 gnutls<3.3.14 arbitrary-code-execution http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/8077 libksba<1.3.3 multiple-vulnerabilities https://blog.fuzzing-project.org/7-Multiple-vulnerabilities-in-GnuPG,-libksba-and-GpgOL-TFPA-0032015.html openssl>=1.0.2<1.0.2d multiple-vulnerabilities http://www.securityfocus.com/archive/1/535303 suse{,32}_openssl<1.0.2d multiple-vulnerabilities http://www.securityfocus.com/archive/1/535303 mysql-server>=5.5<5.5.43 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL mysql-client>=5.5<5.5.43 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL libxml2<2.9.2nb3 arbitrary-memory-access https://bugzilla.gnome.org/show_bug.cgi?id=746048 firefox<37.0.2 arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2015-45/ p5-Module-Signature<0.75 multiple-vulnerabilities http://seclists.org/oss-sec/2015/q2/59 xenkernel42<4.2.5nb8 sensitive-information-exposure http://xenbits.xenproject.org/xsa/advisory-132.html xenkernel45<4.5.1 sensitive-information-exposure http://xenbits.xenproject.org/xsa/advisory-132.html curl>=7.37.0<7.42.0 security-bypass http://curl.haxx.se/docs/adv_20150422A.html curl>=7.10.6<7.42.0 security-bypass http://curl.haxx.se/docs/adv_20150422B.html curl>=7.10.6<7.42.0 arbitrary-memory-access http://curl.haxx.se/docs/adv_20150422C.html curl>=7.37.0<7.42.0 arbitrary-memory-access http://curl.haxx.se/docs/adv_20150422D.html wordpress<4.1.2 multiple-vulnerabilities https://wordpress.org/news/2015/04/wordpress-4-1-2/ php{53,54,55}-ja-wordpress<4.1.2 multiple-vulnerabilities https://wordpress.org/news/2015/04/wordpress-4-1-2/ salt<2014.7.4 symlink-attack http://docs.saltstack.com/en/latest/topics/releases/2014.7.4.html net-snmp<5.7.3nb1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2015-5621 wpa_supplicant>=1.0<2.5 heap-overflow http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt dnsmasq<2.73rc4 arbitrary-memory-access https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1502/ pdns-recursor<3.7.2 denial-of-service http://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ powerdns<3.4.4 denial-of-service http://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ file<5.22nb1 denial-of-service https://github.com/file/file/commit/3046c231e1a2fcdd5033bea0603c23f435a00bd7 t1utils<1.39 buffer-overflow https://github.com/kohler/t1utils/issues/4 magento-[0-9]* multiple-vulnerabilities http://blog.checkpoint.com/2015/04/20/analyzing-magento-vulnerability/ libreoffice4<4.4.2.2 arbitrary-code-execution https://www.libreoffice.org/about-us/security/advisories/cve-2015-1774/ libreoffice4-bin<4.4.2 arbitrary-code-execution https://www.libreoffice.org/about-us/security/advisories/cve-2015-1774/ wordpress<4.2.2 cross-site-scripting https://wordpress.org/news/2015/05/wordpress-4-2-2/ php{53,54,55}-ja-wordpress<4.2.2 cross-site-scripting https://wordpress.org/news/2015/05/wordpress-4-2-2/ librsync<1.0.0 weak-hash https://github.com/librsync/librsync/issues/5 elasticsearch>1.4<=1.4.4 directory-traversal https://www.elastic.co/blog/elasticsearch-1-5-2-and-1-4-5-released elasticsearch>1.5<=1.5.2 directory-traversal https://www.elastic.co/blog/elasticsearch-1-5-2-and-1-4-5-released glusterfs<3.5.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3619 glusterfs-3.6.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3619 ffmpeg<2.6.2 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3395 horde<5.2.5 cross-site-scripting http://lists.horde.org/archives/announce/2015/001088.html imp<6.2.8 cross-site-scripting http://lists.horde.org/archives/announce/2015/001089.html mysql-client<5.7.3 ssl-downgrade http://www.ocert.org/advisories/ocert-2015-003.html libarchive<3.1.2nb1 denial-of-service https://github.com/libarchive/libarchive/issues/502 clamav<0.98.7 multiple-vulnerabilities http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html testdisk<7.0 multiple-vulnerabilities http://www.cgsecurity.org/wiki/TestDisk_7.0_Release libtasn1<4.5 heap-overflow https://lists.gnu.org/archive/html/help-libtasn1/2015-04/msg00000.html squid<3.5.4 ssl-cert-spoofing http://www.squid-cache.org/Advisories/SQUID-2015_1.txt curl>=7.1<7.42.1 sensitive-information-exposure http://curl.haxx.se/docs/adv_20150429.html libssh<0.65 double-free https://www.libssh.org/2015/04/30/libssh-0-6-5-security-and-bugfix-release/ p5-XML-LibXML<2.0119 remote-file-read http://seclists.org/oss-sec/2015/q2/313 mariadb-server<5.5.43 multiple-vulnerabilities https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ pound<2.7 man-in-the-middle-attack https://www.debian.org/security/2015/dsa-3253 apache-tomcat>=6.0<6.0.44 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230 apache-tomcat>=7.0<7.0.55 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230 apache-tomcat>=8.0<8.0.9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230 salt<2015.5.0 multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2015/05/02/1 wpa_supplicant<2.5 multiple-vulnerabilities http://seclists.org/bugtraq/2015/May/77 icu<55.1 multiple-vulnerabilities https://raw.githubusercontent.com/pedrib/PoC/master/generic/i-c-u-fail.txt postgresql9{0,1,2,3,4}-postgis2<2.1.3 security-bypass http://postgis.net/2014/05/19/postgis-2.0.6_and_2.1.3 libraw<0.16.1 denial-of-service http://www.ocert.org/advisories/ocert-2015-006.html ruby{193,200,215}-redcarpet<3.2.3 cross-site-scripting http://openwall.com/lists/oss-security/2015/04/07/11 dcraw-[0-9]* denial-of-service http://www.ocert.org/advisories/ocert-2015-006.html gimp-ufraw-[0-9]* denial-of-service http://www.ocert.org/advisories/ocert-2015-006.html adobe-flash-plugin<11.2.202.460 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-09.html wireshark<1.10.14 multiple-vulnerabilities https://www.wireshark.org/docs/relnotes/wireshark-1.10.14.html firefox<38.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox38 firefox31<31.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.7 firefox36-[0-9]* multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/ thunderbird<31.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7 firefox24-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages thunderbird24-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages openssh<6.6.1nb6 heap-overflow http://www.openwall.com/lists/oss-security/2015/05/16/3 php{54,55,56}-concrete5<5.7.4 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2250 testdisk<7.0 multiple-vulnerabilities http://www.cgsecurity.org/wiki/TestDisk_7.0_Release p5-Module-Signature<0.75 multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2015/04/07/1 phpmyadmin<4.3.13.1 man-in-the-middle-attack http://www.phpmyadmin.net/home_page/security/PMASA-2015-3.php qemu<2.2.1nb1 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3456 qemu>=2.3.0<2.3.0nb1 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3456 xentools42<4.2.5nb5 privilege-escalation http://xenbits.xen.org/xsa/advisory-133.html xentools45<4.5.0nb4 privilege-escalation http://xenbits.xen.org/xsa/advisory-133.html apache-tomcat>=6.0<6.0.44 local-security-bypass http://mail-archives.us.apache.org/mod_mbox/www-announce/201505.mbox/%3C5554AB1C.7050606@apache.org%3E apache-tomcat>=7.0<7.0.59 local-security-bypass http://mail-archives.us.apache.org/mod_mbox/www-announce/201505.mbox/%3C5554AB1C.7050606@apache.org%3E apache-tomcat>=8.0<8.0.18 local-security-bypass http://mail-archives.us.apache.org/mod_mbox/www-announce/201505.mbox/%3C5554AB1C.7050606@apache.org%3E php>=5.4<5.4.41 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.4.41 php>=5.5<5.5.25 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.5.25 php>=5.6<5.6.9 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.9 qemu<2.3.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9718 qemu<2.3.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2756 fcgi<2.4.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6687 ipsec-tools<0.7.3nb3 null-dereference https://www.altsci.com/ipsec/ipsec-tools-sa.html zeromq<4.0.6 protocol-downgrade https://www.debian.org/security/2015/dsa-3255 zeromq>=4.1.0<4.1.1 protocol-downgrade https://www.debian.org/security/2015/dsa-3255 moodle>=2.8<2.8.6 multiple-vulnerabilities http://secunia.com/advisories/64167/ moodle>=2.7<2.7.8 multiple-vulnerabilities http://secunia.com/advisories/64167/ moodle>=2.6<2.6.11 multiple-vulnerabilities http://secunia.com/advisories/64167/ avidemux-[0-9]* multiple-vulnerabilities http://advisories.mageia.org/MGASA-2015-0233.html libntfs-[0-9]* privilege-escalation https://www.debian.org/security/2015/dsa-3268 fuse-ntfs-3g-[0-9]* privilege-escalation https://www.debian.org/security/2015/dsa-3268 postgresql90-server<9.0.20 multiple-vulnerabilities http://www.postgresql.org/about/news/1587/ postgresql91-server<9.1.16 multiple-vulnerabilities http://www.postgresql.org/about/news/1587/ postgresql92-server<9.2.11 multiple-vulnerabilities http://www.postgresql.org/about/news/1587/ postgresql93-server<9.3.7 multiple-vulnerabilities http://www.postgresql.org/about/news/1587/ postgresql94-server<9.4.2 multiple-vulnerabilities http://www.postgresql.org/about/news/1587/ pgbouncer<1.5.5 denial-of-service http://pgbouncer.github.io/2015/04/pgbouncer-1-5-5/ cups<2.0.3 privilege-escalation http://www.cups.org/str.php?L4609 php>=5.4<5.4.42nb1 use-after-free https://bugs.php.net/bug.php?id=69737 php>=5.5<5.5.26nb1 use-after-free https://bugs.php.net/bug.php?id=69737 php>=5.6<5.6.10nb1 use-after-free https://bugs.php.net/bug.php?id=69737 elasticsearch<1.6.0 unknown-impact https://www.elastic.co/blog/elasticsearch-1-6-0-released concrete5<5.7.4.1 sql-injection http://karmainsecurity.com/KIS-2015-03 concrete5<5.7.4 cross-site-scripting http://karmainsecurity.com/KIS-2015-02 concrete5<5.7.4 remote-code-execution http://karmainsecurity.com/KIS-2015-01 openssl>1.0.1<1.0.1n multiple-vulnerabilities https://www.openssl.org/news/secadv_20150611.txt openssl>1.0.2<1.0.2b multiple-vulnerabilities https://www.openssl.org/news/secadv_20150611.txt suse{,32}_openssl-[0-9]* multiple-vulnerabilities https://www.openssl.org/news/secadv_20150611.txt jdbc-mysql<5.1.35 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2575 xentools42<4.2.5nb12 heap-overflow http://xenbits.xen.org/xsa/advisory-135.html xentools45<4.5.3 heap-overflow http://xenbits.xen.org/xsa/advisory-135.html qemu<2.4.0 heap-overflow https://lists.gnu.org/archive/html/qemu-devel/2015-06/msg02847.html qemu<2.4.0 denial-of-service http://www.openwall.com/lists/oss-security/2015/05/23/4 xentools33-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-128.html xentools41-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-128.html xentools42<4.2.5nb12 denial-of-service http://xenbits.xen.org/xsa/advisory-128.html xentools45<4.5.1 denial-of-service http://xenbits.xen.org/xsa/advisory-128.html xentools33-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-129.html xentools41-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-129.html xentools42<4.2.5nb12 denial-of-service http://xenbits.xen.org/xsa/advisory-129.html xentools45<4.5.1 denial-of-service http://xenbits.xen.org/xsa/advisory-129.html xentools33-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-130.html xentools41-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-130.html xentools42<4.2.5nb12 denial-of-service http://xenbits.xen.org/xsa/advisory-130.html xentools45<4.5.1 denial-of-service http://xenbits.xen.org/xsa/advisory-130.html xentools33-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-131.html xentools41-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-131.html xentools42<4.2.5nb12 denial-of-service http://xenbits.xen.org/xsa/advisory-131.html xentools45<4.5.1 denial-of-service http://xenbits.xen.org/xsa/advisory-131.html xentools3-[0-9]* null-dereference http://xenbits.xen.org/xsa/advisory-136.html xentools33-[0-9]* null-dereference http://xenbits.xen.org/xsa/advisory-136.html xentools41-[0-9]* null-dereference http://xenbits.xen.org/xsa/advisory-136.html xentools42<4.2.5nb12 null-dereference http://xenbits.xen.org/xsa/advisory-136.html xenkernel42<4.2.5nb8 null-dereference http://xenbits.xen.org/xsa/advisory-136.html xentools45<4.5.1 null-dereference http://xenbits.xen.org/xsa/advisory-136.html xenkernel45<4.5.1 null-dereference http://xenbits.xen.org/xsa/advisory-136.html ffmpeg2<2.6.2 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3395 ffmpeg2<2.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3417 sqlite3<3.8.9 stack-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3416 p7zip-9.20.1 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1038 suse{,32}_base>=13.1<13.1nb9 privilege-escalation http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00020.html drupal>=6<6.36 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2015-002 drupal>=7<7.38 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2015-002 cacti<0.8.8d sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2665 libmimedir-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3205 wpa_supplicant<2.5 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4141 wpa_supplicant<2.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4146 wpa_supplicant<2.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4145 xentools42<4.2.5nb12 null-dereference http://xenbits.xen.org/xsa/advisory-134.html xenkernel42<4.2.5nb8 null-dereference http://xenbits.xen.org/xsa/advisory-134.html xentools45<4.5.1 null-dereference http://xenbits.xen.org/xsa/advisory-134.html xenkernel45<4.5.1 null-dereference http://xenbits.xen.org/xsa/advisory-134.html wpa_supplicant<2.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4142 wpa_supplicant<2.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4143 adobe-flash-plugin<11.2.202.466 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-11.html libxml2<2.9.2 denial-of-service https://git.gnome.org/browse/libxml2/commit/?id=9cd1c3cfbd32655d60572c0a413e017260c854df nginx>=1.6<1.6.2 man-in-the-middle-attack http://mailman.nginx.org/pipermail/nginx-announce/2014/000147.html nginx>=1.7<1.7.5 man-in-the-middle-attack http://mailman.nginx.org/pipermail/nginx-announce/2014/000147.html mantis<1.2.16 multiple-vulnerabilities http://www.mantisbt.org/blog/?p=275 freeradius<2.2.8 invalid-crl-checks http://www.ocert.org/advisories/ocert-2015-008.html adobe-flash-plugin<11.2.202.468 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-14.html curl<7.43.0 sensitive-information-exposure http://curl.haxx.se/docs/adv_20150617A.html curl<7.43.0 sensitive-information-exposure http://curl.haxx.se/docs/adv_20150617B.html wireshark<1.12.6 multiple-vulnerabilities https://www.wireshark.org/docs/relnotes/wireshark-1.12.6.html ruby{18,193,200,215}-rubygems<2.4.8 remote-hijacking https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4020 cryptopp-[0-9]* sensitive-information-exposure http://www.mail-archive.com/cryptopp-users@googlegroups.com/msg07835.html haproxy<1.5.14 information-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3281 openssl<1.0.1o signature-forgery https://www.openssl.org/news/secadv_20150709.txt openssl>1.0.2<1.0.2c signature-forgery https://www.openssl.org/news/secadv_20150709.txt suse{,32}_openssl<1.0.2c signature-forgery https://www.openssl.org/news/secadv_20150709.txt geeklog>=2.1.0<2.1.0nb1 cross-site-scripting https://www.geeklog.net/article.php/file-manager-vulnerability contao34-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages libwmf<0.2.8.4nb16 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0848 libwmf<0.2.8.4nb16 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4696 fuse>=2.0<2.9.4 arbitrary-file-overwrite https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3202 libwmf<0.2.8.4nb16 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4695 libwmf<0.2.8.4nb16 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4588 firefox<39 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox39 firefox31<31.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.8 firefox38<38.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.1 thunderbird<38.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.1 thunderbird31-[0-9]* multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.8 nss<3.19.1 ssl-downgrade https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes bind>=9.7.1<9.9.7pl1 denial-of-service https://kb.isc.org/article/AA-01267 bind>=9.10.1<9.10.2pl2 denial-of-service https://kb.isc.org/article/AA-01267 adobe-flash-plugin<11.2.202.481 use-after-free https://helpx.adobe.com/security/products/flash-player/apsb15-16.html cups-filters<1.0.71 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3279 cups-filters<1.0.70 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3258 ntp<4.2.8p3 multiple-vulnerabilities http://bugs.ntp.org/show_bug.cgi?id=2853 nodejs<0.12.6 memory-corruption http://blog.nodejs.org/2015/07/03/node-v0-12-6-stable/ adobe-flash-plugin<11.2.202.491 remote-hijacking https://helpx.adobe.com/security/products/flash-player/apsa15-04.html py{26,27,33,34}-django>=1.4<1.4.21 multiple-vulnerabilities https://www.djangoproject.com/weblog/2015/jul/08/security-releases/ py{26,27,33,34}-django>=1.7<1.7.9 multiple-vulnerabilities https://www.djangoproject.com/weblog/2015/jul/08/security-releases/ py{26,27,33,34}-django>=1.8<1.8.3 multiple-vulnerabilities https://www.djangoproject.com/weblog/2015/jul/08/security-releases/ cacti<0.8.8d cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2967 ruby{18,193,200,21,22}-redcarpat<3.3.2 stack-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5147 elasticsearch<1.6.1 remote-code-execution https://discuss.elastic.co/t/elasticsearch-remote-code-execution-cve-2015-5377/25736 elasticsearch>=1.0.0<1.6.1 directory-traversal https://discuss.elastic.co/t/elasticsearch-directory-traversal-vulnerability-cve-2015-5531/25737 mysql-server>=5.5<5.5.44 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL mysql-client>=5.5<5.5.44 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL mysql-server>=5.6<5.6.25 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL mysql-client>=5.6<5.6.25 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL db5-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixBDB sun-{jdk,jre}7-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA oracle-{jdk,jre}8<8.0.51 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA openjdk7-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA openjdk8<1.8.51 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA xentools41-[0-9]* privilege-escalation http://xenbits.xen.org/xsa/advisory-137.html xentools42<4.2.5nb12 privilege-escalation http://xenbits.xen.org/xsa/advisory-137.html xentools45<4.5.1nb5 privilege-escalation http://xenbits.xen.org/xsa/advisory-137.html tidy>=20000804<20091027nb6 multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2015/07/15/3 apache>=2.2<2.2.31 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3183 apache>=2.4<2.4.14 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3183 apache>=2.4<2.4.14 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3185 cacti<0.8.8e sql-injection http://www.openwall.com/lists/oss-security/2015/07/18/4 openssh<6.9.1nb1 brute-force-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5600 expat<2.1.0nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1283 bind>=9.7.1<9.9.7pl2 denial-of-service https://kb.isc.org/article/AA-01272 bind>=9.10.1<9.10.2pl3 denial-of-service https://kb.isc.org/article/AA-01272 dhcpcd<6.2.0 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7912 dhcpcd<6.10.2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7913 xmltooling<1.5.5 denial-of-service http://shibboleth.net/community/advisories/secadv_20150721.txt opensaml<2.5.5 denial-of-service http://shibboleth.net/community/advisories/secadv_20150721.txt wordpress<4.2.1 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3440 php{54,55,56}-ja-wordpress<4.2.3 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5622 php{54,55,56}-ja-wordpress<4.2.3 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5623 wordpress<4.2.3 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5622 wordpress<4.2.3 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5623 squid<3.5.6 security-bypass http://www.squid-cache.org/Advisories/SQUID-2015_2.txt ruby{18,193,200,21,22}-redmine<3.1.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3227 ruby{18,193,200,21,22}-redmine<3.1.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3226 ruby{18,193,200,21,22}-activesupport-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3226 ruby{18,193,200,21,22}-rack<1.5.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3225 ruby{18,193,200,21,22}-rack>=1.6<1.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3225 nbpatch<20151107 arbitrary-code-execution https://www.freebsd.org/security/advisories/FreeBSD-SA-15:14.bsdpatch.asc openafs<1.6.13 sensitive-information-disclosure http://www.openafs.org/pages/security/OPENAFS-SA-2015-001.txt openafs<1.6.13 remote-code-execution http://www.openafs.org/pages/security/OPENAFS-SA-2015-002.txt openafs<1.6.13 sensitive-information-disclosure http://www.openafs.org/pages/security/OPENAFS-SA-2015-003.txt openafs<1.6.13 denial-of-service http://www.openafs.org/pages/security/OPENAFS-SA-2015-004.txt openafs<1.6.13 authentication-bypass http://www.openafs.org/pages/security/OPENAFS-SA-2015-005.txt openafs<1.6.13 denial-of-service http://www.openafs.org/pages/security/OPENAFS-SA-2015-006.txt ghostscript-gpl<9.06nb7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3228 ghostscript-agpl<9.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3228 wordpress<4.2.2 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3429 php{54,55,56}-ja-wordpress<4.2.2 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3429 openssh<6.9 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5352 wordpress<4.1.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3438 php{54,55,56}-ja-wordpress<4.1.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3438 suse_openldap<13.1nb1 denial-of-service https://www.suse.com/security/cve/CVE-2015-1546.html firefox<40.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40 firefox38<38.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.2 adobe-flash-plugin<11.2.202.508 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-19.html libxml2<2.9.2nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819 gnutls<2.9.10 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8155 vlc<2.2.0 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9743 openssh<7.0 privilege-escalation http://seclists.org/fulldisclosure/2015/Aug/54 ap24-subversion<1.8.14 information-disclosure http://subversion.apache.org/security/CVE-2015-3184-advisory.txt ap{22,24}-subversion<1.8.14 information-disclosure http://subversion.apache.org/security/CVE-2015-3187-advisory.txt gdk-pixbuf2<2.30.8nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4491 rt4<4.2.12 multiple-vulnerabilities https://bestpractical.com/release-notes/rt/4.2.12 xentools42<4.2.5nb12 privilege-escalation http://xenbits.xen.org/xsa/advisory-139.html xentools45<4.5.1nb5 privilege-escalation http://xenbits.xen.org/xsa/advisory-139.html xentools42<4.2.5nb12 arbitrary-code-execution http://xenbits.xen.org/xsa/advisory-138.html xentools45<4.5.1nb5 arbitrary-code-execution http://xenbits.xen.org/xsa/advisory-138.html xentools42<4.2.5nb12 information-disclosure http://xenbits.xen.org/xsa/advisory-140.html xentools45<4.5.1nb5 information-disclosure http://xenbits.xen.org/xsa/advisory-140.html ansible<1.9.2 ssl-cert-spoofing http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3908 jabberd>=2<999 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2058 clutter<1.16.2 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3213 libidn<1.31 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2059 firefox<38.0 arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2015-93/ firefox38<38.2.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.2 py{27,33,34}-django>=1.8<1.8.4 denial-of-service https://www.djangoproject.com/weblog/2015/aug/18/security-releases/ vlc<2.2.2 arbitrary-code-execution http://www.ocert.org/advisories/ocert-2015-009.html gnutls<3.3.17 double-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6251 thunderbird<38.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.2 xfsprogs<3.2.4 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2150 mantis<1.2.18 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8987 drupal>=6<6.37 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2015-003 drupal>=7<7.39 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2015-003 wireshark<1.12.7 multiple-vulnerabilities https://www.wireshark.org/docs/relnotes/wireshark-1.12.7.html qemu<2.4.0 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4037 firefox<40.0.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40.0.3 firefox38<38.2.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.2.1 bind>=9.0.0<9.9.7pl2nb1 denial-of-service https://kb.isc.org/article/AA-01287/0 bind>=9.9.7<9.9.7pl2nb1 denial-of-service https://kb.isc.org/article/AA-01291/0 bind>=9.10.0<9.10.2pl3nb1 denial-of-service https://kb.isc.org/article/AA-01287/0 bind>=9.10.2<9.10.2pl3nb1 denial-of-service https://kb.isc.org/article/AA-01291/0 qemu<2.3.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3214 screen<4.3.1 stack-overflow https://savannah.gnu.org/bugs/?45713 ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6818 ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6826 ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6819 ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6825 ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6824 ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6823 ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6821 ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6822 ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6820 xentools44-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-141.html xentools45<4.5.3 denial-of-service http://xenbits.xen.org/xsa/advisory-141.html openslp<1.2.1nb8 denial-of-service https://security-tracker.debian.org/tracker/CVE-2015-5177 rt4<4.2.12 code-injection http://blog.bestpractical.com/2015/08/rt-4212-released.html libvdpau<1.1.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5198 libvdpau<1.1.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5199 libvdpau<1.1.1 arbitrary-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5200 openldap-server<2.4.43 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6908 magento-[0-9]* input-validation http://www.vulnerability-lab.com/get_content.php?id=1570 magento<1.9.2.1 file-inclusion https://nvd.nist.gov/vuln/detail/CVE-2015-6497 powerdns>=3.4.0<3.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5230 mediawiki>=1.23.0<1.23.10 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7444 mediawiki>=1.24.0<1.24.3 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7444 mediawiki>=1.25.0<1.25.2 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7444 mediawiki>=1.23.0<1.23.10 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6727 mediawiki>=1.24.0<1.24.3 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6727 mediawiki>=1.25.0<1.25.2 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6727 mediawiki>=1.23.0<1.23.10 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6729 mediawiki>=1.24.0<1.24.3 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6729 mediawiki>=1.25.0<1.25.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6729 mediawiki>=1.23.0<1.23.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6735 mediawiki>=1.24.0<1.24.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6735 mediawiki>=1.25.0<1.25.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6735 gnutls<3.3.14 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3308 mediawiki>=1.23.0<1.23.10 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6730 mediawiki>=1.24.0<1.24.3 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6730 mediawiki>=1.25.0<1.25.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6730 mediawiki>=1.23.0<1.23.10 multiple-vulnerabilities https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6728 mediawiki>=1.24.0<1.24.3 multiple-vulnerabilities https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6728 mediawiki>=1.25.0<1.25.2 multiple-vulnerabilities https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6728 mediawiki>=1.23.0<1.23.10 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6734 mediawiki>=1.24.0<1.24.3 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6734 mediawiki>=1.25.0<1.25.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6734 mediawiki>=1.23.0<1.23.10 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6737 mediawiki>=1.24.0<1.24.3 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6737 mediawiki>=1.25.0<1.25.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6737 rt4<4.2.12 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6506 jenkins-[0-9]* cross-site-request-forgeries http://seclists.org/bugtraq/2015/Aug/161 qemu<2.4.0 information-disclosure http://xenbits.xen.org/xsa/advisory-140.html qemu<2.4.0 buffer-overflow http://seclists.org/oss-sec/2015/q3/302 qemu<2.4.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5154 firefox31-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages thunderbird31-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xulrunner31-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages squid<3.5.9 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2015_3.txt qemu<2.4.0.1 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2015-5225 qemu<2.4.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5278 qemu<2.4.0.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-5279 qemu<2.4.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-6815 go<1.4.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2015-5739 go<1.4.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2015-5740 go<1.4.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2015-5741 go14<1.4.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2015-5739 go14<1.4.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2015-5740 go14<1.4.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2015-5741 bugzilla<5.0.1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4499 phpmyadmin<4.3.13.2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830 icu<55.1nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1270 adobe-flash-plugin<11.2.202.521 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5575 vorbis-tools<1.4.0nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6749 firefox<41 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox41 firefox38<38.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.3 h2o<1.4.5 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5638 owncloudclient<1.8.2 man-in-the-middle https://owncloud.org/security/advisory/?id=oc-sa-2015-009 freetype2<2.5.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9745 typo3<6.2.15 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5956 suse{,32}_base-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1781 remind<3.1.15 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5957 freeimage<3.17.0nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0852 ipython>=3.0<3.2.2 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7337 php>=5.4<5.4.45 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.4.45 php>=5.5<5.5.29 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.5.29 php>=5.6<5.6.13 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.13 dojo<1.2 cross-site-scripting http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000153.html icu<53.1 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5922 icedtea-web<1.5.3 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5234 icedtea-web>=1.6<1.6.1 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5234 icedtea-web<1.5.3 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5235 icedtea-web>=1.6<1.6.1 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5235 php{54,55,56}-matcha-sns<1.3.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5644 php{54,55,56}-matcha-sns<1.3.7 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5645 p5-Email-Address<1.912 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7686 freetype2<2.5.3 multiple-vulnerabilities http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8b281f83e8516535756f92dbf90940ac44bd45e1 php{54,55,56}-basercms<3.0.8 remote-information-modification http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5640 php{54,55,56}-basercms<3.0.8 remote-information-modification http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5641 opensmtpd<5.7.3 multiple-vulnerabilities https://www.opensmtpd.org/announces/release-5.7.3.txt adobe-flash-plugin<11.2.202.535 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-25.html adobe-flash-plugin<11.2.202.540 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsa15-05.html firefox<41.0.2 security-bypass https://www.mozilla.org/en-US/security/advisories/mfsa2015-115/ postgresql90-server<9.0.23 denial-of-service http://www.postgresql.org/about/news/1615/ postgresql91-server<9.1.19 denial-of-service http://www.postgresql.org/about/news/1615/ postgresql92-server<9.2.14 denial-of-service http://www.postgresql.org/about/news/1615/ postgresql93-server<9.3.10 denial-of-service http://www.postgresql.org/about/news/1615/ postgresql94-server<9.4.5 denial-of-service http://www.postgresql.org/about/news/1615/ postgresql90-pgcrypto<9.0.23 information-leak http://www.postgresql.org/about/news/1615/ postgresql91-pgcrypto<9.1.19 information-leak http://www.postgresql.org/about/news/1615/ postgresql92-pgcrypto<9.2.14 information-leak http://www.postgresql.org/about/news/1615/ postgresql93-pgcrypto<9.3.10 information-leak http://www.postgresql.org/about/news/1615/ postgresql94-pgcrypto<9.4.5 information-leak http://www.postgresql.org/about/news/1615/ postgresql84-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages postgresql90-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php{54,55,56}-owncloud<8.1.2 remote-code-execution https://owncloud.org/security/advisory/?id=oc-sa-2015-017 php{54,55,56}-owncloud<8.1.2 remote-code-execution https://owncloud.org/security/advisory/?id=oc-sa-2015-018 mysql-client>=5.5<5.5.45 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixMSQL mysql-server>=5.6<5.6.26 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixMSQL openjdk8<1.8.65 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA oracle-{jdk,jre}8<8.0.65 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA openjdk7-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages sun-{jdk7,jre7}-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ntp<4.2.8p4 multiple-vulnerabilities http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner wordpress<4.3.1 security-bypass https://wordpress.org/news/2015/09/wordpress-4-3-1/ openafs<1.6.15 information-leak https://www.openafs.org/pages/security/OPENAFS-SA-2015-007.txt openafs>=1.7<1.7.33 information-leak https://www.openafs.org/pages/security/OPENAFS-SA-2015-007.txt asterisk>=1.8<10 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages policykit<0.113 integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4625 policykit<0.113 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3218 policykit<0.113 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3255 policykit<0.113 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3256 php>=5.5<5.5.30 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.5.30 gdk-pixbuf2<2.32.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7674 phpmyadmin>=4.3<4.3.13.2 brute-force-attack https://www.phpmyadmin.net/security/PMASA-2015-4 phpmyadmin>=4.4<4.4.14.1 brute-force-attack https://www.phpmyadmin.net/security/PMASA-2015-4 phpmyadmin>=4.4<4.4.15.1 spoofing-attack https://www.phpmyadmin.net/security/PMASA-2015-5 phpmyadmin>=4.5<4.5.1 spoofing-attack https://www.phpmyadmin.net/security/PMASA-2015-5 xenkernel41<4.1.6.1nb17 privilege-escalation http://xenbits.xen.org/xsa/advisory-148.html xenkernel42<4.2.5nb9 privilege-escalation http://xenbits.xen.org/xsa/advisory-148.html xenkernel45<4.5.1nb1 privilege-escalation http://xenbits.xen.org/xsa/advisory-148.html owncloudclient<2.0.1 man-in-the-middle https://owncloud.org/security/advisory/?id=oc-sa-2015-016 gdk-pixbuf2<2.32.0 buffer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7673 gdk-pixbuf2-jasper<2.32.0 buffer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7673 gdk-pixbuf2-xlib<2.32.0 buffer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7673 wordpress<4.2.4 cross-site-scripting https://codex.wordpress.org/Version_4.2.4 php{54,55,56}-ja-wordpress<4.2.4 cross-site-scripting https://codex.wordpress.org/Version_4.2.4 wordpress<4.3.1 cross-site-scripting https://github.com/WordPress/WordPress/commit/f91a5fd10ea7245e5b41e288624819a37adf290a php{54,55,56}-ja-wordpress<4.3.1 cross-site-scripting https://github.com/WordPress/WordPress/commit/f91a5fd10ea7245e5b41e288624819a37adf290a jasper<1.900.1nb12 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3520 jasper<1.900.1nb12 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3522 jasper<1.900.1nb6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4516 jasper<1.900.1nb6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4517 jasper<1.900.1nb9 double-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8137 jasper<1.900.1nb8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9029 xenkernel33-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-152.html xenkernel41<4.1.6.1nb17 denial-of-service http://xenbits.xen.org/xsa/advisory-152.html xenkernel42<4.2.5nb9 denial-of-service http://xenbits.xen.org/xsa/advisory-152.html xenkernel45<4.5.1nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-152.html xenkernel41<4.1.6.1nb17 denial-of-service http://xenbits.xen.org/xsa/advisory-149.html xenkernel42<4.2.5nb9 denial-of-service http://xenbits.xen.org/xsa/advisory-149.html xenkernel45<4.5.1nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-149.html xenkernel41<4.1.6.1nb17 denial-of-service http://xenbits.xen.org/xsa/advisory-151.html xenkernel42<4.2.5nb9 denial-of-service http://xenbits.xen.org/xsa/advisory-151.html xenkernel45<4.5.1nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-151.html mariadb55-server<5.5.46 multiple-vulnerabilities https://mariadb.com/kb/en/mariadb/mariadb-5546-release-notes/ mariadb55-server<5.5.45 multiple-vulnerabilities https://mariadb.com/kb/en/mariadb/mariadb-5545-release-notes/ unzip<6.0nb5 remote-code-execution http://www.cvedetails.com/cve/CVE-2015-7696/ unzip<6.0nb5 denial-of-service http://www.cvedetails.com/cve/CVE-2015-7697/ postgresql90-server<9.0.23 buffer-overflow http://www.postgresql.org/about/news/1615/ postgresql91-server<9.1.19 buffer-overflow http://www.postgresql.org/about/news/1615/ postgresql92-server<9.2.14 buffer-overflow http://www.postgresql.org/about/news/1615/ postgresql93-server<9.3.10 buffer-overflow http://www.postgresql.org/about/news/1615/ postgresql94-server<9.4.5 buffer-overflow http://www.postgresql.org/about/news/1615/ xenkernel41-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-150.html xenkernel42-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-150.html xenkernel45<4.5.1nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-150.html xenkernel41-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-153.html xenkernel42-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-153.html xenkernel45<4.5.3 denial-of-service http://xenbits.xen.org/xsa/advisory-153.html p5-HTML-Scrubber<0.15 cross-site-scripting http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000171.html mit-krb5<1.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695 mit-krb5<1.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696 mit-krb5<1.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697 firefox38<38.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.4 firefox<42.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox42 nss<3.20.1 multiple-vulnerabilities https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.20.1_release_notes mediawiki>=1.25.0<1.25.3 multiple-vulnerabilities https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.html mediawiki>=1.24.0<1.24.4 multiple-vulnerabilities https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.html mediawiki>=1.23.0<1.23.11 multiple-vulnerabilities https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.html adobe-flash-plugin<11.2.202.548 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-28.html roundcube<1.1.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8105 libreoffice>=5.0<5.0.1 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/ libreoffice4>=4.0<4.4.6 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/ libreoffice4-bin>=4.0<4.4.6 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/ libreoffice43-[0-9]* denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/ libreoffice>=5.0<5.0.0 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/ libreoffice4>=4.0<4.4.5 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/ libreoffice4-bin>=4.0<4.4.5 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/ libreoffice43-[0-9]* denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/ libreoffice4>=4.0<4.4.5 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/ libreoffice4-bin>=4.0<4.4.5 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/ libreoffice43-[0-9]* denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/ libreoffice4>=4.0<4.4.5 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/ libreoffice4-bin>=4.0<4.4.5 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/ libreoffice43-[0-9]* denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/ mbedtls<1.3.14 heap-overflow https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01 libvdpau<1.1.1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5198 libvdpau<1.1.1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5199 libvdpau<1.1.1 arbitrary-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5200 p5-HTML-Scrubber<0.15 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5667 elasticsearch<1.6.0 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4165 elasticsearch<1.6.1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5377 qemu<2.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6855 qemu<2.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7295 squid<3.5.2 unauthorized-access http://bugs.squid-cache.org/show_bug.cgi?id=4066 xscreensaver<5.34 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8025 png>=1.0<1.0.64 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8126 png>=1.1<1.2.54 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8126 png>=1.3<1.4.17 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8126 png>=1.5<1.5.24 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8126 png>=1.6<1.6.19 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8126 mit-krb5<1.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2698 wireshark<1.12.8 denial-of-service https://www.wireshark.org/security/wnpa-sec-2015-30.html openssl>1.0.1<1.0.1m denial-of-service https://www.openssl.org/news/secadv/20150319.txt openssl>1.0.0<1.0.0r denial-of-service https://www.openssl.org/news/secadv/20150319.txt openssl>0.9.8<0.9.8zf denial-of-service https://www.openssl.org/news/secadv/20150319.txt openssl>1.0.1<1.0.1m denial-of-service https://www.openssl.org/news/secadv/20150319.txt openssl>1.0.0<1.0.0r denial-of-service https://www.openssl.org/news/secadv/20150319.txt openssl>0.9.8<0.9.8zf denial-of-service https://www.openssl.org/news/secadv/20150319.txt pcre<8.36 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2327 pcre<8.36 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2328 pcre<8.38 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8380 pcre<8.37 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8382 pcre<8.38 uninitialized-memory-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8390 pcre<8.38 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8383 pcre<8.38 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8394 pcre<8.38 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8381 pcre2<10.20 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8381 pcre<8.38 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8392 pcre<8.38 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8386 pcre<8.38 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8385 pcre<8.38 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8388 pcre<8.38 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8384 pcre<8.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8389 pcre<8.38 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8393 pcre<8.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8391 pcre<8.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8395 ffmpeg2<2.8.2 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8218 ffmpeg2<2.8.2 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8216 ffmpeg2<2.8.2 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8217 ffmpeg2<2.8.2 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8219 ffmpeg2<2.8.3 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8363 ffmpeg2<2.8.3 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8365 ffmpeg2<2.8.3 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8364 magento-[0-9]* cross-site-request-forgeries http://www.vulnerability-lab.com/get_content.php?id=1643 magento-[0-9]* input-validation http://www.vulnerability-lab.com/get_content.php?id=1636 proftpd<1.3.5b heap-overflow http://seclists.org/bugtraq/2015/Nov/109 libxml2<2.9.3 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942 libxml2<2.9.3 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941 libxml2<2.9.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035 suse{,32}_libxml2-[0-9]* out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942 suse{,32}_libxml2-[0-9]* out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941 suse{,32}_libxml2-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035 suse{,32}_base-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2327 suse{,32}_base-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2328 suse{,32}_base-[0-9]* heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8380 suse{,32}_base-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8382 suse{,32}_base-[0-9]* uninitialized-memory-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8390 suse{,32}_base-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8383 suse{,32}_base-[0-9]* integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8394 suse{,32}_base-[0-9]* heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8381 suse{,32}_base-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8392 suse{,32}_base-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8386 suse{,32}_base-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8385 suse{,32}_base-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8388 suse{,32}_base-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8384 suse{,32}_base-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8389 suse{,32}_base-[0-9]* sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8393 suse{,32}_base-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8391 suse{,32}_base-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8395 libsndfile<1.0.25 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7805 libsndfile<1.0.25 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9756 suse{,32}_libsndfile<13.1nb2 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7805 suse{,32}_libsndfile<13.1nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9756 libxslt<1.1.29 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995 openssl>=1.0.2<1.0.2e multiple-vulnerabilities https://www.openssl.org/news/secadv/20151203.txt suse{,32}_openssl-[0-9]* multiple-vulnerabilities https://www.openssl.org/news/secadv/20151203.txt cyrus-imapd>=2.3<2.5.7 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8077 cyrus-imapd>=2.3<2.3.19 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8076 cyrus-imapd>=2.4<2.4.18 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8076 cyrus-imapd>=2.5<2.5.4 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8076 cyrus-imapd>=2.3<2.5.7 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8078 gcc48{,-libs}-[0-9]* insufficiently-random-numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5276 gcc49{,-libs}<4.9.4 insufficiently-random-numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5276 gcc50{,-libs}-[0-9]* insufficiently-random-numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5276 redis<3.0.6 integer-overflow https://security-tracker.debian.org/tracker/CVE-2015-8080 cups-filters<1.0.70 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3258 jenkins<1.625.2 multiple-vulnerabilities https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 putty>=0.54<0.66 integer-overflow http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html nautilus-[0-9]* denial-of-service http://seclists.org/bugtraq/2015/Dec/11 gdm<3.18.2 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7496 nss<3.20.1 arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2015-133/ suse{,32}_mozilla-nss[0-9]* arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2015-133/ xenkernel45<4.5.3 denial-of-service http://xenbits.xen.org/xsa/advisory-145.html powerdns>=3.4.4<3.4.7 denial-of-service https://doc.powerdns.com/md/security/powerdns-advisory-2015-03/ sudo<1.8.15 symlink-attack http://www.sudo.ws/stable.html#1.8.15 salt<2015.8.3 multiple-vulnerabilities https://docs.saltstack.com/en/develop/topics/releases/2015.8.3.html thunderbird<38.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.3 thunderbird<38.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.4 seamonkey<2.39 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/seamonkey/#seamonkey2.39 openldap<2.4.44nb2 input-validation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3276 py{27,33,34}-django>=1.8<1.8.7 information-leak https://www.djangoproject.com/weblog/2015/nov/24/security-releases/ adobe-flash-plugin<11.2.202.554 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-32.html cups-filters<1.2.0 input-validation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8327 cups-filters<1.4.0 input-validation https://www.debian.org/security/2015/dsa-3419 png>=1.6<1.6.20 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8472 ap{22,24}-subversion<1.9.3 information-disclosure http://subversion.apache.org/security/CVE-2015-5343-advisory.txt cacti<0.8.8g sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8377 cups-filters<1.5.0 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8560 go<1.5.2nb1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8618 grub2<2.0.3 authentication-bypass http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html xenkernel3-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel33-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel41-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel42-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel45<4.5.3 privilege-escalation http://xenbits.xen.org/xsa/advisory-162.html xenkernel45<4.5.3 privilege-escalation http://xenbits.xen.org/xsa/advisory-164.html xenkernel45<4.5.1nb2 information-disclosure http://xenbits.xen.org/xsa/advisory-165.html xenkernel45<4.5.1nb2 privilege-escalation http://xenbits.xen.org/xsa/advisory-166.html firefox<43.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox43 firefox38<38.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.5 bind>=9.9.0<9.9.8pl2 denial-of-service https://kb.isc.org/article/AA-01319/0/ bind>=9.10.0<9.10.3pl2 denial-of-service https://kb.isc.org/article/AA-01319/0/ giflib-util<5.1.2 heap-overflow https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-7555 tiff<4.0.8nb1 arbitrary-memory-access https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7554 suse{,32}_libtiff-[0-9]* arbitrary-memory-access http://www.securityfocus.com/archive/1/537205 tiff<4.0.7 heap-overflow http://www.securityfocus.com/archive/1/537208 suse{,32}_libtiff-[0-9]* heap-overflow http://www.securityfocus.com/archive/1/537208 phpmyadmin>=4.0.0.0<4.0.10.12 information-disclosure https://www.phpmyadmin.net/security/PMASA-2015-6/ phpmyadmin>=4.4.0.0<4.4.15.2 information-disclosure https://www.phpmyadmin.net/security/PMASA-2015-6/ phpmyadmin>=4.5.0.0<4.5.3.1 information-disclosure https://www.phpmyadmin.net/security/PMASA-2015-6/ bugzilla>=2.6<4.2.16 cross-site-scripting https://bugzilla.mozilla.org/show_bug.cgi?id=1221518 bugzilla>=4.3.1<4.4.11 cross-site-scripting https://bugzilla.mozilla.org/show_bug.cgi?id=1221518 bugzilla>=4.5.1<5.0.2 cross-site-scripting https://bugzilla.mozilla.org/show_bug.cgi?id=1221518 bugzilla>=2.17.1<4.216 information-leak https://bugzilla.mozilla.org/show_bug.cgi?id=1232785 bugzilla>=4.3.1<4.4.11 information-leak https://bugzilla.mozilla.org/show_bug.cgi?id=1232785 bugzilla>=4.5.1<5.0.2 information-leak https://bugzilla.mozilla.org/show_bug.cgi?id=1232785 ffmpeg2<2.8.4 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8662 ffmpeg2<2.8.3 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8661 ffmpeg2<2.8.4 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8663 libxml2<2.9.3 multiple-vulnerabilities https://www.debian.org/security/2015/dsa-3430 suse{,32}_libxml2-[0-9]* multiple-vulnerabilities https://www.debian.org/security/2015/dsa-3430 thunderbird<38.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.5 py{27,33,34,35}-trytond>=3.2<3.8.1 unauthorized-access https://security-tracker.debian.org/tracker/CVE-2015-0861 adobe-flash-plugin<11.2.202.559 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-01.html webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2015-0002.html webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2015-0002.html webkit-gtk{,3}<2.10.3 multiple-vulnerabilities http://webkitgtk.org/security/WSA-2015-0002.html netsurf<3.4 multiple-vulnerabilities https://marc.info/?l=oss-security&m=145028560403474&w=2 dpkg<1.16.17 off-by-one http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0860 samba>=4.0.0<4.1.22 memory-corruption https://www.samba.org/samba/security/CVE-2015-7540.html samba>=4.0.0<4.3.2 privilege-escalation https://www.samba.org/samba/security/CVE-2015-8467.html samba>=4.0.0<4.3.2 out-of-bounds-write https://www.samba.org/samba/security/CVE-2015-5330.html samba>=3.2.0<4.3.2 privilege-escalation https://www.samba.org/samba/security/CVE-2015-5299.html samba>=3.2.0<4.3.2 man-in-the-middle https://www.samba.org/samba/security/CVE-2015-5296.html samba>=3.0.0<4.3.2 symlink-attack https://www.samba.org/samba/security/CVE-2015-5252.html samba>=4.0.0<4.3.2 denial-of-service https://www.samba.org/samba/security/CVE-2015-3223.html nodejs>=0.12<0.12.9 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/december-2015-security-releases/ nodejs>=4<4.2.3 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/december-2015-security-releases/ nodejs>=5<5.1.1 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/december-2015-security-releases/ pcre<8.38nb1 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1283 bugzilla<4.2.16 code-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8508 bugzilla>=4.3<4.4.11 code-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8508 bugzilla<4.2.16 code-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8508 bugzilla>=4.3<4.4.11 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8509 bugzilla>=5.0<5.0.2 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8509 wireshark<1.12.9 multiple-vulnerabilities https://www.wireshark.org/docs/relnotes/wireshark-1.12.9.html git-base<2.6.1 arbitrary-code-execution http://www.openwall.com/lists/oss-security/2015/10/06/1 php{54,55,56}-owncloud>8.2.0<8.2.2 cross-site-scripting https://owncloud.org/security/advisory/?id=oc-sa-2016-001 php{54,55,56}-owncloud>8.2.0<8.2.2 information-disclosure https://owncloud.org/security/advisory/?id=oc-sa-2016-002 php{54,55,56}-owncloud>8.2.0<8.2.2 information-disclosure https://owncloud.org/security/advisory/?id=oc-sa-2016-003 subversion>1.9<1.9.3 heap-overflow http://subversion.apache.org/security/CVE-2015-5259-advisory.txt qemu<2.6.0 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7512 nss<3.20.2 arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2015-150/ suse{,32}_mozilla-nss[0-9]* arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2015-150/ gummi<0.6.6 symlink-attack http://www.openwall.com/lists/oss-security/2015/10/08/5 typo3>=6.2<6.2.16 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-010/ typo3>=6.2<6.2.16 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-011/ typo3>=6.2<6.2.16 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-012/ typo3>=6.2<6.2.16 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-013/ typo3>=6.2<6.2.16 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-014/ typo3>=6.2<6.2.16 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-015/ py{35,34,33,27}-pygments<2.0.2nb1 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8557 foomatic-filters>4 input-validation https://www.debian.org/security/2015/dsa-3419 foomatic-filters>4 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8560 ffmpeg2<2.8.5 information-leak https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1897 ffmpeg2<2.8.5 information-leak https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1898 gnutls<3.3.15 ssl-downgrade http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575 gnutls>=3.4<3.4.1 ssl-downgrade http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575 prosody<0.9.9 multiple-vulnerabilities http://blog.prosody.im/prosody-0-9-9-security-release/ p5-PathTools<3.62 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8607 php{54,55,56}-owncloud<8.0.9 information-leak https://owncloud.org/security/advisory/?id=oc-sa-2016-004 php{54,55,56}-owncloud>8.1.0<8.1.4 information-leak https://owncloud.org/security/advisory/?id=oc-sa-2016-004 php{54,55,56}-owncloud<7.0.12 cross-site-scripting https://owncloud.org/security/advisory/?id=oc-sa-2016-001 php{54,55,56}-owncloud>8.0.0<8.0.10 cross-site-scripting https://owncloud.org/security/advisory/?id=oc-sa-2016-001 php{54,55,56}-owncloud>8.1.0<8.1.5 cross-site-scripting https://owncloud.org/security/advisory/?id=oc-sa-2016-001 php{54,55,56}-owncloud<8.0.10 information-disclosure https://owncloud.org/security/advisory/?id=oc-sa-2016-002 php{54,55,56}-owncloud<8.1.0 information-disclosure https://owncloud.org/security/advisory/?id=oc-sa-2016-002 php{54,55,56}-owncloud<7.0.12 information-disclosure https://owncloud.org/security/advisory/?id=oc-sa-2016-003 php{54,55,56}-owncloud>8.0.0<8.0.10 information-disclosure https://owncloud.org/security/advisory/?id=oc-sa-2016-003 qemu<2.6.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1779 nghttp2<1.6.0 unknown-impact https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8659 py{27,33,34,35}-rsa<3.3 signature-spoofing https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1494 openssh<7.1.1nb2 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777 openssh<7.1.1nb2 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0778 openssh<7.1.1nb3 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1907 isc-dhclient<4.3.3p1 denial-of-service https://kb.isc.org/article/AA-01334 isc-dhcp<4.3.3p1 denial-of-service https://kb.isc.org/article/AA-01334 isc-dhcpd<4.3.3p1 denial-of-service https://kb.isc.org/article/AA-01334 isc-dhcrelay<4.3.3p1 denial-of-service https://kb.isc.org/article/AA-01334 roundcube<1.1.4 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8770 roundcube<1.1.2 code-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8793 roundcube<1.1.2 arbitrary-file-reading https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8794 gajim<0.16.5 man-in-the-middle https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8688 h2o<1.6.2 http-response-splitting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1133 bind>=9.9.0<9.9.8pl3 denial-of-service https://kb.isc.org/article/AA-01335 bind>=9.10.0<9.10.3pl3 denial-of-service https://kb.isc.org/article/AA-01335 bind>=9.9.0<9.9.8pl3 denial-of-service https://kb.isc.org/article/AA-01336 bind>=9.10.0<9.10.3pl3 denial-of-service https://kb.isc.org/article/AA-01336 php>=5.5<5.5.28 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.5.28 php>=5.6<5.6.12 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.12 php>=5.5<5.5.27 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.5.27 php>=5.6<5.6.11 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.11 php>=7.0<7.0.1 multiple-vulnerabilities http://php.net/ChangeLog-7.php#7.0.1 php>=5.5<5.5.31 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.5.31 php>=5.6<5.6.17 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.17 php>=7.0<7.0.2 multiple-vulnerabilities http://php.net/ChangeLog-7.php#7.0.2 oracle-{jdk,jre}8<8.0.71 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367955.html#AppendixJAVA openjdk8<1.8.71 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367955.html#AppendixJAVA mysql-server>=5.5<5.5.47 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL mysql-server>=5.6<5.6.28 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL mysql-server>=5.7<5.7.10 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL cgit<0.12 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1899 cgit<0.12 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1900 cgit<0.12 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1901 jasper<1.900.2 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867 suse{,32}_base<13.1nb11 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8777 suse{,32}_base-[0-9]* stack-overflow https://sourceware.org/bugzilla/show_bug.cgi?id=17905 prosody<0.9.10 spoofing-attack https://prosody.im/security/advisory_20160127/ xenkernel45<4.5.3 multiple-vulnerabilities http://xenbits.xen.org/xsa/advisory-167.html xenkernel45<4.5.3 denial-of-service http://xenbits.xen.org/xsa/advisory-168.html claws-mail<3.13.1 arbitrary-code-execution https://security-tracker.debian.org/tracker/CVE-2015-8614 php55-fpm<5.5.31 buffer-overflow https://bugs.php.net/bug.php?id=70755 php55-fpm<5.6.17 buffer-overflow https://bugs.php.net/bug.php?id=70755 php70-fpm<7.0.2 buffer-overflow https://bugs.php.net/bug.php?id=70755 ruby{18,193,200,21,22}-activesupport>=3.0<4.0 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3226 ruby{18,193,200,21,22}-activesupport<4.1.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3227 ruby{18,193,200,21,22}-actionpack<3.2.22.1 security-bypass https://marc.info/?l=oss-security&m=145375027528562&w=2 ruby{18,193,200,21,22}-activesupport<3.2.22.1 security-bypass https://marc.info/?l=oss-security&m=145375027528562&w=2 ruby{18,193,200,21,22}-actionpack<3.2.22.1 denial-of-service https://marc.info/?l=oss-security&m=145375035828624&w=2 ruby{18,193,200,21,22}-actionpack<3.2.22.1 directory-traversal https://marc.info/?l=oss-security&m=145375068928706&w=2 privoxy<3.0.24 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1982 privoxy<3.0.24 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1983 mariadb-client<5.5.47 man-in-the-middle https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2047 magento-[0-9]* validation-bypass http://www.vulnerability-lab.com/get_content.php?id=1203 magento<2.0.1 man-in-the-middle https://cxsecurity.com/issue/WLB-2016010129 ntp<4.2.8p6 multiple-vulnerabilities http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit chrony<1.31.2 validation-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1567 openssl>=1.0.1<1.0.1r multiple-vulnerabilities https://www.openssl.org/news/secadv/20160128.txt openssl>=1.0.2<1.0.2f multiple-vulnerabilities https://www.openssl.org/news/secadv/20160128.txt suse{,32}_openssl-[0-9]* multiple-vulnerabilities https://www.openssl.org/news/secadv/20151203.txt go<1.5.3 weak-cryptography https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8618 libebml<1.3.3 use-after-free https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8789 libebml<1.3.3 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8790 libebml<1.3.3 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8791 curl<7.47.0 ntlm-authentication-hijack http://curl.haxx.se/docs/adv_20160127A.html curl<7.47.0 directory-traversal http://curl.haxx.se/docs/adv_20160127B.html firefox<44.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox44 firefox38<38.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.6 Radicale<1.1 multiple-vulnerabilities http://radicale.org/news/#2015-12-31@11:54:03 asterisk>=11.0<11.21.1 man-in-the-middle http://downloads.digium.com/pub/security/AST-2016-001.html asterisk>=13.0<13.7.1 man-in-the-middle http://downloads.digium.com/pub/security/AST-2016-001.html asterisk>=11.0<11.21.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-002.html asterisk>=13.0<13.7.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-002.html asterisk>=11.0<11.21.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-003.html asterisk>=13.0<13.7.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-003.html webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0001.html webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0001.html webkit-gtk{,3}<2.10.7 multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0001.html tiff<4.0.6nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8781 suse{,32}_libtiff-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8781 tiff<4.0.6nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8782 suse{,32}_libtiff-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8782 tiff<4.0.6nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8783 suse{,32}_libtiff-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8783 openjpeg<2.1.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1923 openjpeg<2.1.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1924 ffmpeg2<2.8.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2213 mit-krb5<1.14.1 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8629 mit-krb5<1.14.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8630 mit-krb5<1.14.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8631 salt<2015.8.4 remote-code-execution https://docs.saltstack.com/en/latest/topics/releases/2015.8.4.html firefox<44.0.2 security-bypass https://www.mozilla.org/en-US/security/advisories/mfsa2016-13/ firefox38<38.6.1 arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2016-14/ xymon<4.3.25 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2054 xymon<4.3.25 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2055 xymon<4.3.25 code-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2056 xymon<4.3.25 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2057 xymon<4.3.25 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2058 ffmpeg2<2.8.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2213 ffmpeg2<2.8.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2328 ffmpeg2<2.8.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2329 ffmpeg2<2.8.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2330 adobe-flash-plugin<11.2.202.569 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-04.html nodejs>=0.12<0.12.10 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/february-2016-security-releases/ nodejs>=4<4.3.0 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/february-2016-security-releases/ nodejs>=5<5.6.0 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/february-2016-security-releases/ wordpress<4.4.2 request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2221 wordpress<4.4.2 request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2222 php{54,55,56}-ja-wordpress<4.4.2 request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2221 php{54,55,56}-ja-wordpress<4.4.2 request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2222 postgresql91-server<9.1.20 buffer-overflow http://www.postgresql.org/about/news/1644/ postgresql92-server<9.2.15 buffer-overflow http://www.postgresql.org/about/news/1644/ postgresql93-server<9.3.11 buffer-overflow http://www.postgresql.org/about/news/1644/ postgresql94-server<9.4.6 buffer-overflow http://www.postgresql.org/about/news/1644/ nginx<1.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0742 nginx<1.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0746 nginx<1.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0747 nginx>=1.9<1.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0742 nginx>=1.9<1.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0746 nginx>=1.9<1.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0747 libgcrypt<1.6.5 side-channel https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html ruby{18,193,200,21,22}-redmine-[0-9]* security-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7576 ruby{18,193,200,21,22}-redmine-[0-9]* cross-site-scripting http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7578 ruby{18,193,200,21,22}-activerecord32<3.2.22.1 security-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7577 ruby{18,193,200,21,22}-redmine-[0-9]* security-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7577 libssh2<1.7.0 weak-cryptography https://www.libssh2.org/adv_20160223.html suse{,32}_base<13.1nb11 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3481 gtk2+<2.24.29nb1 integer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7447 gtk3+<3.9.8 integer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7447 apache-tomcat>=6.0<6.0.45 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5174 apache-tomcat>=7.0<7.0.65 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5174 apache-tomcat>=8.0<8.0.27 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5174 apache-tomcat>=7.0<7.0.68 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0763 apache-tomcat>=8.0<8.0.31 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0763 apache-tomcat>=7.0<7.0.66 session-hijack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5346 apache-tomcat>=8.0<8.0.30 session-hijack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5346 apache-tomcat>=7.0<7.0.68 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0714 apache-tomcat>=8.0<8.0.31 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0714 apache-tomcat>=6.0<6.0.45 remote-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345 apache-tomcat>=7.0<7.0.67 remote-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345 apache-tomcat>=8.0<8.0.30 remote-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345 apache-tomcat>=7.0<7.0.68 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5351 apache-tomcat>=8.0<8.0.31 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5351 apache-tomcat>=6.0<6.0.45 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706 apache-tomcat>=7.0<7.0.68 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706 apache-tomcat>=8.0<8.0.31 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706 xerces-c<3.1.3 remote-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0729 gajim<0.16.5 remote-information-modification https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8688 thunderbird<38.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.6 websvn-[0-9]* cross-site-scripting https://marc.info/?l=full-disclosure&m=145614987429774&w=2 magento<1.9.2.3 weak-authentication https://magento.com/security/patches/supee-7405 phpmyadmin>=4.0.0.0<4.0.10.13 password-exposure https://www.phpmyadmin.net/security/PMASA-2016-4/ phpmyadmin>=4.4.0.0<4.4.15.3 password-exposure https://www.phpmyadmin.net/security/PMASA-2016-4/ phpmyadmin>=4.5.0.0<4.5.4 password-exposure https://www.phpmyadmin.net/security/PMASA-2016-4/ nettle<3.2 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8805 nettle<3.2 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8804 nettle<3.2 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8803 moodle>=3.0<3.0.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0725 moodle>=3.0<3.0.2 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0724 gcpio<2.13 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2037 phpmyadmin>=4.5.0.0<4.5.4 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-9/ phpmyadmin>=4.5.0.0<4.5.4 cross-site-request-forgery https://www.phpmyadmin.net/security/PMASA-2016-2/ phpmyadmin>=4.5.0.0<4.5.4 information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-1/ phpmyadmin>=4.5.0.0<4.5.4 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-3/ phpmyadmin>=4.5.0.0<4.5.4 information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-6/ phpmyadmin>=4.5.0.0<4.5.4 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-7/ phpmyadmin>=4.5.0.0<4.5.4 information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-8/ phpmyadmin>=4.5.0.0<4.5.4 cross-site-request-forgery https://www.phpmyadmin.net/security/PMASA-2016-5/ php{55,56,70}-basercms<3.0.9 code-injection http://basercms.net/security/JVN69854312 php{55,56,70}-owncloud>8.2<8.2.2 information-disclosure https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2015-062.txt libreoffice<5.0.4 memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0794 libreoffice4-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0794 libreoffice43-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0794 libreoffice4-bin-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0794 libreoffice5-bin-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0794 libreoffice<5.0.5 memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0795 libreoffice4-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0795 libreoffice43-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0795 libreoffice4-bin-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0795 libreoffice5-bin-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0795 squid>=3.5<3.5.15 multiple-vulnerabilities http://www.squid-cache.org/Advisories/SQUID-2016_2.txt wireshark<1.12.10 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-11.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-11.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-09.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-07.html wireshark<1.12.10 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-10.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-10.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-06.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-05.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-03.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-02.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-08.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-04.html firefox<43.0 arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2016-14/ graphite2<1.3.5 arbitrary-code-execution http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html ruby{18,193,200,21,22}-actionpack-[0-9]* denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7581 ruby{18,193,200,21,22}-actionpack-[0-9]* code-injection http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7579 ruby{18,193,200,21,22}-redmine-[0-9]* cross-site-scripting http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7580 drupal-6.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby192-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby193-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby200-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages postfix<3.0 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages horde<5.2.9 cross-site-scripting http://lists.horde.org/archives/announce/2016/001140.html py{34,33,27,26}-Pillow<3.1.1 multiple-vulnerabilities https://pillow.readthedocs.org/en/3.1.x/releasenotes/3.1.1.html drupal<7.43 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2016-001 openssl>=1.0.2<1.0.2g multiple-vulnerabilities https://www.openssl.org/news/secadv/20160301.txt phpmyadmin>=4.5.0.0<4.5.5.1 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-10/ phpmyadmin>=4.5.0.0<4.5.5.1 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-11/ phpmyadmin>=4.5.0.0<4.5.5.1 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-12/ phpmyadmin>=4.5.0.0<4.5.5.1 man-in-the-middle https://www.phpmyadmin.net/security/PMASA-2016-13/ roundup<1.5.1 sensitive-information-disclosure https://pypi.python.org/pypi/roundup/1.5.1 libotr<4.1.1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2851 firefox<45.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox45 firefox38<38.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.7 xfce4-thunar<1.6.10nb2 integer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7447 jasper<1.900.1nb11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1577 jasper<1.900.1nb11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2116 jasper<1.900.1nb11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2089 php>=5.5<5.5.33 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.5.33 php>=5.6<5.6.19 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.6.19 php>=7.0<7.0.4 multiple-vulnerabilities https://secure.php.net/ChangeLog-7.php#7.0.4 bind>=9.10.0<9.10.3pl4 denial-of-service https://kb.isc.org/article/AA-01351/0 bind>=9.9.0<9.9.8pl4 denial-of-service https://kb.isc.org/article/AA-01352/0 bind>=9.10.0<9.10.3pl4 denial-of-service https://kb.isc.org/article/AA-01352/0 bind>=9.9.0<9.9.8pl4 denial-of-service https://kb.isc.org/article/AA-01353/0 bind>=9.10.0<9.10.3pl4 denial-of-service https://kb.isc.org/article/AA-01353/0 isc-dhcpd<4.3.4 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2774 nss<3.21.1 remote-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1950 adobe-flash-plugin<11.2.202.577 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-08.html samba>=3<3.9999 security-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7560 samba>=4<4.3.6 security-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7560 samba>=4<4.3.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0771 openssh<7.2.2 command-injection http://www.openssh.com/txt/x11fwd.adv ruby{18,193,200,21,22}-actionpack<3.2.22.2 information-leak https://groups.google.com/forum/#!msg/rubyonrails-security/ddY6HgqB2z4/we0RasMZIAAJ ruby{18,193,200,21,22}-actionpack<3.2.22.2 remote-code-execution https://groups.google.com/forum/#!msg/rubyonrails-security/ly-IH-fxr_Q/WLoOhcMZIAAJ ruby{18,193,200,21,22}-redmine-[0-9]* remote-code-execution https://groups.google.com/forum/#!msg/rubyonrails-security/ly-IH-fxr_Q/WLoOhcMZIAAJ apollo-[0-9]* clickjacking http://activemq.apache.org/security-advisories.data/CVE-2016-0734-announcement.txt apollo-[0-9]* cross-site-scripting http://activemq.apache.org/security-advisories.data/CVE-2016-0782-announcement.txt thunderbird<38.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.7 quagga<1.0.20160309 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2342 graphite2<1.3.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/ git-base<2.7.3nb1 multiple-vulnerabilities http://seclists.org/oss-sec/2016/q1/645 pcre<8.38nb2 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3191 pcre2<10.22 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3191 webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0002.html webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0002.html webkit-gtk{,3}<2.10.8 multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0002.html apollo-[0-9]* arbitrary-code-execution http://activemq.apache.org/security-advisories.data/CVE-2015-5254-announcement.txt xenkernel45<4.5.1nb2 multiple-vulnerabilities http://xenbits.xen.org/xsa/advisory-159.html xenkernel45<4.5.1nb2 denial-of-service http://xenbits.xen.org/xsa/advisory-160.html xenkernel45<4.5.1nb2 remote-code-execution http://xenbits.xen.org/xsa/advisory-155.html xenkernel45<4.5.3 denial-of-service http://xenbits.xen.org/xsa/advisory-154.html xenkernel45<4.5.3 denial-of-service http://xenbits.xen.org/xsa/advisory-170.html oracle-{jdk,jre}8<8.0.77 remote-code-execution http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html openjdk8<1.8.77 remote-code-execution http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html pixman<0.32.6 integer-overflow https://www.debian.org/security/2016/dsa-3525 dropbear<2016.72 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3116 libmatroska<1.4.4 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8792 pidgin-otr<4.0.2 denial-of-service https://www.debian.org/security/2016/dsa-3528 ruby{18,193,200,21,22}-redmine<3.2.0 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3529 inspircd<2.0.19 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8702 mit-krb5<1.14.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3119 webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0003.html webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0003.html webkit-gtk{,3}<2.10.5 multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0003.html imlib2<1.4.7 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3537 imebml<1.3.3 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3538 go>=1.6<1.6nb1 denial-of-service http://www.openwall.com/lists/oss-security/2016/04/05/1 putty<0.67 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2563 adobe-flash-plugin<11.2.202.616 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-10.html websvn<2.3.3 cross-site-scripting http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2511 erlang<18.0 man-in-the-middle http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2774 optipng<0.7.6 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2191 squid<3.5.16 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3947 squid<3.5.16 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3948 lhasa<0.3.1 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2347 py{27,34,35,36}-mercurial<3.7.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-3630 py{27,34,35,36}-mercurial<3.7.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-3068 py{27,34,35,36}-mercurial<3.7.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-3069 srtp<1.5.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6360 exim<4.86.2 privilege-escalation http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1531 py{27,33,34}-django>=1.9<1.9.3 information-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2513 go>=1.5<1.5.4 denial-of-service http://www.openwall.com/lists/oss-security/2016/04/05/1 proftpd<1.3.5b unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3125 jenkins<1.642.2 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0788 jenkins<1.650 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0788 jenkins<1.642.2 http-header-injection http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0789 jenkins<1.650 http-header-injection http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0789 jenkins<1.642.2 brute-force-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0790 jenkins<1.650 brute-force-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0790 jenkins<1.642.2 brute-force-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0791 jenkins<1.650 brute-force-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0791 jenkins<1.642.2 unspecified http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0792 jenkins<1.650 unspecified http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0792 perl<5.22.1nb1 security-restrictions-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2381 bozohttpd<20160415 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8212 cacti<0.8.8g sql-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8604 nodejs>=0.10.0<0.10.42 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/february-2016-security-releases/ postgresql95-server<9.5.2 multiple-vulnerabilities http://www.postgresql.org/about/news/1656/ py{27,33,34,35}-django<1.8.10 spoofing-attack https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2512 py{27,33,34,35}-django>=1.9<1.9.3 spoofing-attack https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2512 cacti-[0-9]* remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3659 squid<3.5.16 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3947 squid<3.5.16 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3948 libvirt-[0-9]* arbitrary-file-access http://security.libvirt.org/2015/0004.html claws-mail<3.13.2 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8708 samba<4.2.11 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2118 samba>=4.3<4.3.8 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2118 samba>=4.4<4.4.2 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2118 samba<4.2.11 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2110 samba>=4.3<4.3.8 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2110 samba>=4.4<4.4.2 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2110 samba<4.2.11 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5370 samba>=4.3<4.3.8 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5370 samba>=4.4<4.4.2 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5370 samba<4.2.11 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2113 samba>=4.3<4.3.8 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2113 samba>=4.4<4.4.2 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2113 samba<4.2.11 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2114 samba>=4.3<4.3.8 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2114 samba>=4.4<4.4.2 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2114 samba<4.2.11 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2115 samba>=4.3<4.3.8 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2115 samba>=4.4<4.4.2 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2115 samba<4.2.11 sensitive-information-disclosure http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2111 samba>=4.3<4.3.8 sensitive-information-disclosure http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2111 samba>=4.4<4.4.2 sensitive-information-disclosure http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2111 samba<4.2.11 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2112 samba>=4.3<4.3.8 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2112 samba>=4.4<4.4.2 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2112 qemu<2.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2857 qemu<2.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2858 qemu<2.4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1714 qemu<2.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5158 qemu<2.6.0 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1568 cacti-[0-9]* sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3659 cacti-[0-9]* sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3172 cacti-[0-9]* security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2313 tiff<4.0.7 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3467 suse{,32}_libtiff-[0-9]* multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3467 tiff<4.0.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547 suse{,32}_libtiff-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547 tiff<4.0.7 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3186 suse{,32}_libtiff-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3186 xenkernel45<4.5.3 information-leak http://xenbits.xen.org/xsa/advisory-172.html xenkernel45<4.5.3 address-width-overflow http://xenbits.xen.org/xsa/advisory-173.html libssh<0.73 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0739 libssh2<1.7.0 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0787 py{35,34,33,27}-Pillow<3.1.1 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3499 optipng<0.7.6 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3981 optipng<0.7.6 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3982 optipng<0.6.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7801 optipng<0.7.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7802 libxml2<2.9.4 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806 suse{,32}_libxml2-[0-9]* heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806 py{35,34,33,27}-django-cms-[0-9]* validation-bypass http://www.vulnerability-lab.com/get_content.php?id=1821 asterisk>=13.0<13.8.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-004.html asterisk>=13.0<13.8.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-005.html libvirt>=1.2.14<1.2.20 denial-of-service http://security.libvirt.org/2015/0004.html openssh<7.2.2nb1 local-security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8325 thunderbird>=39<45.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45 dhcpcd<6.10.0 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1503 dhcpcd<6.10.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1504 latex2rtf<2.3.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8106 gdk-pixbuf2<2.33 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7552 vlc<2.2.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3941 xdelta3<3.0.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9765 suse{,32}_base-[0-9]* multiple-vulnerabilities http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html ffmpeg1-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5479 ffmepg010-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5479 squid>=3.5<3.5.14 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2016_1.txt squid>=3.5<3.5.17 buffer-overflow http://www.squid-cache.org/Advisories/SQUID-2016_5.txt squid>=3.5<3.5.17 multiple-vulnerabilities http://www.squid-cache.org/Advisories/SQUID-2016_6.txt gd<2.1.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3074 hexchat<2.10.2 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7449 mysql-client>=5.5<5.5.49 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixMSQL mysql-server>=5.5<5.5.49 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixMSQL mysql-client>=5.6<5.6.30 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixMSQL mysql-server>=5.6<5.6.30 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixMSQL oracle-{jdk,jre}8<8.0.91 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixJAVA openjdk8<1.8.91 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixJAVA cairo<1.14.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3190 giflib-util<5.1.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3977 varnish<3.0.7 http-header-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8852 imlib2<1.4.9 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3555 firefox<46.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox46 firefox38<38.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.8 qemu<2.6.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4002 wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-19.html wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-20.html wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-21.html wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-22.html wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-23.html wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-24.html wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-25.html wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-26.html wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-27.html wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-28.html samba>=4.4<4.4.2 denial-of-service https://www.samba.org/samba/security/CVE-2015-5370.html php>=5.6<5.6.20 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.6.20 php>=7.0<7.0.6 multiple-vulnerabilities https://secure.php.net/ChangeLog-7.php#7.0.6 ImageMagick<6.9.3.0 multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2016/02/22/4 poppler<0.40.0 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8868 subversion>1.9<1.9.4 authentication-bypass http://subversion.apache.org/security/CVE-2016-2167-advisory.txt subversion>1.9<1.9.4 denial-of-service http://subversion.apache.org/security/CVE-2016-2168-advisory.txt php>=5.6<5.6.21 denial-of-service https://secure.php.net/ChangeLog-5.php#5.6.21 ntp<4.2.8p7 multiple-vulnerabilities http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-12.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-13.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-14.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-15.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-16.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-17.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-18.html jq<1.5nb1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8863 jq<1.5nb4 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4074 ImageMagick<6.9.3.10 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3714 ImageMagick<6.9.3.10 security-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3715 ImageMagick<6.9.3.10 security-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3716 ImageMagick<6.9.3.10 information-disclosure http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3717 ImageMagick<6.9.3.10 request-forgery http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3718 libtasn1<4.8 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4008 openssl>=1.0.2<1.0.2h multiple-vulnerabilities https://www.openssl.org/news/secadv/20160503.txt libarchive<3.2.0 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1541 lcms2<2.6 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7455 py{27,34,35,36}-mercurial<3.8.1 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3105 openafs<1.6.17 remote-security-bypass http://www.openafs.org/pages/security/OPENAFS-SA-2016-001.txt openafs<1.6.17 remote-information-exposure http://www.openafs.org/pages/security/OPENAFS-SA-2016-002.txt openafs<1.6.16 denial-of-service https://www.openafs.org/dl/1.6.16/RELNOTES-1.6.16 qemu<2.6.0 arbitrary-code-execution http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3710 qemu<2.6.0 arbitrary-code-execution http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3712 xentools45<4.5.3 multiple-vulnerabilities http://xenbits.xen.org/xsa/advisory-179.html wpa_supplicant<2.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4476 wpa_supplicant<2.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4477 adobe-flash-plugin<11.2.202.621 arbitrary-code-execution https://helpx.adobe.com/security/products/flash-player/apsa16-02.html squid<3.5.18 cache-poisoning http://www.squid-cache.org/Advisories/SQUID-2016_7.txt squid<3.5.18 cache-poisoning http://www.squid-cache.org/Advisories/SQUID-2016_8.txt squid<3.5.18 multiple-vulnerabilities http://www.squid-cache.org/Advisories/SQUID-2016_9.txt ikiwiki<3.20160506 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4561 botan<1.10.13 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3565 botan>=1.11.0<1.11.27 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3565 botan>=1.8.3<1.10.8 weak-encryption http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9742 botan>=1.11.0<1.11.9 weak-encryption http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9742 botan>=1.11.0<1.11.27 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2196 botan>=1.11.0<1.11.29 ssl-downgrade http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2850 botan>=1.7.15<1.10.13 side-channel https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2849 botan>=1.11.0<1.11.29 side-channel https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2849 jenkins<1.651.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2016-05-11/ jansson<2.8 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-4425 libxml2<2.9.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6837 libxml2<2.9.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6838 libxml2<2.9.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3627 suse{,32}_libxml2-[0-9]* denial-of-service http://lists.opensuse.org/opensuse-updates/2016-05/msg00055.html libxml2<2.9.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3705 suse{,32}_libxml2-[0-9]* denial-of-service http://lists.opensuse.org/opensuse-updates/2016-05/msg00055.html expat<2.1.1nb1 arbitrary-code-execution https://www.debian.org/security/2016/dsa-3582 bugzilla>=4.4<4.4.12 cross-site-scripting https://bugzilla.mozilla.org/show_bug.cgi?id=1253263 bugzilla>=5.0<5.0.3 cross-site-scripting https://bugzilla.mozilla.org/show_bug.cgi?id=1253263 xerces-c<3.1.4 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2099 nss<3.21.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979 php>=5.5<5.5.34 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.5.34 qemu<2.6.1 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4439 qemu<2.6.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4441 librsvg<2.40.12 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7558 librsvg<2.40.7 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7557 librsvg<2.40.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4348 moodle>=3.0<3.0.3 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=330173 moodle>=3.0<3.0.3 referer-leak https://moodle.org/mod/forum/discuss.php?d=330181 moodle>=3.0<3.0.3 restriction-bypass https://moodle.org/mod/forum/discuss.php?d=330182 moodle>=3.0<3.0.3 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=330180 moodle>=3.0<3.0.3 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=330178 moodle>=3.0<3.0.3 restriction-bypass https://moodle.org/mod/forum/discuss.php?d=330176 moodle>=3.0<3.0.3 cross-site-request-forgeries https://moodle.org/mod/forum/discuss.php?d=330179 moodle>=3.0<3.0.3 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=330174 moodle>=3.0<3.0.3 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=330175 wireshark>=2.0<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-22.html wireshark<1.12.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-22.html wireshark>=2.0<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-23.html wireshark<1.12.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-23.html wireshark>=2.0<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-24.html wireshark<1.12.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-24.html wireshark>=2.0<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-25.html wireshark<1.12.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-25.html wireshark>=2.0<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-26.html wireshark<1.12.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-26.html wireshark>=2.0<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-27.html wireshark<1.12.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-28.html php>=5.5<5.5.35 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.5.35 wordpress<4.4.1 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1564 php{55,56,70}-ja-wordpress<4.4.1 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1564 wordpress<4.2.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8834 php{55,56,70}-ja-wordpress<4.2.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8834 xenkernel45<4.5.3nb2 privilege-escalation http://xenbits.xen.org/xsa/advisory-176.html wordpress<4.5.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4567 php{55,56,70}-ja-wordpress<4.5.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4567 wordpress<4.5.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4566 php{55,56,70}-ja-wordpress<4.5.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4566 libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1762 libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1833 libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1834 libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1835 libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1836 libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1837 libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1838 libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1839 libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1840 libxml2<2.9.4 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4483 websvn-[0-9]* cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1236 qemu<2.6.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8558 qemu<2.6.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4037 qemu<2.6.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4001 qemu<2.6.1 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4020 webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0004.html webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0004.html webkit-gtk<2.12.3 multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0004.html quagga-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4049 libvirt<1.3.3 denial-of-service http://www.openwall.com/lists/oss-security/2016/05/24/5 xentools45<4.5.3nb3 denial-of-service http://xenbits.xen.org/xsa/advisory-180.html jetty>=9.3.0<9.3.9 information-disclosure http://www.ocert.org/advisories/ocert-2016-001.html pgpdump<0.30 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4021 typo<6.2.20 security-bypass http://seclists.org/bugtraq/2016/May/94 perl<5.22.1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8853 gd<2.1.1 denial-of-service https://security-tracker.debian.org/tracker/CVE-2013-7456 libxml2<2.9.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447 libxml2<2.9.4 format-string http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4448 libxml2<2.9.4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449 ImageMagick<7.0.1.2 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4562 ImageMagick<7.0.1.2 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4563 ImageMagick<7.0.1.2 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4564 ImageMagick<7.0.1.8 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5118 GraphicsMagick<1.3.24 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5118 gdk-pixbuf2<2.33.1 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8875 ansible<1.9.6 insecure-temp-files http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3096 nginx<1.8.1nb1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4450 nginx>=1.9<1.9.10nb1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4450 xentools45<4.5.3nb3 privilege-escalation http://xenbits.xen.org/xsa/advisory-178.html xenkernel45<4.5.3 privilege-escalation http://xenbits.xen.org/xsa/advisory-179.html xenkernel45<4.5.3nb2 denial-of-service http://xenbits.xen.org/xsa/advisory-180.html xenkernel45<4.5.3nb2 denial-of-service http://xenbits.xen.org/xsa/advisory-181.html firefox<47.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox47 firefox45<45.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr45.2 libksba<1.3.4 multiple-vulnerabilities http://www.ubuntu.com/usn/USN-2982-1/ ruby{18,21,22,23}-puppet>4.0<4.4.2 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2785 qemu<2.6.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4453 qemu<2.6.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4454 qemu<2.6.1 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5126 qemu<2.6.1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5337 qemu<2.6.1 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5238 ImageMagick<7.0.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4563 ImageMagick<7.0.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4564 ImageMagick<7.0.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4562 ImageMagick6<6.9.4.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4563 ImageMagick6<6.9.4.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4564 ImageMagick6<6.9.4.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4562 atheme<7.2.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4478 atheme<7.2.7 remote-information-modification https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9773 ntp<4.2.8p8 multiple-vulnerabilities http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi freetype2<2.5.4 multiple-vulnerabilities http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type42/t42parse.c?id=8b281f83e8516535756f92dbf90940ac44bd45e1 ansible>=1.9<1.9.6.1 arbitrary-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3096 ansible>=2.0<2.0.2.0 arbitrary-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3096 vlc<2.2.4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5108 clamav<0.99.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1405 suse{,32}_base-[0-9]* multiple-vulnerabilities http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html libxslt<1.1.29 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683 libxslt<1.1.29 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684 ocaml<4.03.0 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8869 thunderbird>=45<45.1.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.1 thunderbird38<38.8.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.8 adobe-flash-plugin<11.2.202.621 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-15.html adobe-flash-plugin<11.2.202.621 remote-code-execution https://helpx.adobe.com/security/products/flash-player/apsa16-03.html drupal>=7<7.44 privilege-escalation https://www.drupal.org/SA-CORE-2016-002 php>=5.6<5.6.22 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.6.22 php>=5.5<5.5.36 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.5.36 php>=5.6<5.6.23 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.6.23 php>=5.5<5.5.37 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.5.37 qemu<2.5.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2392 qemu<2.5.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2538 qemu<2.5.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2841 h2o<1.7.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4817 expat<2.2.0 insufficiently-random-numbers https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6702 openssl>=1.0.2<1.0.2i denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2177 openssl>=1.0.2<1.0.2i side-channel https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2178 qemu<2.6.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2391 expat<2.2.0 insufficiently-random-numbers https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5300 mDNSResponder<625.41.2 denial-of-service https://www.kb.cert.org/vuls/id/143335 openssl>=1.0.1<1.0.1s multiple-vulnerabilities https://www.openssl.org/news/secadv/20160301.txt openssl>=1.0.0<1.0.0r multiple-vulnerabilities https://www.openssl.org/news/secadv/20160301.txt openssl<0.9.8zf multiple-vulnerabilities https://www.openssl.org/news/secadv/20160301.txt openssl>=1.0.1<1.0.1t multiple-vulnerabilities https://www.openssl.org/news/secadv/20160503.txt openssl>=1.0.1<1.0.1t multiple-vulnerabilities http://www.securityfocus.com/archive/1/535303 openssl<1.0.1t multiple-vulnerabilities http://www.securityfocus.com/archive/1/535303 php{55,56,70}-contao41-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php-5.4.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages wordpress<4.5.3 restriction-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5838 wordpress<4.5.3 restriction-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5832 wordpress<4.5.3 cross-site-scripting http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5833 wordpress<4.5.3 cross-site-scripting http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5834 wordpress<4.5.3 sensitive-information-disclosure http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5835 wordpress<4.5.3 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5836 wordpress<4.5.3 restriction-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5837 wordpress<4.5.3 filtering-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5839 php{55,56,70}-ja-wordpress<4.5.3 restriction-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5838 php{55,56,70}-ja-wordpress<4.5.3 restriction-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5832 php{55,56,70}-ja-wordpress<4.5.3 cross-site-scripting http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5833 php{55,56,70}-ja-wordpress<4.5.3 cross-site-scripting http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5834 php{55,56,70}-ja-wordpress<4.5.3 sensitive-information-disclosure http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5835 php{55,56,70}-ja-wordpress<4.5.3 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5836 php{55,56,70}-ja-wordpress<4.5.3 restriction-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5837 php{55,56,70}-ja-wordpress<4.5.3 filtering-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5839 xerces-c<3.1.4 denial-of-service http://xerces.apache.org/xerces-c/secadv/CVE-2016-4463.txt apache-tomcat>=7.0<7.0.70 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092 apache-tomcat>=8.0<8.0.36 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092 libreoffice<5.1.4 remote-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/ libreoffice-bin<5.1.4 remote-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/ libreoffice>5.2<5.2.0 remote-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/ libreoffice-bin>5.2<5.2.0 remote-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/ dnsmasq<2.76 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8899 haproxy<1.6.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5360 bzip2<1.0.7 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3189 wget<1.18 arbitrary-file-overwrite http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4971 expat<2.2.0 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4472 suse{,32}_expat-[0-9]* denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4472 sqlite3<3.13.0 data-leak https://www.korelogic.com/Resources/Advisories/KL-001-2016-003.txt suse{,32}_sqlite3-[0-9]* data-leak https://www.korelogic.com/Resources/Advisories/KL-001-2016-003.txt nodejs>=0.10<0.10.44 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3956 nodejs>=0.12<0.12.13 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3956 nodejs>=4<4.4.2 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3956 nodejs>=5<5.10.0 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3956 phpmyadmin>=4.6<4.6.3 parameter-injection https://www.phpmyadmin.net/security/PMASA-2016-18/ phpmyadmin>=4.0<4.0.10.16 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-22/ phpmyadmin>=4.4<4.4.15.7 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-22/ phpmyadmin>=4.6<4.6.3 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-22/ phpmyadmin>=4.0<4.0.10.16 sensitive-information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-23/ phpmyadmin>=4.4<4.4.15.7 sensitive-information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-23/ phpmyadmin>=4.6<4.6.3 sensitive-information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-23/ phpmyadmin>=4.6<4.6.3 code-injection https://www.phpmyadmin.net/security/PMASA-2016-20/ phpmyadmin>=4.0<4.0.10.16 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-24/ phpmyadmin>=4.4<4.4.15.7 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-24/ phpmyadmin>=4.6<4.6.3 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-24/ phpmyadmin>=4.6<4.6.3 code-injection https://www.phpmyadmin.net/security/PMASA-2016-25/ phpmyadmin>=4.0<4.0.10.16 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-26/ phpmyadmin>=4.4<4.4.15.7 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-26/ phpmyadmin>=4.6<4.6.3 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-26/ phpmyadmin>=4.0<4.0.10.16 cross-site-request-forgery https://www.phpmyadmin.net/security/PMASA-2016-28/ phpmyadmin>=4.4<4.4.15.7 cross-site-request-forgery https://www.phpmyadmin.net/security/PMASA-2016-28/ phpmyadmin>=4.6<4.6.3 cross-site-request-forgery https://www.phpmyadmin.net/security/PMASA-2016-28/ phpmyadmin>=4.0<4.0.10.16 code-injection https://www.phpmyadmin.net/security/PMASA-2016-27/ phpmyadmin>=4.4<4.4.15.7 code-injection https://www.phpmyadmin.net/security/PMASA-2016-27/ phpmyadmin>=4.6<4.6.3 code-injection https://www.phpmyadmin.net/security/PMASA-2016-27/ phpmyadmin>=4.4<4.4.15.7 arbitrary-command-execution https://www.phpmyadmin.net/security/PMASA-2016-19/ phpmyadmin>=4.6<4.6.3 arbitrary-command-execution https://www.phpmyadmin.net/security/PMASA-2016-19/ phpmyadmin>=5.0.10<4.0.10.16 code-injection https://www.phpmyadmin.net/security/PMASA-2016-17/ phpmyadmin>=4.4.15<4.4.15.7 code-injection https://www.phpmyadmin.net/security/PMASA-2016-17/ phpmyadmin>=4.6<4.6.3 code-injection https://www.phpmyadmin.net/security/PMASA-2016-17/ phpmyadmin>=4.4<4.4.15.7 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-21/ phpmyadmin>=4.6<4.6.3 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-21/ phpmyadmin>=4.4<4.4.15.6 code-injection https://www.phpmyadmin.net/security/PMASA-2016-16/ phpmyadmin>=4.6<4.6.2 code-injection https://www.phpmyadmin.net/security/PMASA-2016-16/ phpmyadmin<4.6.2 code-injection https://www.phpmyadmin.net/security/PMASA-2016-14/ contao35<3.5.15 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4567 php{55,56,70}-contao35<3.5.15 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4567 php{55,56,70}-contao41-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4567 php{55,56,70}-contao42<4.2.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4567 libbpg>=0.9.5 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5637 adobe-flash-plugin<11.2.202.632 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-25.html go>=1.6<1.6.3 input-validation https://golang.org/issue/16405 thunderbird>=45<45.2.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.2 bind>=9.0.0<9.9.9pl2 denial-of-service https://kb.isc.org/article/AA-01390/169/CVE-2016-6170 bind>=9.10.0<9.10.4pl2 denial-of-service https://kb.isc.org/article/AA-01390/169/CVE-2016-6170 bind>=9.0.0<9.9.9pl1 denial-of-service https://kb.isc.org/article/AA-01393/74/CVE-2016-2775 bind>=9.10.0<9.10.4pl1 denial-of-service https://kb.isc.org/article/AA-01393/74/CVE-2016-2775 apache-tomcat-5.5.[0-9]* access-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5388 apache-tomcat-6.[0-9]* access-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5388 apache-tomcat-7.[0-9]* access-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5388 apache-tomcat<8.0.37 access-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5388 gimp<2.8.18 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4994 apache<2.2.31nb4 access-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387 apache>=2.4<2.4.23nb2 access-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387 apache>=2.4.18<2.4.23 security-restrictions-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4979 libvirt<2.0.0 authentication-bypass http://security.libvirt.org/2016/0001.html apache>=2.4.17<2.4.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1546 samba>=4.0<4.2.15 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119 samba>=4.3<4.3.11 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119 samba>=4.4<4.4.5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119 kinit<5.23 information-disclosure https://www.kde.org/info/security/advisory-20160621-1.txt GraphicsMagick<1.3.18 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8808 GraphicsMagick<1.3.18 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4589 wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-29.html wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-29.html wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-30.html wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-30.html wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-31.html wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-32.html wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-32.html wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-33.html wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-33.html wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-34.html wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-34.html wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-35.html wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-35.html wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-36.html wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-36.html wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-37.html wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-38.html py{27,33,34,35}-django>=1.9<1.9.8 cross-site-scripting https://www.djangoproject.com/weblog/2016/jul/18/security-releases/ harfbuzz<1.0.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8947 php>=5.5<5.6 out-of-bounds-write https://bugs.php.net/bug.php?id=72613 php>=5.6<5.6.24 out-of-bounds-write https://bugs.php.net/bug.php?id=72613 php>=7<7.0.9 out-of-bounds-write https://bugs.php.net/bug.php?id=72613 mysql>=5.5<5.5.50 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL mysql>=5.6<5.6.31 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL bsdiff<4.3nb1 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9862 php>=5.5<5.5.38 input-validation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5385 php>=5.6<5.6.24 input-validation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5385 php>=7<7.0.9 input-validation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5385 oracle-{jdk,jre}8<8.0.101 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixJAVA openjdk8<1.8.101 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixJAVA openssh<7.3 valid-account-enumeration http://seclists.org/fulldisclosure/2016/Jul/51 wireshark<2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools3-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools33-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools41-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools42-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel43-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel44-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools43-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools44-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mariadb-server<5.5.50 multiple-vulnerabilities https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ icu<58.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6293 p5-DBD-mysql<4.031 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9906 gd<2.2.3 multiple-vulnerabilities https://github.com/libgd/libgd/releases/tag/gd-2.2.3 collectd<5.4.3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6254 mit-krb5<1.14.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3120 perl<5.22.3 privilege-elevation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1238 perl>5.24.0<5.24.1 privilege-elevation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1238 perl<5.22.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6185 perl>5.24.0<5.24.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6185 p5-XSLoader-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6185 openssl>=1.0.2<1.0.2i denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2180 karchive<5.24 arbitrary-file-overwrite https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6232 xentools45<4.5.3nb3 denial-of-service http://xenbits.xen.org/xsa/advisory-175.html xentools46<4.6.3 denial-of-service http://xenbits.xen.org/xsa/advisory-175.html xenkernel45<4.5.3nb1 privilege-elevation http://xenbits.xen.org/xsa/advisory-182.html xenkernel46<4.6.4 privilege-elevation http://xenbits.xen.org/xsa/advisory-182.html redis<3.2.3 insecure-file-permissions https://www.suse.com/security/cve/CVE-2013-7458.html qemu<2.6.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5403 qemu0-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5403 xentools45<4.5.3nb4 denial-of-service http://xenbits.xen.org/xsa/advisory-184.html xentools46<4.6.4 denial-of-service http://xenbits.xen.org/xsa/advisory-184.html xenkernel45<4.5.3nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-183.html xenkernel46<4.6.4 denial-of-service http://xenbits.xen.org/xsa/advisory-183.html curl>=7.1<7.50.1 weak-ssl-authentication https://curl.haxx.se/docs/adv_20160803A.html suse{,32}_libcurl-[0-9]* weak-ssl-authentication https://curl.haxx.se/docs/adv_20160803A.html curl>=7.1<7.50.1 weak-ssl-authentication https://curl.haxx.se/docs/adv_20160803B.html suse{,32}_libcurl-[0-9]* weak-ssl-authentication https://curl.haxx.se/docs/adv_20160803B.html curl>=7.32.0<7.50.1 use-after-free https://curl.haxx.se/docs/adv_20160803C.html suse{,32}_libcurl-[0-9]* use-after-free https://curl.haxx.se/docs/adv_20160803C.html php{55,56,70,71}-ja-wordpress<4.5 remote-hijacking http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6635 wordpress<4.5 remote-hijacking http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6635 php70-gd>=7.0<7.0.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6128 php70-gd>=7.0<7.0.8 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766 php56-gd>=5.6<5.5.37 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766 php55-gd>=5.5<5.6.23 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766 php70-gd>=7.0<7.0.8 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5767 php56-gd>=5.6<5.5.37 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5767 php55-gd>=5.5<5.6.23 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5767 php70-mbstring>=7.0<7.0.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5768 php56-mbstring>=5.6<5.6.23 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5768 php55-mbstring>=5.5<5.5.37 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5768 php55-intl>=5.5<5.5.36 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5093 php56-intl>=5.6<5.6.22 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5093 php70-intl>=7.0<7.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5093 php{55,56,70,71}-ja-wordpress<4.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6634 wordpress<4.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6634 php{55,56,70,71}-ja-wordpress<4.5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4029 wordpress<4.5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4029 openssh<7.3.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6515 openssh<7.3.1 multiple-vulnerabilities http://www.openssh.com/txt/release-7.3 wireshark>=2.0<2.0.5 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-45.html wireshark>=2.0<2.0.5 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-44.html wireshark>=2.0<2.0.5 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-48.html wireshark>=2.0<2.0.5 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-49.html wireshark>=2.0<2.0.5 stack-overflow https://www.wireshark.org/security/wnpa-sec-2016-46.html wireshark>=2.0<2.0.5 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-47.html wireshark>=2.0<2.0.5 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-42.html wireshark>=2.0<2.0.5 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-41.html nspr<4.12 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1951 suse{,32}_mozilla-nspr-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1951 firefox<48.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox48 firefox45<45.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr45.3 openoffice3{,-bin}-[0-9]* arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2016-1513.html stunnel<5.34 unspecified https://www.stunnel.org/sdf_ChangeLog.html stunnel<5.35 unspecified https://www.stunnel.org/sdf_ChangeLog.html fontconfig<2.12.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5384 suse{,32}_fontconfig-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5384 postgresql91-server<9.1.23 denial-of-service https://access.redhat.com/security/cve/CVE-2016-5423 postgresql92-server<9.2.18 denial-of-service https://access.redhat.com/security/cve/CVE-2016-5423 postgresql93-server<9.3.14 denial-of-service https://access.redhat.com/security/cve/CVE-2016-5423 postgresql94-server<9.4.9 denial-of-service https://access.redhat.com/security/cve/CVE-2016-5423 postgresql95-server<9.5.4 denial-of-service https://access.redhat.com/security/cve/CVE-2016-5423 postgresql91-client<9.1.23 privilege-escalation https://access.redhat.com/security/cve/CVE-2016-5424 postgresql92-client<9.2.18 privilege-escalation https://access.redhat.com/security/cve/CVE-2016-5424 postgresql93-client<9.3.14 privilege-escalation https://access.redhat.com/security/cve/CVE-2016-5424 postgresql94-client<9.4.9 privilege-escalation https://access.redhat.com/security/cve/CVE-2016-5424 postgresql95-client<9.5.4 privilege-escalation https://access.redhat.com/security/cve/CVE-2016-5424 gd<2.2.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6161 libgcrypt<1.7.3 insufficiently-random-numbers https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html gnupg<1.4.21 insufficiently-random-numbers https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html p5-DBD-mysql<4.033 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8949 lighttpd<1.4.41 access-bypass http://www.lighttpd.net/2016/7/31/1.4.41/ php{55,56,70,71}-roundcube<1.1.5 cross-site-request-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4069 binutils<2.22 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3509 ruby{18,193,200}-bundler<1.7.3 restriction-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0334 lighttpd<1.4.36 inject-log-entries https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3200 libarchive<3.2.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0211 libarchive<3.2.1 arbitrary-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2304 eog>=3<3.20.4 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6855 ruby{18,21,22,23}-jquery-rails<3.0.1 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6662 python27<2.7.12 man-in-the-middle https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0772 python34<3.4.5 man-in-the-middle https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0772 python35<3.5.2 man-in-the-middle https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0772 python27<2.7.12 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5636 python34<3.4.5 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5636 python35<3.5.2 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5636 python27<2.7.10 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5699 python34<3.4.4 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5699 mailman<2.1.23 cross-site-request-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6893 mailman<2.1.15 cross-site-request-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7123 openoffice3{,-bin}-[0-9]* arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3575 subversion-base<1.7.17 spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3528 subversion-base>=1.4.0<1.7.18 man-in-the-middle https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3522 libvncserver-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6054 webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0005.html webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0005.html webkit-gtk<2.12.4 multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0005.html qemu<2.6.1 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4952 qemu<2.6.1 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5106 qemu<2.6.1 local-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5105 qemu<2.6.1 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5107 libVNCServer<0.9.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055 xenkernel45<4.5.3nb3 privilege-elevation http://xenbits.xen.org/xsa/advisory-185.html xenkernel45>=4.5.3<4.5.3nb3 privilege-elevation http://xenbits.xen.org/xsa/advisory-186.html xenkernel45<4.5.3nb3 denial-of-service http://xenbits.xen.org/xsa/advisory-187.html xenkernel46<4.6.3nb1 privilege-elevation http://xenbits.xen.org/xsa/advisory-185.html xenkernel46>=4.6.3<4.6.3nb1 privilege-elevation http://xenbits.xen.org/xsa/advisory-186.html xenkernel46<4.6.3nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-187.html libidn<1.33 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8948 libidn<1.33 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6261 libidn<1.33 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6262 libidn<1.33 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6263 py{27,34,35}-trytond>=3.8<3.8.8 multiple-vulnerabilities http://www.tryton.org/posts/security-release-for-issue5795-and-issue5808.html libcrack<2.7nb2 privilege-elevation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6318 qemu<2.7.0 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6351 asterisk>=13.0<13.11.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-006.html asterisk>=13.0<13.11.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-007.html asterisk>=11.0<11.23.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-007.html wireshark>=2.0<2.0.6 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-50.html wireshark>=2.0<2.0.6 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-51.html wireshark>=2.0<2.0.6 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-52.html wireshark>=2.0<2.0.6 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-53.html wireshark>=2.0<2.0.6 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-54.html wireshark>=2.0<2.0.6 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-55.html php70-curl<7.0.10 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7134 php>=7.0<7.0.10 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7133 php70-wddx<7.0.10 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7132 php56-wddx<5.6.25 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7132 php70-wddx<7.0.10 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7130 php56-wddx<5.6.25 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7130 php70-wddx<7.0.10 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7131 php56-wddx<5.6.25 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7131 php70-exif<7.0.10 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7128 php56-exif<5.6.25 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7128 php70-wddx<7.0.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7129 php56-wddx<5.6.25 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7129 php70-gd<7.0.10 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7127 php56-gd<5.6.25 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7127 php70-gd<7.0.10 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7126 php56-gd<5.6.25 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7126 php>=7.0<7.0.10 php-object-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7125 php<5.6.25 php-object-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7125 php>=7.0<7.0.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7124 php<5.6.25 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7124 adobe-flash-plugin<11.2.202.635 restriction-bypass https://helpx.adobe.com/security/products/flash-player/apsb16-29.html mysql-server>5.5<5.5.52 privilege-escalation https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html mysql-server>5.6<5.6.33 privilege-escalation https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html mysql-server>5.7<5.7.15 privilege-escalation https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html mariadb-server<5.5.51 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6662 curl<7.50.3 heap-overflow https://curl.haxx.se/docs/adv_20160914.html cryptopp-[0-9]* sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7420 openssl>=1.0.2<1.0.2i denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2179 openssl>=1.0.2<1.0.2i denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2181 openssl>=1.0.2<1.0.2i denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2182 openssl>=1.0.2<1.0.2i denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6302 openssl>=1.0.2<1.0.2i denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6303 php{54,55,56}-owncloud>9.0.0<9.0.4 cross-site-scripting https://owncloud.org/security/advisory/?id=oc-sa-2016-011 php<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7411 php56-mysql<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412 php56-mysqli<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412 php56-wddx<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7413 php<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7414 php56-intl<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7416 php<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7417 php56-wddx<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7418 php70-mysql<7.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412 php70-mysqli<7.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412 php70-wddx<7.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7413 php>=7.0<7.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7414 php70-intl<7.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7416 php>=7.0<7.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7417 php70-wddx<7.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7418 irssi>=0.8.17<0.8.20 multiple-vulnerabilities https://irssi.org/security/irssi_sa_2016.txt openjpeg<2.1.2 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7163 flex<2.6.1 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6354 zookeeper<3.4.9 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5017 mupdf<1.9anb2 denial-of-service https://security-tracker.debian.org/tracker/CVE-2016-6265 mupdf<1.9anb3 denial-of-service https://security-tracker.debian.org/tracker/CVE-2016-6525 tiff<4.0.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3990 php{55,56,70,71}-owncloud<9.0.4 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7419 icu<58.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7415 firefox<49.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox49 firefox45<45.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr45.4 powerdns<3.4.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5426 powerdns<3.4.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5427 powerdns<4.0.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6172 openssl>=1.0.1<1.0.1u multiple-vulnerabilities https://www.openssl.org/news/secadv/20160922.txt openssl>=1.1.0<1.1.0a multiple-vulnerabilities https://www.openssl.org/news/secadv/20160922.txt openssl>=1.1.0<1.1.0b use-after-free https://www.openssl.org/news/secadv/20160926.txt openssl>=1.0.2i<1.0.2j null-pointer-dereference https://www.openssl.org/news/secadv/20160926.txt bind<9.9.9pl3 denial-of-service https://kb.isc.org/article/AA-01419/0 bind<9.9.9pl3 denial-of-service https://kb.isc.org/article/AA-01433/74/CVE-2016-2848 bind<9.10.4pl3 denial-of-service https://kb.isc.org/article/AA-01419/0 py{27,34,35}-django<1.8.15 cross-site-request-forgeries https://www.djangoproject.com/weblog/2016/sep/26/security-releases/ py{27,34,35}-django>=1.9<1.9.10 cross-site-request-forgeries https://www.djangoproject.com/weblog/2016/sep/26/security-releases/ file-roller>=3.5.4<3.20.2 local-file-delete https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7162 gd<2.2.3nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7568 php55-gd<5.5.38nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7568 php56-gd<5.6.24nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7568 php70-gd<7.0.9nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7568 php71-gd<7.1.0beta1nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7568 p5-DBD-mysql<4.037 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1246 wget<1.18nb3 local-security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7098 qemu<2.7.0nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7907 qemu<2.7.0nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7908 qemu<2.7.0nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7909 qemu<2.7.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7161 inspircd<2.0.23 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7142 irssi<0.8.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7044 drupal>=8<8.1.10 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2016-004 clamav<0.99.2 multiple-vulnerabilities http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html libcares<1.12.0 arbitrary-code-execution https://c-ares.haxx.se/adv_20160929.html mongodb<3.4.0 sensitive-information-disclosure https://jira.mongodb.org/browse/SERVER-25335 gdk-pixbuf2<2.35.3 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6352 adodb<5.20.7 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7405 openjpeg<2.1.2 null-pointer-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7445 freerdp<1.1.0b2013071101 null-pointer-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4118 freerdp<1.1.0b2013071101 null-pointer-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4119 p5-DBD-mysql<4.037 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1246 tiff<4.0.7 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3619 tiff<4.0.7 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3620 tiff<4.0.7 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3621 tiff<4.0.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622 tiff<4.0.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623 tiff<4.0.7 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624 tiff<4.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3625 tiff<4.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3631 tiff<4.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3633 tiff<4.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3634 tiff<4.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3658 gd<2.2.3 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6905 nss<3.23.0 denial-of-service https://www.mozilla.org/en-US/security/advisories/mfsa2016-61/ nspr<4.12 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1951 nodejs>=6<6.7.0 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/ nodejs>=4<4.6.0 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/ adobe-flash-plugin<11.2.202.637 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-32.html qemu<2.7.0nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7423 xenkernel-[0-9]* information-leak https://xenbits.xen.org/xsa/advisory-190.html pidgin<2.11.0 multiple-vulnerabilities https://www.pidgin.im/news/security/ ap22-modsecurity<2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages shotwell-[0-9]* man-in-the-middle https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1000033 oracle-{jdk,jre}-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixJAVA py{27,34,35}-mysql-connector>2.1<2.1.4 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5598 py{27,34,35}-mysql-connector>2.0<2.0.5 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5598 mysql-client>5.5<5.5.53 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL mysql-server>5.5<5.5.53 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL mysql-client>5.6<5.6.34 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL mysql-server>5.6<5.6.34 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL mysql-client>5.7<5.7.16 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL mysql-server>5.7<5.7.16 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL openjpeg<2.1.2 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8332 openjpeg<2.2.0 null-pointer-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9114 openjpeg<2.2.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9117 openjpeg<2.2.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9115 openjpeg<2.2.0 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9118 openjpeg<2.2.0 null-pointer-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9113 openjpeg<2.2.0 null-pointer-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9116 openjpeg<2.2.0 floating-point-exception https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9112 tiff<4.0.8 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8331 moodle-[0-9]* information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7919 botan>1.11.29<1.11.32 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8871 tor<0.2.8.9 denial-of-service https://blog.torproject.org/blog/tor-0289-released-important-fixes quagga<1.0.20161017 buffer-overflow https://lists.quagga.net/pipermail/quagga-users/2016-October/014478.html argus-[0-9]* stack-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8333 argus-[0-9]* stack-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8335 mupdf<1.10 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7506 mupdf<1.10 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7505 mupdf<1.10 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7504 php>=5.6<5.6.27 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.6.27 php>=7.0<7.0.12 multiple-vulnerabilities https://secure.php.net/ChangeLog-7.php#7.0.12 qemu<2.8.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8577 qemu<2.8.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8576 qemu<2.8.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8667 qemu<2.8.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8578 qemu<2.8.0 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8668 qemu<2.8.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8909 qemu<2.8.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8669 qemu<2.8.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8910 adobe-flash-plugin<11.2.202.643 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-37.html mupdf<1.10 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9136 moodle-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9186 moodle-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9187 moodle-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9188 py{27,34,35}-Pillow<3.3.2 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9189 py{27,34,35}-Pillow<3.3.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9190 bind<9.9.9pl4 denial-of-service https://kb.isc.org/article/AA-01434 bind<9.10.4pl4 denial-of-service https://kb.isc.org/article/AA-01434 libxslt<1.1.29 out-of-bounds-read https://git.gnome.org/browse/libxslt/commit/?id=eb1030de31165b68487f288308f9d1810fed6880 py{26,27}-moin<1.9.9 multiple-vulnerabilities https://www.curesec.com/blog/article/blog/MoinMoin-198-XSS-175.html libX11<1.6.3 multiple-vulnerabilities https://lists.x.org/archives/xorg-announce/2016-October/002720.html libXfixes<5.0.3 integer-overflow https://lists.x.org/archives/xorg-announce/2016-October/002720.html libXi<1.7.7 multiple-vulnerabilities https://lists.x.org/archives/xorg-announce/2016-October/002720.html libXrandr<1.5.1 multiple-vulnerabilities https://lists.x.org/archives/xorg-announce/2016-October/002720.html libXrender<0.9.10 multiple-vulnerabilities https://lists.x.org/archives/xorg-announce/2016-October/002720.html libXtst<1.2.3 integer-overflow https://lists.x.org/archives/xorg-announce/2016-October/002720.html libXv<1.0.11 buffer-overflow https://lists.x.org/archives/xorg-announce/2016-October/002720.html libXvmc<1.0.10 buffer-overflow https://lists.x.org/archives/xorg-announce/2016-October/002720.html subversion-base>1.9<1.9.5 denial-of-service https://subversion.apache.org/security/CVE-2016-8734-advisory.txt p5-SOAP-Lite<1.15 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8978 hdf5<1.8.18 multiple-vulnerabilities http://blog.talosintel.com/2016/11/hdf5-vulns.html p7zip<16.02nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9296 tiff<4.0.7 multiple-vulnerabilities http://www.securityfocus.com/bid/94484 drupal>=7<7.5.2 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2016-005 drupal>=8<8.2.3 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2016-005 libxml2<2.9.4nb1 unauthorized-access https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9318 asterisk>=13.0<13.13.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-008.html asterisk>=14.0<14.2.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-009.html asterisk>=11.0<11.25.1 authentication-bypass http://downloads.digium.com/pub/security/AST-2016-010.html asterisk>=13.0<13.13.1 authentication-bypass http://downloads.digium.com/pub/security/AST-2016-010.html asterisk>=14.0<14.2.1 authentication-bypass http://downloads.digium.com/pub/security/AST-2016-010.html criticalmass<1.0.2nb8 ancient-curl-included http://mail-index.netbsd.org/pkgsrc-changes/2016/12/10/msg149940.html firefox<50.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox50 firefox<50.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox50.0.1 firefox<50.0.2 use-after-free https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox50.0.2 firefox45<45.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr45.5 firefox45<45.5.1 use-after-free https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr45.5.1 thunderbird>=45<45.5 use-after-free https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.5 thunderbird>=45<45.5.1 use-after-free https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.5.1 wireshark>=2.2<2.2.1 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-56.html wireshark>=2.2<2.2.1 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-57.html wireshark>=2.2<2.2.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-58.html wireshark>=2.2<2.2.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-59.html wireshark>=2.2<2.2.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-60.html wireshark>=2.2<2.2.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-61.html wireshark>=2.2<2.2.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-62.html gst-plugins1-good<1.10.2 multiple-vulnerabilities https://gstreamer.freedesktop.org/releases/1.10/#1.10.2 gst-plugins0.10-good-[0-9]* multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3724 p5-DBD-mysql<4.041 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1251 libdwarf-[0-9]* heap-buffer-overflow https://www.prevanders.net/dwarfbug.html#DW201611-006 php56-piwigo-[0-9]* cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9751 libgsf<1.14.41 null-dereference https://github.com/GNOME/libgsf/commit/95a8351a75758cf10b3bf6abae0b6b461f90d9e5 apache>2.4.17<2.4.24 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8740 php{56,70,71}-roundcube<1.1.5 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9920 py{27,34,35}-django<1.8.16 multiple-vulnerabilities https://www.djangoproject.com/weblog/2016/nov/01/security-releases/ py{27,34,35}-django>=1.9<1.9.11 multiple-vulnerabilities https://www.djangoproject.com/weblog/2016/nov/01/security-releases/ py{27,34,35}-django>=1.10<1.10.3 multiple-vulnerabilities https://www.djangoproject.com/weblog/2016/nov/01/security-releases/ qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9106 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9105 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9104 qemu<2.8.0rc0 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9103 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9102 qemu<2.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9101 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7995 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7994 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7466 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7422 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7421 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7170 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7157 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7156 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7155 qemu<2.7.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7116 qemu<2.7.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6888 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6836 qemu<2.6.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6835 qemu<2.7.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6834 qemu<2.7.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6833 qemu<2.7.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6490 qemu<2.7.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4964 gtar-base<1.29 directory-traversal https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6321 phpmyadmin<4.6.4 sensitive-information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-29/ phpmyadmin<4.6.4 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-30/ phpmyadmin<4.6.4 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-31/ phpmyadmin<4.6.4 remote-code-execution https://www.phpmyadmin.net/security/PMASA-2016-32/ phpmyadmin<4.6.4 information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-33/ phpmyadmin<4.6.4 sql-injection https://www.phpmyadmin.net/security/PMASA-2016-34/ phpmyadmin<4.6.4 sql-injection https://www.phpmyadmin.net/security/PMASA-2016-35/ phpmyadmin<4.6.4 symlink-attack https://www.phpmyadmin.net/security/PMASA-2016-36/ phpmyadmin<4.6.4 path-traversal https://www.phpmyadmin.net/security/PMASA-2016-37/ phpmyadmin<4.6.4 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-37/ phpmyadmin<4.6.4 sql-injection https://www.phpmyadmin.net/security/PMASA-2016-39/ phpmyadmin<4.6.4 sql-injection https://www.phpmyadmin.net/security/PMASA-2016-40/ phpmyadmin<4.6.4 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-41/ phpmyadmin<4.6.4 sql-injection https://www.phpmyadmin.net/security/PMASA-2016-42/ phpmyadmin<4.6.4 validation-bypass https://www.phpmyadmin.net/security/PMASA-2016-43/ phpmyadmin<4.6.4 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-45/ phpmyadmin<4.6.4 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-46/ phpmyadmin<4.6.4 authentication-bypass https://www.phpmyadmin.net/security/PMASA-2016-47/ phpmyadmin<4.6.4 information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-48/ phpmyadmin<4.6.4 bypass-protection https://www.phpmyadmin.net/security/PMASA-2016-49/ phpmyadmin<4.6.4 sensitive-information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-50/ phpmyadmin<4.6.4 reflected-file-download https://www.phpmyadmin.net/security/PMASA-2016-51/ phpmyadmin<4.6.4 security-bypass https://www.phpmyadmin.net/security/PMASA-2016-52/ phpmyadmin<4.6.4 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-53/ phpmyadmin<4.6.4 remote-code-execution https://www.phpmyadmin.net/security/PMASA-2016-54/ phpmyadmin<4.6.4 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-55/ phpmyadmin<4.6.4 remote-code-execution https://www.phpmyadmin.net/security/PMASA-2016-56/ phpmyadmin<4.6.5 sensitive-information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-59/ phpmyadmin<4.6.5 remote-security-bypass https://www.phpmyadmin.net/security/PMASA-2016-60/ phpmyadmin<4.6.5 multiple-vulnerabilities https://www.phpmyadmin.net/security/PMASA-2016-63/ phpmyadmin<4.6.5 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-64/ phpmyadmin<4.6.5 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-65/ phpmyadmin<4.6.5 remote-security-bypass https://www.phpmyadmin.net/security/PMASA-2016-66/ phpmyadmin<4.6.5 code-injection https://www.phpmyadmin.net/security/PMASA-2016-67/ phpmyadmin<4.6.5 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-68/ phpmyadmin<4.6.5 multiple-vulnerabilities https://www.phpmyadmin.net/security/PMASA-2016-69/ phpmyadmin<4.6.5 remote-security-bypass https://www.phpmyadmin.net/security/PMASA-2016-70/ phpmyadmin<4.6.5 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-71/ seamonkey<2.40nb7 remote-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/ jasper<1.900.29nb1 buffer-overflow https://github.com/mdadams/jasper/issues/93 modular-xorg-server<1.16.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3418 libXv<1.0.11 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5407 libXtst<1.2.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7952 libXtst<1.2.3 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7951 libXrender<0.9.10 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7950 libXrender<0.9.10 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7949 libXrandr<1.5.1 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7948 libXrandr<1.5.1 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7947 libXi<1.7.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7946 libXi<1.7.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7945 libX11<1.6.4 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7943 libX11<1.6.4 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7942 libXvMC<1.0.10 buffer-underflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7953 libXfixes<5.0.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7944 ImageMagick<7.0.2.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6491 p7zip<16.0 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2334 adobe-flash-plugin<24.0.0.186 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-39.html pcre<8.38 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5073 pcre<8.38 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3210 pcre<8.38 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3217 pcre<8.38 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5073 pcre2<10.10 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3210 py{27,34,35}-bottle<0.12.11 crlf-attack https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9964 libupnp<1.6.21 remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6255 libupnp<1.6.21 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8863 tigervnc-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8241 w3m<0.5.3.0.20161218 multiple-vulnerabilities https://github.com/tats/w3m/commit/b3805049f2add9226f6eac1b534626c4e5d9da52 rabbitmq<3.6.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8786 nagios-base<4.2.2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9565 nagios-base<4.2.4 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9566 firefox<50.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-94/ firefox45<45.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/ php>=5.6<5.6.28 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9933 php>=7.0<7.0.13 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9933 php>=7.1<7.1.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9933 php>=5.6<5.6.28 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934 php>=7.0<7.0.13 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934 php>=7.1<7.1.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934 php>=5.6<5.6.29 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9935 php>=7.0<7.0.14 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9935 php>=7.0<7.0.14 use-after-free https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9936 php>=7.1<7.1.0 use-after-free https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9936 lynx<2.8.8.2nb5 information-leak http://seclists.org/oss-sec/2016/q4/322 php{56,70,71}-roundcube<1.2.0 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4552 py{27,34,35}-docx<0.8.6 xml-external-entity https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5851 ffmpeg2-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6671 ffmpeg3<3.1.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6671 ffmpeg1-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6881 ffmpeg2-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6881 ffmpeg3<3.1.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6881 ffmpeg1-[0-9]* multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2016/10/08/1 ffmpeg2-[0-9]* multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2016/10/08/1 ffmpeg3<3.1.4 multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2016/10/08/1 ffmpeg3<3.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9561 ffmpeg2-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8595 ffmpeg3<3.1.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8595 openjpeg<1.5.2 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9675 libxml2<2.9.4nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5131 libxml2<2.9.4nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4658 kdesu<5.7.5 dialog-spoofing https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7787 qemu<2.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9907 qemu<2.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9923 qemu<2.8.1 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9908 qemu<2.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9911 qemu<2.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9921 qemu<2.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9912 p5-XML-Twig-[0-9]* xml-external-entity https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9180 p5-Image-Info<1.39 xml-external-entity https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9181 exim<4.88 information-leak https://exim.org/static/doc/CVE-2016-9963.txt mantis<1.3.5 arbitrary-code-execution https://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10033-Vuln.html ImageMagick<7.0.3.9 arbitrary-code-execution http://www.talosintelligence.com/reports/TALOS-2016-0216/ ImageMagick6<6.9.6.7 arbitrary-code-execution http://www.talosintelligence.com/reports/TALOS-2016-0216/ openssh<7.4 multiple-vulnerabilities http://www.openssh.com/txt/release-7.4 qemu<2.8.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9776 qemu<2.8.0 information-leak https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9845 qemu<2.8.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9913 qemu<2.8.0 information-leak https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9846 qemu<2.8.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9915 qemu<2.8.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9916 qemu<2.8.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9914 rabbitmq<3.6.6 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9877 contao35<3.5.21 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10074 php{55,56,70,71}-contao35<3.5.21 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10074 php{55,56,70,71}-contao42<4.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10074 php{55,56,70,71}-contao43<4.3.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10074 php{55,56,70,71}-contao42-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php{56,70,71}-roundcube<1.2.3 remote-code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9920 irssi>=0.8.17<0.8.21 multiple-vulnerabilities https://irssi.org/security/irssi_sa_2017_01.txt php{56,70,71}-piwigo<2.8.5 multiple-vulnerabilities http://piwigo.org/releases/2.8.5 libvncserver<0.9.11 multiple-vulnerabilities https://github.com/LibVNC/libvncserver/releases/tag/LibVNCServer-0.9.11 thunderbird>=45<45.6.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-96/ py{27,34,35,36}-borgbackup<1.0.9 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10100 py{27,34,35,36}-borgbackup<1.0.9 local-filename-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10099 php{56,70,71}-ja-wordpress<4.6.1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7169 php{56,70,71}-ja-wordpress<4.6.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7168 wordpress<4.6.1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7169 wordpress<4.6.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7168 pidgin<2.11.0 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2375 pidgin<2.11.0 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2373 pidgin<2.11.0 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2371 pidgin<2.11.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2369 pidgin<2.11.0 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2367 pidgin<2.11.0 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2366 pidgin<2.11.0 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2365 pidgin<2.11.0 arbitrary-file-overwrite https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4323 pidgin<2.11.0 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2380 pidgin<2.11.0 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2378 pidgin<2.11.0 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2370 pidgin<2.11.0 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2374 pidgin<2.11.0 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2372 pidgin<2.11.0 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2368 pidgin<2.11.0 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2376 ruby{18,21,22,23}-fiddle-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2339 ruby{18,21,22,23}-tk-[0-9]* arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2337 ruby{18,21,22,23}-bundler-[0-9]* code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7954 php>=5.6<5.6.28 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8670 php>=7.0<7.0.13 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8670 memcached<1.4.33 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8704 memcached<1.4.33 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8706 memcached<1.4.33 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8705 freeimage<3.17.0nb1 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5684 tiff<4.0.7 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5652 bind>=9.9.3<9.9.9pl5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9131 bind<9.10.4pl5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9131 bind>=9.9.9pl4<9.9.9pl5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9147 bind>=9.10.4pl4<9.10.4pl5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9147 bind>=9.9.3<9.9.9pl5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9444 bind<9.10.4pl5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9444 screen>=4.5.0<4.5.0nb1 local-privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5618 apache>=2.4.1<2.4.25 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161 apache>=2.4.1<2.4.25 padding-oracle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736 apache>=2.2.0<2.2.32 cache-poisoning https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743 apache>=2.4.1<2.4.25 cache-poisoning https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743 png<1.0.67 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10087 png>1.2<1.2.57 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10087 png>1.4<1.4.20 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10087 png>1.5<1.5.28 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10087 png>1.6<1.6.27 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10087 apache-tomcat>=6.0.16<6.0.49 information-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745 apache-tomcat>=7.0.0<7.0.74 information-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745 apache-tomcat>=8.0.0<8.0.40 information-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745 apache-tomcat>=8.5.0<8.5.9 information-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745 apache-tomcat>=9.0.0.M1<9.0.0.M15 information-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745 pidgin<2.11.0 information-leak https://www.pidgin.im/news/security/?id=96 pidgin<2.11.0 buffer-overflow https://www.pidgin.im/news/security/?id=93 py{27,34,35,36}-hpack<2.3.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6581 chicken<4.12 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6830 chicken<4.12 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6831 mantis<1.2.19 remote-script-inject https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6837 adobe-flash-plugin<24.0.0.194 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb17-02.html ntp<4.2.8p9 multiple-vulnerabilities http://support.ntp.org/bin/view/Main/SecurityNotice#November_2016_ntp_4_2_8p9_NTP_Se py{27,34,35,36}-urllib3<1.18.1 validation-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9015 guile-[0-9]* insecure-file-permissions https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8605 openssl<1.0.2k denial-of-service https://www.openssl.org/news/secadv/20170126.txt bind>=9.9.9pl1<9.9.9pl6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-9778 php>=5.0<5.6.28 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7478 php>=7.0<7.0.13 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7478 php>=7.0<7.0.12 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7480 php>=7.0<7.0.15 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5340 php>=7.1<7.1.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5340 php>=7.0<7.0.15 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7479 ikiwiki<3.20161229 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-9645 ikiwiki<3.20161229 commit-metadata-forgery https://nvd.nist.gov/vuln/detail/CVE-2016-9646 ikiwiki<3.20170111 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-0356 tiff<4.0.7nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5225 guile20<2.0.13 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8606 jenkins<2.32 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9299 jenkins-lts<2.19.3 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9299 zoneminder-[0-9]* authentication-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10140 jasper<1.900.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8882 jasper<1.900.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8883 gstreamer1<1.10.2 multiple-vulnerabilities https://gstreamer.freedesktop.org/releases/1.10/#1.10.2 libplist<2.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5209 wordpress<4.7.1 multiple-vulnerabilities https://codex.wordpress.org/Version_4.7.1 wordpress<4.7.2 multiple-vulnerabilities https://codex.wordpress.org/Version_4.7.2 ntopng-[0-9]* cross-site-request-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5473 gnutls<3.3.26 memory-corruption https://gnutls.org/security.html#GNUTLS-SA-2017-1 gnutls>=3.4<3.5.8 memory-corruption https://gnutls.org/security.html#GNUTLS-SA-2017-2 GraphicsMagick<1.3.26 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7996 tiff<4.0.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9297 mupdf<1.10anb2 integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5627 mupdf<1.10anb2 integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5628 php{56,70,71}-ja-wordpress<4.7.1 multiple-vulnerabilities https://codex.wordpress.org/Version_4.7.1 php{56,70,71}-ja-wordpress<4.7.2 multiple-vulnerabilities https://codex.wordpress.org/Version_4.7.2 unrealircd<3.2.10.7 ssl-certificate-spoofing https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7144 unrealircd>=4.0<4.0.6 ssl-certificate-spoofing https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7144 GraphicsMagick<1.3.26 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7997 php{56,70,71}-piwigo<2.8.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5608 tcpdump<4.9.0 multiple-vulnerabilities https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1494526.html tiff<4.0.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9273 mysql-server>5.5<5.5.54 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL mysql-server>5.6<5.6.35 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL mysql-server>5.7<5.7.17 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL libical<2.0.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2016-5823 libical<3.0.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2016-5824 libical-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-5825 libical-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-5826 libical<3.0.0 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-5827 libical<3.0.0 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-9584 mysql-cluster<7.2.27 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL mysql-cluster<7.3.15 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL mysql-cluster<7.4.13 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL ffmpeg3>3.0<3.0.4 heap-corruption https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5200 ffmpeg3>3.1<3.1.4 heap-corruption https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5200 ffmpeg3>3.0<3.0.4 heap-corruption https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5199 ffmpeg3>3.1<3.1.4 heap-corruption https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5199 openjdk8<1.8.121 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA oracle-{jdk,jre}<8.0.121 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA ImageMagick<7.0.3.10 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6823 bash<4.4 privilege-elevation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7543 tiff<4.0.7 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453 tiff<4.0.7 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9448 tiff<4.0.7 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223 tiff<4.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5563 tiff<4.0.7 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321 tiff<4.0.7 heap-buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5319 tiff<4.0.7 stack-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5318 tiff<4.0.7 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317 tiff<4.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316 tiff<4.0.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323 moodle>=2.7<2.7.15 plaintext-injection https://moodle.org/mod/forum/discuss.php?d=336698#p1356859 moodle>=2.8<2.9.7 plaintext-injection https://moodle.org/mod/forum/discuss.php?d=336698#p1356859 moodle>=3.0<3.0.5 plaintext-injection https://moodle.org/mod/forum/discuss.php?d=336698#p1356859 moodle>=3.1<3.1.1 plaintext-injection https://moodle.org/mod/forum/discuss.php?d=336698#p1356859 owncloudclient<2.2.3 privilege-elevation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7102 wireshark>=2.2<2.2.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2017-01.html wireshark>=2.2<2.2.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2017-02.html magento<2.0.6 php-object-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4010 gnuchess<6.2.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8972 bash<4.4.006 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9401 w3m<0.5.3.0.20161009 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9435 xenkernel42-[0-9]* information-leak http://xenbits.xen.org/xsa/advisory-200.html xenkernel45<4.5.5nb2 information-leak http://xenbits.xen.org/xsa/advisory-200.html xenkernel46<4.6.5 information-leak http://xenbits.xen.org/xsa/advisory-200.html xenkernel46<4.6.5 denial-of-service http://xenbits.xen.org/xsa/advisory-203.html xenkernel42-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-202.html xenkernel45<4.5.5nb3 denial-of-service http://xenbits.xen.org/xsa/advisory-202.html xenkernel46<4.6.5 denial-of-service http://xenbits.xen.org/xsa/advisory-202.html xenkernel42-[0-9]* privilege-elevation http://xenbits.xen.org/xsa/advisory-204.html xenkernel45<4.5.5nb2 privilege-elevation http://xenbits.xen.org/xsa/advisory-204.html xenkernel46<4.6.5 privilege-elevation http://xenbits.xen.org/xsa/advisory-204.html xenkernel42-[0-9]* privilege-elevation http://xenbits.xen.org/xsa/advisory-192.html xenkernel45<4.5.5nb1 privilege-elevation http://xenbits.xen.org/xsa/advisory-192.html xenkernel46<4.6.5 privilege-elevation http://xenbits.xen.org/xsa/advisory-192.html xentools42-[0-9]* arbitrary-file-overwrite http://xenbits.xen.org/xsa/advisory-198.html xentools45<4.5.5nb1 arbitrary-file-overwrite http://xenbits.xen.org/xsa/advisory-198.html xentools46<4.6.5 arbitrary-file-overwrite http://xenbits.xen.org/xsa/advisory-198.html xenkernel42-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-193.html xenkernel45<4.5.5nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-193.html xenkernel46<4.6.5 denial-of-service http://xenbits.xen.org/xsa/advisory-193.html xenkernel42-[0-9]* arbitrary-code-execution http://xenbits.xen.org/xsa/advisory-195.html xenkernel45<4.5.5nb1 arbitrary-code-execution http://xenbits.xen.org/xsa/advisory-195.html xenkernel46<4.6.5 arbitrary-code-execution http://xenbits.xen.org/xsa/advisory-195.html xenkernel42-[0-9]* privilege-elevation http://xenbits.xen.org/xsa/advisory-197.html xenkernel45<4.5.5nb1 privilege-elevation http://xenbits.xen.org/xsa/advisory-197.html xenkernel42-[0-9]* privilege-elevation http://xenbits.xen.org/xsa/advisory-191.html xenkernel45<4.5.5nb1 privilege-elevation http://xenbits.xen.org/xsa/advisory-191.html xenkernel46<4.6.5 privilege-elevation http://xenbits.xen.org/xsa/advisory-191.html xenkernel46<4.6.5 privilege-elevation http://xenbits.xen.org/xsa/advisory-197.html ffmpeg3>3.1<3.1.3 heap-buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6920 ffmpeg3>3.1<3.1.1 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6164 ffmpeg2>2.0<2.8.8 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6164 w3m<0.5.3.0.20161009 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9436 libplist<2.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5545 libdwarf<20160614 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7410 gd<2.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317 gd<2.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9311 gd<2.2.4 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9312 typo3>=6.2<6.2.24 access-bypass https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-013/ typo3>=6.2<6.2.19 cross-site-scripting https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-006/ ruby{18,21,22,23}-tk-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2337 squid<3.5.23 information-leak http://www.squid-cache.org/Advisories/SQUID-2016_10.txt squid<3.5.23 information-leak http://www.squid-cache.org/Advisories/SQUID-2016_11.txt libbpg-[0-9]* out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8710 php>=5.0<5.6.30 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.30 php>=7.0<7.0.15 multiple-vulnerabilities http://php.net/ChangeLog-7.php#7.0.15 php>=7.1<7.1.1 multiple-vulnerabilities http://php.net/ChangeLog-7.php#7.1.1 tcpreplay<4.1.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6160 php{56,70,71}-http<3.0.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5873 moodle<2.9.7 information-disclosure https://moodle.org/mod/forum/discuss.php?d=336699 moodle>=3.0<3.0.5 information-disclosure https://moodle.org/mod/forum/discuss.php?d=336699 moodle>3.1<3.1.1 information-disclosure https://moodle.org/mod/forum/discuss.php?d=336699 moodle>=2.7<2.7.16 information-disclosure https://moodle.org/mod/forum/discuss.php?d=339631 moodle>=2.8<2.9.8 information-disclosure https://moodle.org/mod/forum/discuss.php?d=339631 moodle>=3.0<3.0.6 information-disclosure https://moodle.org/mod/forum/discuss.php?d=339631 moodle>=3.1<3.1.2 information-disclosure https://moodle.org/mod/forum/discuss.php?d=339631 moodle>=2.7<2.7.17 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343275 moodle>=2.8<2.9.9 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343275 moodle>=3.0<3.0.7 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343275 moodle>=3.1<3.1.3 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343275 moodle>=2.7<2.7.17 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343276 moodle>=2.8<2.9.9 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343276 moodle>=3.0<3.0.7 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343276 moodle>=3.1<3.1.3 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343276 moodle>=2.7<2.7.17 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343277 moodle>=2.8<2.9.9 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343277 moodle>=3.0<3.0.7 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343277 moodle>=3.1<3.1.3 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343277 moodle>=2.7<2.7.18 information-disclosure https://moodle.org/mod/forum/discuss.php?d=345912 moodle>=3.0<3.0.8 information-disclosure https://moodle.org/mod/forum/discuss.php?d=345912 moodle>=3.1<3.1.4 information-disclosure https://moodle.org/mod/forum/discuss.php?d=345912 moodle>=3.2<3.2.1 information-disclosure https://moodle.org/mod/forum/discuss.php?d=345912 moodle>=2.7<2.7.18 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=345915 moodle>=3.0<3.0.8 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=345915 moodle>=3.1<3.1.4 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=345915 moodle>=3.2<3.2.1 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=345915 moodle>=3.1<3.1.1 information-disclosure https://moodle.org/mod/forum/discuss.php?d=336697 quagga<1.1.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5495 firefox<51.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/ firefox45<45.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/ thunderbird<45.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-03/ gd<2.2.4 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6912 unzip<6.0nb8 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9913 unzip<6.0nb8 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9844 botan<1.10.15 integer-overflow https://github.com/randombit/botan/commit/8fce1edc0214b1149cbf4723322714f2e22032eb libarchive<3.3.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5601 hexchat<2.14.0 stack-overflow https://github.com/hexchat/hexchat/issues/1934 socat<1.7.3.1 openssl-implementation http://www.dest-unreach.org/socat/contrib/socat-secadv7.html libXpm-3.5.12 denial-of-service https://www.debian.org/security/2017/dsa-3772 libquicktime-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2399 cryptopp-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9939 potrace<1.13 multiple-vulnerabilities https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8695 phpmyadmin<4.6.6 server-side-request-forgery https://www.phpmyadmin.net/security/PMASA-2016-44/ ruby200-archive-tar-minitar-[0-9]* directory-traversal https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10173 librsvg<2.40.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6163 openjpeg<2.1.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4797 openjpeg<2.1.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3183 zoneminder-[0-9]* multiple-vulnerabilities http://www.securityfocus.com/archive/1/540089 lcms2<2.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10165 pear-[0-9]* arbitrary-file-overwrite https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5630 bind>=9.9.3<9.9.9pl6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3135 bind>=9.10.0<9.10.4pl6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3135 ffmpeg2<2.8.10 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10190 ffmpeg2<2.8.10 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10191 ffmpeg2<2.8.10 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10192 ffmpeg3<3.2.2 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10190 ffmpeg3<3.2.2 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10191 ffmpeg3<3.2.2 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10192 mxml<2.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4570 mxml<2.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4571 psi-[0-9]* weak-authentication https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5593 mcabber<1.0.5 weak-authentication https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5604 squidGuard-[0-9]* cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8936 nsd<4.1.11 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6173 knot<2.3.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6171 potrace<1.13 multiple-vulnerabilities https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8699 GraphicsMagick<1.3.24 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5241 GraphicsMagick<1.3.24 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7446 GraphicsMagick<1.3.25 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7447 GraphicsMagick<1.3.25 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7449 GraphicsMagick<1.3.26 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7800 vim<8.0.0322 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5953 gstreamer1<1.10.3 multiple-vulnerabilities https://gstreamer.freedesktop.org/releases/1.10/#1.10.3 mysql-client>=5.5.0<5.6.21 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3302 openafs<1.6.19 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9772 libwebp<0.6.0 integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9085 zoneminder-[0-9]* multiple-vulnerabilities http://www.securityfocus.com/archive/1/540093 cairo<1.14.10nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9082 SOGo<3.2.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6188 perl<5.24.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8608 mupdf<1.10anb4 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5896 php>=5.6<5.6.30 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10158 php>=7.0<7.0.15 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10158 php>=7.1<7.1.1 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10158 php>=5.6<5.6.30 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10159 php>=7.0<7.0.15 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10159 php>=5.6<5.6.30 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10160 php>=7.0<7.0.15 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10160 php>=5.6<5.6.30 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10161 php>=7.0<7.0.15 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10161 php>=7.1<7.1.1 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10161 viewvc<1.1.26 cross-site-scripting http://www.openwall.com/lists/oss-security/2017/02/08/7 webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0002.html webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0002.html webkit-gtk<2.14.4 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0002.html jpeg<9c multiple-vulnerabilities https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3616 crypto++<5.6.4 timing-attack https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3995 libtomcrypt<1.17nb3 signature-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6129 guile20<2.0.13 insecure-file-permissions https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8605 tre-[0-9]* out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8859 gst-plugins1-ugly<1.10.3nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5847 gstreamer1-plugins-bad-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5848 apache-tomcat-6.[0-9]* denial-of-service https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851304 apache-tomcat-7.[0-9]* denial-of-service https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851304 libytnef<1.9.1 null-dereference http://www.securityfocus.com/archive/1/540133 py{27,34,35,36}-crypto<2.6.1nb3 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7459 slock<1.4 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6866 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7392 mupdf<1.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8674 ImageMagick<7.0.3.1 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8677 ImageMagick<7.0.3.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8678 libdwarf<20161124 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8679 GraphicsMagick<1.3.26 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8682 GraphicsMagick<1.3.26 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8683 libarchive<3.3.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8689 libarchive<3.3.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8687 libarchive<3.3.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8688 jasper<1.900.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8691 jasper<1.900.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8692 jasper<1.900.5 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8690 ImageMagick<7.0.3.3 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8862 ImageMagick<7.0.3.8 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8866 jasper<1.900.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8693 jasper<1.900.30 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9560 ImageMagick<7.0.3.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9773 webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0001.html webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0001.html webkit-gtk<2.14.1 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0001.html GraphicsMagick<1.3.26 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8684 py{27,34,35,36}-openpyxl<2.4.2 xml-external-entity https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5992 mysql-client>=5.7.0<5.7.5 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3302 mariadb-client<=5.5.54 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3302 pcre<8.40nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6004 p5-DBD-mysql<4.039 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1249 suse{,32}_base-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5417 dovecot>=2<2.2.27 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8652 ed<1.14.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5357 SOGo<2.2.0 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9905 mantis<1.2.20 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5364 SOGo<2.3.12 sensitive-information-exposure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6189 SOGo>=3.0<3.1.1 sensitive-information-exposure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6189 SOGo<2.3.12 sensitive-information-exposure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6190 SOGo>=3.0<3.1.1 sensitive-information-exposure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6190 mantis<1.3.1 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7111 wireshark<2.2.5 infinite-loop https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6014 tnef<1.4.13 multiple-vulnerabilities https://www.x41-dsec.de/lab/advisories/x41-2017-004-tnef/ munin-server<2.999.6 arbitrary-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6188 SOGo<3.1.3 code-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6191 ruby{18,21,22,23}-mcollective<2.8.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2788 pcsc-lite<1.8.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10109 xenkernel45<4.5.5nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-196.html xenkernel46<4.6.5 denial-of-service http://xenbits.xen.org/xsa/advisory-196.html py{27,34,35,36}-html5lib<0.99999999 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9909 py{27,34,35,36}-html5lib<0.99999999 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9910 flightgear<2016.4.4 arbitrary-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9956 ghostscript-agpl<9.23 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6196 ghostscript-gpl<9.06nb10 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6196 radare2<1.4.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6197 radare2<1.4.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6319 radare2<1.4.0 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6387 radare2<1.4.0 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6415 libiberty-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4487 libiberty-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4488 libiberty-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4489 libiberty-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4490 libiberty-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4491 libiberty-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4492 libiberty-[0-9]* out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4493 libiberty-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2226 ruby{18,21,22,23}-zip<1.2.1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5946 libdwarf<20160115 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5027 libdwarf<20161124 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9558 vim<8.0.0377 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6349 vim<8.0.0378 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6350 tigervnc<1.7.1 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5581 tigervnc<1.7.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10207 ImageMagick<7.0.1.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8900 ImageMagick6<6.9.0.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8900 ImageMagick6<6.9.0.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8901 ImageMagick6<6.9.0.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8902 ImageMagick6<6.9.0.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8903 qemu<2.8.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10028 qemu<2.7.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10029 GraphicsMagick<1.3.24 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5240 libreoffice5-bin>5.1<5.1.6 arbitrary-file-disclosure https://www.libreoffice.org/about-us/security/advisories/cve-2017-3157/ libreoffice5-bin>5.2<5.2.2 arbitrary-file-disclosure https://www.libreoffice.org/about-us/security/advisories/cve-2017-3157/ libreoffice>5.3<5.3.0 arbitrary-file-disclosure https://www.libreoffice.org/about-us/security/advisories/cve-2017-3157/ jasper<2.0.19 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5498 jasper<2.0.19 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5499 jasper<2.0.19 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5500 jasper<2.0.19 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5501 jasper<2.0.19 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5502 jasper<2.0.19 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5503 jasper<2.0.19 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5504 ImageMagick<7.0.1.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10060 ImageMagick<7.0.4.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10062 ImageMagick<6.9.7.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10062 ImageMagick<6.9.5.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10063 ImageMagick<6.9.5.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10064 ImageMagick<6.9.6.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10068 ImageMagick<7.0.3.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9559 tiff<4.0.7nb3 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10092 tiff<4.0.7nb4 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10093 tiff<4.0.7nb6 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10094 tiff<4.0.8nb1 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10095 zziplib<0.13.66 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5974 zziplib<0.13.66 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5975 zziplib<0.13.66 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5976 zziplib<0.13.66 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5977 zziplib<0.13.66 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5978 zziplib<0.13.66 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5979 zziplib<0.13.66 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5980 zziplib<0.13.66 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5981 mp3splt-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5665 mp3splt-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5666 mp3splt-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5851 GraphicsMagick<1.3.26 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9830 hesiod-[0-9]* weak-suid-check https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10151 php70-opcache<7.0.15 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8994 php56-opcache<5.6.29 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8994 kio<5.32 sensitive-information-disclosure https://www.kde.org/info/security/advisory-20170228-1.txt kdelibs<4.14.30 sensitive-information-disclosure https://www.kde.org/info/security/advisory-20170228-1.txt wordpress<4.7.3 multiple-vulnerabilities https://codex.wordpress.org/Version_4.7.3 php{56,70,71}-ja-wordpress<4.7.3 multiple-vulnerabilities https://codex.wordpress.org/Version_4.7.3 ImageMagick6<6.9.7.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6497 ImageMagick6<6.9.7.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6498 ImageMagick6<6.9.7.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6499 ImageMagick<7.0.4.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6500 ImageMagick6<6.9.7.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6500 ImageMagick6<6.9.7.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6501 ImageMagick6<6.9.7.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6502 ImageMagick<7.0.1.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10061 ImageMagick<7.0.1.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10065 ImageMagick<6.9.4.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10066 ImageMagick<6.9.4.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10067 ImageMagick<6.9.4.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10069 ImageMagick<6.9.4.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10070 ImageMagick<6.9.4.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10071 wireshark<2.2.5 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6467 wireshark<2.2.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6468 wireshark<2.2.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6469 wireshark<2.2.5 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6470 wireshark<2.2.5 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6471 wireshark<2.2.5 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6472 wireshark<2.2.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6473 wireshark<2.2.5 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6474 libplist<2.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5834 libplist<2.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5835 libplist<2.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5836 libass<0.13.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7969 libass<0.13.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7970 libass<0.13.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7972 dropbear<2016.74 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7406 dropbear<2016.74 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7407 dropbear<2016.74 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7408 dropbear<2016.74 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7409 php{56,70,71}-owncloud<9.1.3 username-enumeration https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5865 php{56,70,71}-owncloud<9.1.3 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5866 php{56,70,71}-owncloud<9.1.3 excessive-logging https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5867 freetype<2.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10244 ghoscript<9.20 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5653 ap{22,24}-auth-mellon<0.13.1 cross-site-session-transfer https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6807 ytnef<1.9.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6801 php{56,70,71}-roundcube<1.2.4 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6820 mantis<1.3.7 javascript-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6797 libupnp<1.6.21 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8863 tiff<4.0.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5315 firefox45<45.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-06/ webkit24-gtk{,3}-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9643 R<3.3.3 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8714 wavpack<5.1.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10169 wavpack<5.1.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10170 wavpack<5.1.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10171 wavpack<5.1.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10172 bitlbee<3.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10189 libpurple<2.12.0 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2640 adobe-flash-player<24.0.0.211 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb17-07.html binutils<2.26 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9939 binutils<2.29 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6965 binutils<2.29 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6966 binutils<2.29 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6969 binutils<2.29 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7209 binutils<2.29 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7210 binutils<2.29 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7223 binutils<2.29 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7224 binutils<2.29 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7225 binutils<2.29 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7226 binutils<2.29 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7227 ImageMagick{6,}<6.8.9.10 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9832 ImageMagick{6,}<6.8.9.10 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9833 ImageMagick{6,}<6.8.9.10 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9834 ImageMagick{6,}<6.8.9.10 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9835 ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9836 ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9838 ImageMagick{6,}<6.8.9.10 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9839 ImageMagick{6,}<6.8.9.10 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9840 ImageMagick{6,}<6.8.9.10 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9841 ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9842 ImageMagick{6,}<6.8.9.10 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9843 ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9844 ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9845 ImageMagick{6,}<6.8.9.10 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9846 ImageMagick{6,}<6.8.9.10 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9847 ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9848 ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9849 ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9850 ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9851 ImageMagick{6,}<6.8.9.10 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9852 ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9853 ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9854 ImageMagick{6,}<6.6.0.5 off-by-one https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9915 ImageMagick<7.0.5.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8894 ImageMagick{6,}<6.9.3.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8895 ImageMagick<7.0.5.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8895 ImageMagick<7.0.5.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8896 ImageMagick{6,}<6.9.2.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8897 ImageMagick{6,}<6.9.2.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8898 ImageMagick{6,}<6.9.4.0 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5239 ImageMagick<7.0.3.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9556 ImageMagick{6,}<6.9.5.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10046 ImageMagick{6,}<6.9.4.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10047 ImageMagick{6,}<6.9.4.7 directory-traversal https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10048 ImageMagick{6,}<6.9.4.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10049 ImageMagick{6,}<6.9.4.8 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10050 ImageMagick{6,}-6.9.5.5 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10051 ImageMagick{6,}<6.9.5.6 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10052 ImageMagick{6,}<6.9.5.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10053 ImageMagick{6,}<6.9.5.8 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10054 ImageMagick{6,}<6.9.5.8 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10055 ImageMagick{6,}<6.9.5.8 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10056 ImageMagick{6,}<6.9.5.8 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10057 ImageMagick{6,}<6.9.6.3 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10058 ImageMagick{6,}<6.9.4.1 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10059 ImageMagick<7.0.1.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10060 ImageMagick{6,}<6.9.2.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10252 gdk-pixbuf2<2.36.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6311 gdk-pixbuf2<2.36.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6312 gdk-pixbuf2<2.36.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6313 gdk-pixbuf2<2.36.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6314 libaudiofile-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6827 libaudiofile-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6828 libaudiofile-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6829 libaudiofile-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6830 libaudiofile-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6831 libaudiofile-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6832 libaudiofile-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6833 libaudiofile-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6834 libaudiofile-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6835 libaudiofile-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6836 libaudiofile-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6837 libaudiofile-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6838 libaudiofile-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6839 jasper<1.900.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8885 jasper<1.900.9 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10248 jasper<1.900.12 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10249 jasper<1.900.13 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10250 jasper<1.900.20 integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10251 jasper<2.0.19 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5505 jasper<2.0.13 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6850 jasper<2.0.13 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6851 jasper<2.0.10 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6852 libplist<2.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6435 libplist<2.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6436 libplist<2.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6437 libplist<2.0.0 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6438 libplist<2.0.0 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6439 libplist<2.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6440 podofo<0.9.4 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8981 podofo<0.9.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6840 podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6841 podofo-[0-9]* null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6842 podofo-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6843 podofo<0.9.6 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6844 podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6845 podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6846 podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6847 podofo-[0-9]* null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6848 podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6849 gd<2.2.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6906 gd<2.2.4 integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10166 gd<2.2.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10167 gd<2.2.4 integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10168 mupdf<1.10 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10246 mupdf<1.10 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10247 mupdf<1.11 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6060 moodle<3.2.2 sql-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2641 moodle>3.2<3.2.2 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2643 moodle<3.2.2 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2644 moodle<3.2.2 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2645 potrace<1.15 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7263 qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10155 qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5525 qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5526 qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5578 qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5579 qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5667 qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5856 qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5987 qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6058 qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6505 ghostscript-agpl<9.21 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7207 ghostscript-gpl<9.06nb11 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7207 mantis<2.1.1 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7222 sane-backends<1.0.26 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6318 git-base<1.9.3 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9938 GraphicsMagick<1.3.26 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6335 sysinfo-[0-9]* local-privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6516 php{55,56,70}-concrete5<5.6.3.5 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6905 php{55,56,70}-concrete5<5.6.3.5 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6908 libevent<2.1.6 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10195 ImageMagick<7.0.4.9 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7275 ImageMagick<7.0.5.4 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5510 ImageMagick<7.0.5.4 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5511 ImageMagick<7.0.4.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5507 ImageMagick6<6.9.7.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5507 ImageMagick<7.0.5.4 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5509 ImageMagick6<6.9.8.3 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5509 ImageMagick<7.0.4.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5508 ImageMagick6<6.9.7.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5508 ImageMagick6<6.9.8.3 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5506 ImageMagick6<6.9.6.8 memory-corruption https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10146 ImageMagick6<6.9.8.3 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10144 ImageMagick6<6.9.8.3 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10145 proftpd<1.3.5d symlink-attack https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7418 tigervnc<1.7.90 memory-corruption https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7392 tigervnc<1.7.90 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7393 tigervnc<1.7.90 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7394 tigervnc<1.7.90 integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7395 tigervnc<1.7.90 memory-corruption https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7396 pitivi<0.95 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0855 py{27,34,35,36}-cryptography<1.5.2 weak-cryptography https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9243 mantis<1.3.8 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6973 mantis>=2.1<2.1.2 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6973 mantis>=2.2<2.2.2 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6973 mantis<1.3.9 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7241 mantis>=2.1<2.1.3 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7241 mantis>=2.2<2.2.3 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7241 mantis<1.3.9 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7309 mantis>=2.1<2.1.3 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7309 mantis>=2.2<2.2.3 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7309 ghostscript-agpl<9.23 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10217 ghostscript-gpl<9.06nb12 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10217 ghostscript-agpl<9.21 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10218 ghostscript-agpl<9.21 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10219 ghostscript-gpl<9.06nb12 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10219 ghostscript-agpl<9.21 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10220 ghostscript-gpl<9.06nb12 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10220 ghostscript-agpl<9.22 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5951 ghostscript-gpl<9.06nb12 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5951 ghostscript-agpl<9.23 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10317 ghostscript-gpl-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10317 podofo<0.9.6 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7378 podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7379 podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7380 podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7381 podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7382 podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7383 yara<3.6.0 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10210 yara<3.6.0 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10211 yara<3.6.0 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5923 yara<3.6.0 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5924 collectd<5.7.1nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7401 jasper<1.900.9 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8884 jasper<1.900.11 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8886 jasper<1.900.10 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8887 jasper<1.900.22 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9262 jasper<1.900.13 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9387 jasper<1.900.14 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9388 jasper<1.900.14 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9389 jasper<1.900.14 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9390 jasper<2.0.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9391 jasper<1.900.17 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9392 jasper<1.900.17 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9393 jasper<1.900.17 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9394 jasper<1.900.25 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9395 jasper<1.900.14 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9396 jasper<1.900.13 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9397 jasper<1.900.17 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9398 jasper<1.900.22 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9399 jasper<1.900.25 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9557 php{56,70,71}-owncloud>=9.0<9.0.6 remote-spoofing https://nvd.nist.gov/vuln/detail/CVE-2016-9467 php{56,70,71}-owncloud>=9.1<9.1.2 remote-spoofing https://nvd.nist.gov/vuln/detail/CVE-2016-9467 php{56,70,71}-owncloud>=9.0<9.0.6 spoofing https://nvd.nist.gov/vuln/detail/CVE-2016-9468 php{56,70,71}-owncloud>=9.1<9.1.2 spoofing https://nvd.nist.gov/vuln/detail/CVE-2016-9468 php{56,70,71}-owncloud>=9.0<9.0.6 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-9463 php{56,70,71}-owncloud>=9.1<9.1.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-9463 php{56,70,71}-owncloud>=9.0<9.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-9466 php{56,70,71}-owncloud>=9.1<9.1.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-9466 php{56,70,71}-owncloud>=9.0<9.0.4 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2016-9461 php{56,70,71}-owncloud>=9.0<9.0.4 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2016-9462 php{56,70,71}-owncloud>=9.0<9.0.4 remote-spoofing https://nvd.nist.gov/vuln/detail/CVE-2016-9460 php{56,70,71}-owncloud>=9.0<9.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-9459 php{56,70,71}-owncloud>=9.0<9.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-9465 php{56,70,71}-owncloud>=9.1<9.1.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-9465 libxslt<1.1.29 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2015-9019 py{27,34,35,36}-django>=1.10<1.10.7 multiple-vulnerabilities https://www.djangoproject.com/weblog/2017/apr/04/security-releases/ xenkernel45<4.5.5nb5 privilege-elevation http://xenbits.xen.org/xsa/advisory-212.html xenkernel46<4.6.5nb1 privilege-elevation http://xenbits.xen.org/xsa/advisory-212.html xenkernel48<4.8.0nb1 privilege-elevation http://xenbits.xen.org/xsa/advisory-212.html py{27,34,35,36}-trytond<4.2.2 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2017-0360 apache-tomcat>=7.0<7.0.72 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-6816 apache-tomcat>=8.0<8.0.38 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-6816 asterisk>=13.0<13.14.1 buffer-overflow http://downloads.asterisk.org/pub/security/AST-2017-001.html asterisk>=14.0<14.3.1 buffer-overflow http://downloads.asterisk.org/pub/security/AST-2017-001.html curl<7.53.1nb1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7407 dovecot<2.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages radare2<1.4.0 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6448 radare2<1.3.0 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6194 radare2<1.4.0 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7274 yaml-cpp-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2017-5950 mupdf<1.11 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2016-10221 mupdf<1.10nb4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7264 libarchive<3.3.1 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10209 putty<0.68 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-6542 hesiod-[0-9]* privilege-elevation https://nvd.nist.gov/vuln/detail/CVE-2016-10152 binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7299 binutils<2.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7300 binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7301 binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7302 binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7303 binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7304 cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7299 cross-arm-none-eabi-binutils<2.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7300 cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7301 cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7302 cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7303 cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7304 cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7299 cross-freemint-binutils<2.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7300 cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7301 cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7302 cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7303 cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7304 cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7299 cross-h8300-elf-binutils<2.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7300 cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7301 cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7302 cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7303 cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7304 mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7299 mingw-binutils<2.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7300 mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7301 mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7302 mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7303 mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7304 nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7299 nios2-binutils<2.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7300 nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7301 nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7302 nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7303 nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7304 avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7299 avr-binutils<2.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7300 avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7301 avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7302 avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7303 avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7304 cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7299 cross-h8300-hms-binutils<2.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7300 cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7301 cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7302 cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7303 cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7304 qemu<2.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-9922 qemu<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-5931 qemu<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-5973 ntp<4.2.8p10 multiple-vulnerabilities http://support.ntp.org/bin/view/Main/SecurityNotice#March_2017_ntp_4_2_8p10_NTP_Secu bash<4.4.007 privilege-elevation https://nvd.nist.gov/vuln/detail/CVE-2017-5932 chicken<4.13.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-6949 chicken<4.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-4556 irssi<1.0.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-7191 ark<16.12.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-5330 nagios-base-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-6209 openslp-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2016-4912 moodle<3.2.2 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=349420 moodle<3.2.2 sql-injection https://moodle.org/mod/forum/discuss.php?d=349419 moodle<3.2.2 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=349421 moodle<3.2.2 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=349422 moodle-[0-9]* cross-site-scripting http://www.daimacn.com/post/12.html potrace-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7263 pcre<8.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7246 pcre<8.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7245 pcre<8.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7244 pcre<8.40nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7186 pcre2<10.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7186 libgit2<0.25.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2016-10129 libgit2<0.25.1 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2016-10130 libgit2<0.25.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2016-10128 libdwarf<20161124 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-9275 libdwarf<20161124 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-9276 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-9266 ming-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2016-9265 ming-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-9264 libwmf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-9011 tiff<4.0.7nb3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-10272 tiff<4.0.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-10269 tiff<4.0.7nb3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-10271 tiff<4.0.7nb8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-10270 tiff<4.0.7nb9 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-10268 tiff<4.0.7nb10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-10266 tiff<4.0.7nb11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-10267 mupdf<1.11 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2016-10132 mupdf<1.11 unspecified https://nvd.nist.gov/vuln/detail/CVE-2016-10133 ettercap<0.8.3 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6430 ettercap-NG<0.8.3 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6430 tcpreplay<4.2.0 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6429 ffmpeg010-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5361 libevent<2.1.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10196 libevent<2.1.6 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10197 slurm>2.4.0pre4<15.08.13 remote-information-modification https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10030 calibre<2.75 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10187 zoneminder<1.30.2 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7203 mapserver<6.2.4 stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5522 viewvc<1.1.26 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5938 capstone<3.0.5 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6952 ioquake3<1.36.20200125 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6903 wordpress<4.7.2 remote-information-modification https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-1001000 php>=7.1<7.1.3 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6441 ming<0.4.8 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7578 apache-tomcat>=6.0<6.0.48 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8735 apache-tomcat>=7.0<7.0.73 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8735 apache-tomcat>=8.0<8.0.39 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8735 libsndfile<1.0.28 stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7585 libsndfile<1.0.28 stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7586 suse{,32}_libsndfile-[0-9]* stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7585 suse{,32}_libsndfile-[0-9]* stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7586 gst-plugins1-ugly<1.10.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5846 jbig2dec<0.14 integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9601 samba<4.4.12 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2619 wireshark<2.2.4 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5596 wireshark<2.2.4 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5597 ruby21-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages erlang<18.3.4.5 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10253 mysql-server>=5.5.0<5.5.54 unauthorized-access https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3313 mysql-server>=5.6.0<5.6.35 unauthorized-access https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3313 mysql-server>=5.7.0<5.7.17 unauthorized-access https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3313 mariadb-server<5.5.55 unauthorized-access https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3313 libsamplerate<0.1.9 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7697 mantis<1.3.1nb2 remote-server-admin https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7615 jasper<2.0.12 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9591 apache-tomcat>=7.0<7.0.76 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5648 apache-tomcat>=8.0<8.0.42 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5648 tiff<4.0.7 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8127 tiff<4.0.7 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8665 tiff<4.0.7 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8683 tiff<4.0.7 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5875 tiff<4.0.7 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9273 ImageMagick<7.0.4.8 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9829 ImageMagick6<6.9.7.9 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9829 ImageMagick<7.0.5.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7606 ImageMagick<7.0.5.2 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7619 libdwarf<20160923 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5041 libxml2<2.9.4nb3 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5969 ImageMagick{6,}<6.8.9.9 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8354 ImageMagick{6,}<6.8.9.9 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8355 ImageMagick{6,}<6.8.9.9 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8562 ImageMagick{6,}<6.9.0.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9837 qemu<2.5.1 floating-point-exception https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8504 qemu<2.5.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8568 qemu<2.5.1 stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8613 qemu<2.5.0 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8666 qemu<2.9.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7377 tiff<4.0.7 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5322 libblkid<2.28.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5011 minicom<2.7.1 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7467 adobe-flash-player<25.0.0.148 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb17-10.html radare2<1.4.0 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7716 radare2<1.4.0 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7854 radare2<1.4.0 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7946 bugzilla<5.0.3 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2803 wireshark<2.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7957 wireshark<2.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7958 wireshark<2.2.6 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7700 wireshark<2.2.6 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7701 wireshark<2.2.6 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7702 wireshark<2.2.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7703 wireshark<2.2.6 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7704 wireshark<2.2.6 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7705 wireshark<2.2.6 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7745 wireshark<2.2.6 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7746 wireshark<2.2.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7747 wireshark<2.2.6 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7748 libsndfile<1.0.28 stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7741 suse{,32}_libsndfile-[0-9]* stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7741 libsndfile<1.0.28 stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7742 suse{,32}_libsndfile-[0-9]* stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7742 tiff<4.0.7nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7592 tiff<4.0.7nb2 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7593 tiff<4.0.7nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7594 tiff<4.0.7nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7595 tiff<4.0.7nb5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7596 tiff<4.0.7nb5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7597 tiff<4.0.7nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7598 tiff<4.0.7nb5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7599 tiff<4.0.7nb5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7600 tiff<4.0.7nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7601 tiff<4.0.7nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7602 botan>=1.11.0<1.11.22 authentication-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7824 botan>=1.11.6<1.11.22 authentication-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7825 botan>=1.11.0<1.11.22 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7826 botan>=1.11.12<1.11.31 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6878 botan>=1.11.0<1.11.31 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6879 squirrelmail<1.4.23pre14605nb1 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7692 inspircd<2.0.7 buffer-underflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6674 inspircd<2.0.7 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6697 squashfs-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4646 a2ps<4.14nb10 format-string https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8107 rtmpdump-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8270 rtmpdump-[0-9]* arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8271 rtmpdump-[0-9]* null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8272 qemu<2.5.0 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8345 qemu<2.5.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8567 qemu<2.5.1 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8619 php{56,70,71}-roundcube<1.1.5 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8864 php{56,70,71}-roundcube<1.1.5 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4068 libosip2<4.1.0nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10324 libosip2<4.1.0nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10325 libosip2<4.1.0nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10326 libosip2<4.1.0nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7853 binutils<2.29 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7614 freetype2<2.7.1 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10328 freetype2<2.8 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7857 freetype2<2.8 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7858 freetype2<2.8 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7864 ffmpeg3<3.3 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7859 ffmpeg3<3.3 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7862 ffmpeg3<3.3 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7863 ffmpeg3<3.3 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7865 ffmpeg3<3.3 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7866 ImageMagick{6,}<6.9.0.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9907 ImageMagick{6,}<6.9.3.2 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7515 ImageMagick{6,}<6.9.3.2 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7519 ImageMagick{6,}<6.9.3.4 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7522 ImageMagick{6,}<6.9.3.4 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7528 ImageMagick{6,}<6.9.3.4 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7529 ImageMagick{6,}<6.9.3.4 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7531 ImageMagick{6,}<6.9.3.4 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7533 ImageMagick{6,}<6.9.3.8 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7537 ImageMagick6<6.9.8.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7941 ImageMagick>=7.0<7.0.5.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7941 ImageMagick6<6.9.8.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7942 ImageMagick>=7.0<7.0.5.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7942 ImageMagick6<6.9.8.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7943 ImageMagick>=7.0<7.0.5.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7943 apache-tomcat>=6.0<6.0.53 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5647 apache-tomcat>=7.0<7.0.77 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5647 apache-tomcat>=8.0<8.0.43 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5647 apache-tomcat>=8.5<8.5.13 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5647 apache-tomcat>=7.0<7.0.76 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5648 apache-tomcat>=8.0<8.0.42 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5648 apache-tomcat>=8.5<8.5.12 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5648 apache-tomcat>=8.5<8.5.13 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5650 apache-tomcat>=8.5<8.5.13 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5651 feh<2.18.3 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7875 gnutls<3.5.10 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7869 ghostscript-agpl<9.22 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7948 ghostscript-gpl-[0-9]* out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7948 ghostscript-agpl<9.21 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8602 ghostscript-gpl-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8602 icu<58.2nb1 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7867 icu<58.2nb1 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7868 jbig2dec<0.13nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7885 jbig2dec<0.13nb1 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7975 jbig2dec<0.13nb1 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7976 keepassx<0.4.4 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8378 libcroco>=0.6.11<0.6.13 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7960 libcroco>=0.6.11<0.6.13 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7961 nettle<3.3 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6489 opencv<3.3.1 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1516 opencv<3.3.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1517 sudo<1.8.15 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7032 bind>=9.9.0<9.9.9pl8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3136 bind>=9.10.0<9.10.4pl8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3136 bind>=9.9.0<9.9.9pl8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3137 bind>=9.10.0<9.10.4pl8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3137 bind>=9.9.0<9.9.9pl8 denial-of-service https://kb.isc.org/article/AA-01467 bind>=9.10.0<9.10.4pl8 denial-of-service https://kb.isc.org/article/AA-01467 php{56,70,71}-gmp-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7963 mediawiki<1.23.15 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6331 mediawiki>=1.26.0<1.26.4 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6331 mediawiki>=1.27.0<1.27.1 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6331 mediawiki<1.23.15 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6332 mediawiki>=1.26.0<1.26.4 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6332 mediawiki>=1.27.0<1.27.1 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6332 mediawiki<1.23.15 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6333 mediawiki>=1.26.0<1.26.4 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6333 mediawiki>=1.27.0<1.27.1 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6333 mediawiki<1.23.15 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6334 mediawiki>=1.26.0<1.26.4 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6334 mediawiki>=1.27.0<1.27.1 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6334 mediawiki<1.23.15 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6335 mediawiki>=1.26.0<1.26.4 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6335 mediawiki>=1.27.0<1.27.1 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6335 mediawiki<1.23.15 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6336 mediawiki>=1.26.0<1.26.4 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6336 mediawiki>=1.27.0<1.27.1 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6336 mediawiki>=1.27.0<1.27.1 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6337 qemu<2.8.1.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7718 libplist<2.0.0 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7982 ImageMagick{6,}<6.9.0.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8957 ImageMagick{6,}<6.9.0.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8958 ImageMagick{6,}<6.9.0.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8959 ImageMagick{6,}<6.9.5.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5010 ImageMagick{6,}<6.8.8.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7513 ImageMagick{6,}<6.9.3.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7514 ImageMagick{6,}<6.9.3.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7516 ImageMagick{6,}<6.9.3.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7517 ImageMagick{6,}<6.9.3.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7518 ImageMagick{6,}<6.9.3.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7520 ImageMagick{6,}<6.9.3.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7521 ImageMagick{6,}<6.9.3.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7525 ImageMagick{6,}<6.9.3.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7526 ImageMagick{6,}<6.9.3.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7527 ImageMagick{6,}<6.9.3.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7530 ImageMagick{6,}<6.9.3.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7532 ImageMagick{6,}<6.9.3.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7534 ImageMagick{6,}<6.9.3.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7535 ImageMagick{6,}<6.9.3.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7536 ImageMagick{6,}<6.9.3.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7538 ImageMagick{6,}<6.9.4.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7540 moodle<3.0.4 authentication-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3729 moodle<3.0.4 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3731 moodle<3.0.4 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3732 moodle<3.0.4 authentication-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3733 moodle<3.0.4 authentication-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3734 mbedtls<1.3.19 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2784 mbedtls>=2.2<2.4.2 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2784 podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7994 podofo<0.9.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8053 podofo-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8054 php55-bz2<5.5.38 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5399 php56-bz2<5.6.24 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5399 php70-bz2<7.0.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5399 chicken<4.12.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9954 weechat<1.7.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8073 graphite2<1.3.10 out-of-bounds-write https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/ nss<3.29.5 out-of-bounds-write https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/ sudo<1.8.12 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9680 pcre2<10.30 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8399 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8343 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8343 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8344 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8344 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8345 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8345 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8346 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8346 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8347 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8347 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8348 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8348 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8349 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8349 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8350 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8350 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8351 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8351 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8352 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8352 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8353 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8353 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8354 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8354 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8355 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8355 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8356 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8356 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8357 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8357 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8765 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8765 boehm-gc<=7.4.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-9427 wget<1.19.1nb1 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2017-6508 magento-[0-9]* multiple-vulnerabilities http://www.defensecode.com/advisories/DC-2017-04-003_Magento_Arbitrary_File_Upload.pdf apache-tomcat-[0-9]* directory-traversal http://www.defensecode.com/advisories/DC-2017-03-001_DefenseCode_ThunderScan_SAST_Apache_Tomcat_Security_Advisory.pdf php{56,70,71}-concrete5-[0-9]* http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2017-7725 php{56,70,71}-concrete5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8082 firefox45<45.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-11/ mysql-server>=5.5<5.5.54 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL mysql-server>=5.6<5.6.35 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL mysql-server>=5.7<5.7.17 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL mysql-client>=5.5<5.5.54 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL mysql-client>=5.6<5.6.35 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL mysql-client>=5.7<5.7.17 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL openjdk8<1.8.131 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixJAVA oracle-jdk8<8.0.131 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixJAVA oracle-jre8<8.0.131 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixJAVA podofo<0.9.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8787 podofo-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8378 podofo-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-7994 podofo<0.9.6 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-8054 podofo-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-8053 pcre2<10.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8786 qemu<2.10.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-8112 qemu<2.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8086 qemu<2.9 privilege-elevation https://nvd.nist.gov/vuln/detail/CVE-2017-8284 qemu<2.10.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-7718 wordpress<4.7.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-8295 php{56,70,71}-ja-wordpress<4.7.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-8295 openssl>=1.1.0<1.1.0e denial-of-service https://www.openssl.org/news/secadv/20170216.txt openssl>=1.0.2<1.0.2k multiple-vulnerabilities https://www.openssl.org/news/secadv/20170126.txt openssl>=1.1.0<1.1.0d multiple-vulnerabilities https://www.openssl.org/news/secadv/20170126.txt openssl>=1.1.0<1.1.0c multiple-vulnerabilities https://www.openssl.org/news/secadv/20161110.txt rxvt<2.7.10nb7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-7483 rzip-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8364 libsndfile<1.0.28nb1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8365 suse{,32}_libsndfile-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8365 libsndfile<1.0.28nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8362 suse{,32}_libsndfile-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8362 libsndfile<1.0.28nb1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8363 suse{,32}_libsndfile-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8363 libsndfile<1.0.28nb1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8361 suse{,32}_libsndfile-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8361 libsndfile<1.0.28nb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-8365 suse{,32}_libsndfile-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-8365 libsndfile<1.0.28nb1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8361 suse{,32}_libsndfile-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8361 libsndfile<1.0.28nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8362 suse{,32}_libsndfile-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8362 libsndfile<1.0.28nb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-8363 suse{,32}_libsndfile-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-8363 ettercap-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8366 ettercap-NG-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8366 avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-6519 libarchive<3.3.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-10349 libarchive<3.3.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-10350 Radicale<1.1.2 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2017-8342 php{56,70,71}-roundcube<1.2.5 weak-authentication https://nvd.nist.gov/vuln/detail/CVE-2017-8114 dpkg<1.18.24 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2017-8283 udfclient<0.8.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8305 libressl>=2.5.1<2.5.4 incorrect-signature-verification https://nvd.nist.gov/vuln/detail/CVE-2017-8301 freetype2<2.8 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-8105 webmin<1.830 arbitrary-script-execution https://nvd.nist.gov/vuln/detail/CVE-2017-2106 lshell-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2016-6903 freetype2<2.8 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-8287 lame<3.100 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8419 binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8392 binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8393 binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8394 binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8395 binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8396 binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8397 binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8398 cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8392 cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8393 cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8394 cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8395 cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8396 cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8397 cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8398 avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8392 avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8393 avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8394 avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8395 avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8396 avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8397 avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8398 cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8392 cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8393 cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8394 cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8395 cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8396 cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8397 cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8398 cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8392 cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8393 cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8394 cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8395 cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8396 cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8397 cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8398 cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8392 cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8393 cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8394 cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8395 cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8396 cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8397 cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8398 mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8392 mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8393 mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8394 mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8395 mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8396 mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8397 mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8398 nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8392 nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8393 nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8394 nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8395 nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8396 nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8397 nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8398 ghostscript-agpl<9.23 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-8291 ghostscript-gpl-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-8291 libmad<0.15.1bnb2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8372 libmad<0.15.1bnb2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8373 libmad<0.15.1bnb2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8374 firefox52<52.1.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-12/ apache-tomcat>=7.0<7.0.77 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5647 apache-tomcat>=8.0<8.0.43 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5647 apache-tomcat>=8.5<8.5.13 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5647 apache-tomcat>=7.0<7.0.76 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5648 apache-tomcat>=8.0<8.0.42 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5648 apache-tomcat>=8.5<8.5.12 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5648 salt<2016.11.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-8109 lrzip-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8845 suse{,32}_base-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8804 libetpan<1.8 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-8825 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8830 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8830 lrzip-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8844 lrzip-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-8846 lrzip-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-8847 lrzip-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8842 lrzip-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-8843 libxslt<1.1.29nb2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-5029 kpathsea<6.2.2nb1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-10243 xenkernel42-[0-9]* information-disclosure http://www.openwall.com/lists/oss-security/2017/03/05/1 libytnef<1.9.2 multiple-vulnerabilities https://www.debian.org/security/2017/dsa-3846 php{56,70,71}-nextcloud<11.0.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-0890 php{56,70,71}-nextcloud<11.0.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-0891 php{56,70,71}-nextcloud<11.0.3 improper-session-handling https://nvd.nist.gov/vuln/detail/CVE-2017-0892 php{56,70,71}-nextcloud<11.0.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-0893 php{56,70,71}-nextcloud<11.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-0894 php{56,70,71}-nextcloud<11.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-0895 lxterminal<0.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-10369 git-base<2.12.3 security-restrictions-bypass https://www.debian.org/security/2017/dsa-3848 miniupnpc<2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8798 libxml2<2.9.8nb4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8872 xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-215.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-215.html xenkernel46<4.6.6 denial-of-service https://xenbits.xen.org/xsa/advisory-215.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-214.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-214.html xenkernel46<4.6.6 denial-of-service https://xenbits.xen.org/xsa/advisory-214.html xenkernel48<4.8.2 denial-of-service https://xenbits.xen.org/xsa/advisory-214.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-213.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-213.html xenkernel46<4.6.6 denial-of-service https://xenbits.xen.org/xsa/advisory-213.html xenkernel48<4.8.2 denial-of-service https://xenbits.xen.org/xsa/advisory-213.html tnef<1.4.15 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-8911 ghostscript-agpl<9.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8908 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8908 pcmanfm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8934 moodle<3.2.3 cross-site-request-forgeries https://nvd.nist.gov/vuln/detail/CVE-2017-7489 moodle<3.2.3 cross-site-request-forgeries https://nvd.nist.gov/vuln/detail/CVE-2017-7490 moodle<3.2.3 cross-site-request-forgeries https://nvd.nist.gov/vuln/detail/CVE-2017-7491 bitlbee<3.5.1 multiple-vulnerabilities https://www.debian.org/security/2017/dsa-3853 yara<3.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8929 php>=7<7.4.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8923 php>=8.0<8.0.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8923 flightgear<2017.2.1 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-8921 postgresql92-server<9.2.21 multiple-vulnerabilities https://www.postgresql.org/about/news/1746/ postgresql93-server<9.3.17 multiple-vulnerabilities https://www.postgresql.org/about/news/1746/ postgresql94-server<9.4.12 multiple-vulnerabilities https://www.postgresql.org/about/news/1746/ postgresql95-server<9.5.7 multiple-vulnerabilities https://www.postgresql.org/about/news/1746/ postgresql96-server<9.6.3 multiple-vulnerabilities https://www.postgresql.org/about/news/1746/ libreoffice<5.2.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-10327 libreoffice5-bin<5.2.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-10327 libreoffice<5.2.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7870 libreoffice5-bin<5.2.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7870 php{56,70,71}-owncloud>=9.0<9.058 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-0891 php{56,70,71}-owncloud>=9.1<9.1.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-0891 php{56,70,71}-wordpress<4.7.5 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9061 php{56,70,71}-wordpress<4.7.5 input-validation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9062 php{56,70,71}-wordpress<4.7.5 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9063 php{56,70,71}-wordpress<4.7.5 cross-site-request-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9064 php{56,70,71}-wordpress<4.7.5 input-validation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9065 php{56,70,71}-wordpress<4.7.5 input-validation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9066 libxml2<2.9.4nb4 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9047 libxml2<2.9.4nb4 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9048 libxml2<2.9.4nb4 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9049 libxml2<2.9.4nb4 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9050 openvpn<2.3.15 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7478 openvpn<2.3.15 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7479 cairo<1.14.10nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7475 p5-Perl-Tidy-[0-9]* symlink-attack https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10374 kdelibs4<4.14.32 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8422 kauth<5.34 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8422 openexr<2.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9110 openexr<2.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9111 openexr<2.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9112 openexr<2.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9113 openexr<2.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9114 openexr<2.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9115 openexr<2.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9116 libraw<0.18.2 memory-corruption https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6886 libraw<0.18.2 memory-corruption https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6887 samba4<4.6.4 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7494 samba<3.6.25nb6 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7494 go>1.6<1.8.2 weak-cryptography https://golang.org/issue/20040 pgbouncer<1.5.5 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4054 pgbouncer<1.6.1 authentication-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6817 php{56,70,71}-roundcube<1.1.2 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5381 php{56,70,71}-roundcube<1.1.2 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5382 php{56,70,71}-roundcube<1.1.2 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5383 ruby{18,193,200,21,22,23}-redmine<2.6.2 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8477 ghostscript-agpl<9.21 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7977 ghostscript-gpl-[0-9]* information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7977 ghostscript-agpl<9.21 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7978 ghostscript-gpl-[0-9]* arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7978 ghostscript-agpl<9.21 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7979 ghostscript-gpl-[0-9]* arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7979 zlib<1.2.9 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9840 zlib<1.2.9 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9841 zlib<1.2.9 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9842 zlib<1.2.9 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9843 libtasn1<4.11 stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6891 mantis<1.3.11 cross-site-request-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7620 mantis>=2.0<2.3.3 cross-site-request-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7620 mantis>=2.4<2.4.1 cross-site-request-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7620 qemu<2.10.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8309 qemu<2.10.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8379 libytnef-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9146 autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9151 autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9152 autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9153 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9154 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9155 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9156 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9157 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9158 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9159 autotrace-[0-9]* stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9160 autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9161 autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9162 autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9163 autotrace-[0-9]* out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9164 autotrace-[0-9]* out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9165 autotrace-[0-9]* out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9166 autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9167 autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9168 autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9169 autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9170 autotrace-[0-9]* out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9171 autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9172 autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9173 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9174 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9175 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9176 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9177 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9178 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9179 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9180 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9181 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9182 autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9183 autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9184 autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9185 autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9186 autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9187 autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9188 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9189 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9190 autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9191 autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9192 autotrace-[0-9]* out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9193 autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9194 autotrace-[0-9]* out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9195 autotrace-[0-9]* negative-size-param https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9196 autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9197 autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9198 autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9199 autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9200 qpdf<7.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9208 qpdf<7.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9209 qpdf<7.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9210 vlc>=2.2<2.2.5 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8310 vlc>=2.2<2.2.5 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8311 vlc>=2.2<2.2.5 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8312 vlc>=2.2<2.2.5 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8313 kodi<17.2 arbitrary-file-overwrite https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8313 botan>=2.0<2.1.0 verification-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2801 botan<1.10.6 verification-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2801 jbig2dec<0.13nb1 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9216 oniguruma<6.8.2 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9224 oniguruma<6.8.2 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9225 oniguruma<6.8.2 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9226 oniguruma<6.8.2 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9227 oniguruma<6.8.2 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9228 oniguruma<6.8.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9229 tiff<4.0.8nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9147 webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0003.html webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0003.html webkit-gtk<2.16.0 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0003.html webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0004.html webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0004.html webkit-gtk<2.16.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0004.html yodl<3.07.01 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10375 ImageMagick6<6.9.8.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9141 ImageMagick>=7.0<7.0.5.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9141 ImageMagick6<6.9.8.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9142 ImageMagick>=7.0<7.0.5.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9142 ImageMagick6<6.9.8.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9143 ImageMagick>=7.0<7.0.5.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9143 ImageMagick6<6.9.8.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9144 ImageMagick>=7.0<7.0.5.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9144 exiv2<0.27 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9239 picocom<2.0 command-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-9059 gajim<0.16.8 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10376 GraphicsMagick<1.3.24 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9098 ImageMagick>=7.0<7.0.5.2 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9098 snort-[0-9]* out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6658 qemu<2.10.0 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7493 binutils<2.29 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9038 binutils<2.29 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9039 binutils<2.29 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9040 binutils<2.29 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9041 binutils<2.29 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9042 binutils<2.29 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9043 binutils<2.29 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9044 libdwarf<20170416 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9052 libdwarf<20170416 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9053 libdwarf<20170416 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9054 libdwarf<20170416 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9055 dropbear<2017.75 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9078 dropbear<2017.75 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9079 libytnef<1.9.3 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9058 asterisk>=13.0<13.15.1 buffer-overflow http://downloads.asterisk.org/pub/security/AST-2017-002.html asterisk>=14.0<14.4.1 buffer-overflow http://downloads.asterisk.org/pub/security/AST-2017-002.html asterisk>=13.0<13.15.1 buffer-overflow http://downloads.asterisk.org/pub/security/AST-2017-003.html asterisk>=14.0<14.4.1 buffer-overflow http://downloads.asterisk.org/pub/security/AST-2017-003.html asterisk>=13.0<13.15.1 denial-of-service http://downloads.asterisk.org/pub/security/AST-2017-004.html asterisk>=14.0<14.4.1 denial-of-service http://downloads.asterisk.org/pub/security/AST-2017-004.html sudo>=1.8.6p7<1.8.20 privilege-escalation https://www.sudo.ws/alerts/linux_tty.html p5-File-Path<2.13 insecure-chmod http://search.cpan.org/dist/File-Path/lib/File/Path.pm#SECURITY_CONSIDERATIONS perl<5.26.0nb1 insecure-chmod http://search.cpan.org/dist/File-Path/lib/File/Path.pm#SECURITY_CONSIDERATIONS yara<3.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9304 irssi<1.0.3 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9468 irssi<1.0.3 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9469 git-base<2.12.3 remote-privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8386 libquicktime-[0-9]* infinite-loop https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9122 libquicktime-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9123 libquicktime-[0-9]* null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9124 libquicktime-[0-9]* heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9125 libquicktime-[0-9]* heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9126 libquicktime-[0-9]* heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9127 libquicktime-[0-9]* heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9127 libquicktime-[0-9]* heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9128 ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9262 ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9262 ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9261 ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9261 ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9405 ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9405 ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9409 ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9409 ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9439 ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9439 ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9440 ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9440 ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9407 ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9407 ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9499 ImageMagick6-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9499 ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9500 ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9500 poppler-utils<0.56.0 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7511 poppler-utils<0.57.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7515 poppler-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9083 poppler<0.56 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9406 poppler<0.56 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9408 samba<4.4.10 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-9461 samba>=4.5<4.5.6 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-9461 expat<2.2.1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9063 expat<2.2.1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9233 php{56,70,71}-contao43-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages chicken<4.13.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9334 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8782 vlc<3.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9300 vlc<3.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9301 freeradius<3.0.14 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-9148 php>=7<7.3.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9119 php>=7.4<7.4.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9119 wireshark<2.2.7 denial-of-service https://www.wireshark.org/security/wnpa-sec-2017-30.html ansible<1.9.4 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2015-6240 libytnef<1.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9474 libytnef-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9473 libytnef-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9472 libytnef<1.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9471 libytnef<1.9.3 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-9470 py{27,34,35,36}-mercurial<4.1.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-9462 yara<3.6.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9465 yara<3.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9438 yara<3.6.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9465 kodi<17.3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2017-8314 php{56,70,71}-piwigo<2.9.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-9452 apache-tomcat>=7.0<7.0.78 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-5664 apache-tomcat>=8.0<8.0.44 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-5664 apache-tomcat>=8.5<8.5.15 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-5664 yodl<3.07.01 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-10375 openvpn<2.4.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7508 openvpn<2.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7520 openvpn<2.4.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7521 openvpn<2.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7522 openldap<2.4.45 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9287 libsndfile<1.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-6892 jasper<2.0.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9782 faac<1.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9130 poppler<0.57.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9865 lame<3.100nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-9099 lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-9100 lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-9101 lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9869 lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9870 lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9871 lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9872 unrar<5.5.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2012-6706 ntopng<3.0 filtering-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-7459 ntopng<3.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-7416 libmtp<1.1.13 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-9831 libmtp<1.1.13 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-9832 gnutls<3.5.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7507 libgcrypt<1.7.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9526 gnuplot<5.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9670 libstaroffice<0.0.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9432 php{56,70,71}-piwigo<2.9.1 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2017-9464 php{56,70,71}-piwigo<2.9.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9463 php{56,70,71}-piwigo-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-9837 php{56,70,71}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-9836 libthrift<0.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-3254 samba<4.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9461 libcroco-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8871 libcroco-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8834 lrzip-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9928 lrzip-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9929 rabbitmq<3.6.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-4965 rabbitmq<3.6.9 session-hijack https://nvd.nist.gov/vuln/detail/CVE-2017-4966 rabbitmq<3.6.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-4967 jetty<9.4.6.20170531 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9735 exim<4.90 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-1000369 radare2<1.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9520 radare2<1.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9761 radare2<1.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9762 ansible<1.6.6 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2014-3498 ansible<1.9.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2015-6240 libmwaw<0.3.11 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9433 h2o<2.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-7835 cryptopp<5.6.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-9434 dnstracer<1.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9430 kdepim4<5.5.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9604 apache>=2.2.0<2.2.33 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-3167 apache>=2.4.1<2.4.26 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-3167 apache>=2.2.0<2.2.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3169 apache>=2.4.1<2.4.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3169 apache>=2.2.0<2.2.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7668 apache>=2.4.1<2.4.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7668 apache>=2.2.0<2.2.33 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-7679 apache>=2.4.1<2.4.26 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-7679 thunderbird<52.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-13/ firefox<54.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/ firefox52<52.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/ thunderbird<52.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/ py{27,34,35,36}-tlslite<0.4.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-3220 adobe-flash-player<26.0.0.126 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb17-17.html rar-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2014-9983 bind>=9.9.0<9.9.10pl1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3140 bind>=9.10.0<9.10.5pl1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3140 php{56,70,71}-tiki6<17.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-9305 tiff<4.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9403 tiff<4.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9815 tiff<4.0.9nb2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9935 tiff<4.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9936 jbigkit<2.1nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9937 tiff<4.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10688 libdwarf<20160115 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2015-8538 libdwarf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9998 faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9218 faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9219 faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9220 faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9221 faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9222 faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9223 faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9253 faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9254 faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9255 faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9256 faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9257 php{56,70,71}-piwigo-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-10678 php{56,70,71}-piwigo-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-10679 php{56,70,71}-piwigo-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-10680 php{56,70,71}-piwigo-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-10681 php{56,70,71}-piwigo-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-10682 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9988 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9989 tor<0.3.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-0375 tor<0.3.0.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-0377 pspp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10791 pspp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10792 p5-DBD-mysql-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10788 p5-DBD-mysql-[0-9]* verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-10789 qemu<2.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9310 qemu<2.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9330 php>=5.6<5.6.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-4473 php>=7.0<7.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-4473 wireshark<2.2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9616 wireshark<2.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9766 ruby{22,23}-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2015-9096 ruby24<2.4.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2015-9096 ruby{22,23,24}-mail{,25}<2.5.5 command-injection https://nvd.nist.gov/vuln/detail/CVE-2015-9097 binutils<2.30 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9742 binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9954 binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9955 gdb-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9778 ntopng<3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7458 radare2<1.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9949 radare2<1.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9763 ocaml>=4.04<4.04.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-9772 horde-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9773 horde-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-9774 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9953 teamspeak-client-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9982 stalin-[0-9]* arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2015-8697 ffmpeg3<3.3.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9990 ffmpeg2<2.8.12 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9991 ffmpeg3<3.3.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9991 ffmpeg2<2.8.12 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9992 ffmpeg3<3.3.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9992 ffmpeg2<2.8.12 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2017-9993 ffmpeg3<3.3.2 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2017-9993 ffmpeg2<2.8.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9994 ffmpeg3<3.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9994 ffmpeg3<3.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9995 ffmpeg2<2.8.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9996 ffmpeg3<3.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9996 p5-XML-LibXML<2.0131 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-10672 mpg123<1.25.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10683 ncurses<6.0nb4 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10684 ncurses<6.0nb4 format-string https://nvd.nist.gov/vuln/detail/CVE-2017-10685 ncursesw<6.0nb3 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10684 ncursesw<6.0nb3 format-string https://nvd.nist.gov/vuln/detail/CVE-2017-10685 nasm<2.13.02 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-10686 libsass-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10687 vlc>=2.2<2.2.7 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-10699 mcollective<2.10.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-2292 libtasn1<4.13 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-10790 GraphicsMagick<1.3.26 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10794 GraphicsMagick<1.3.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10799 GraphicsMagick<1.3.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10800 webmin<1.850 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-9313 rt4<4.2.14 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-6127 rt4<4.2.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-5361 rt4<4.2.14 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-5943 rt4<4.2.14 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-5944 contao35<3.5.28 file-inclusion https://contao.org/en/news/contao-3_5_28.html php{55,56,70,71}-contao35<3.5.28 file-inclusion https://contao.org/en/news/contao-3_5_28.html php{56,70,71}-contao44<4.4.1 file-inclusion https://contao.org/en/news/contao-3_5_28.html evince<3.22.1nb6 command-injection https://bugzilla.gnome.org/show_bug.cgi?id=784630 jabberd<2.6.1 authentication-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5664 xenkernel42-[0-9]* sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-217.html xenkernel45-[0-9]* sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-217.html xenkernel46<4.6.6 sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-217.html xenkernel48<4.8.2 sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-217.html xenkernel42-[0-9]* multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-218.html xenkernel45-[0-9]* multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-218.html xenkernel46<4.6.6 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-218.html xenkernel48<4.8.2 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-218.html xenkernel42-[0-9]* privilege-elevation https://xenbits.xen.org/xsa/advisory-219.html xenkernel45-[0-9]* privilege-elevation https://xenbits.xen.org/xsa/advisory-219.html xenkernel46<4.6.6 privilege-elevation https://xenbits.xen.org/xsa/advisory-219.html xenkernel48<4.8.2 privilege-elevation https://xenbits.xen.org/xsa/advisory-219.html xenkernel45-[0-9]* information-disclosure https://xenbits.xen.org/xsa/advisory-220.html xenkernel46<4.6.6 information-disclosure https://xenbits.xen.org/xsa/advisory-220.html xenkernel48<4.8.2 information-disclosure https://xenbits.xen.org/xsa/advisory-220.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-221.html xenkernel46<4.6.6 denial-of-service https://xenbits.xen.org/xsa/advisory-221.html xenkernel48<4.8.2 denial-of-service https://xenbits.xen.org/xsa/advisory-221.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-222.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-222.html xenkernel46<4.6.6 denial-of-service https://xenbits.xen.org/xsa/advisory-222.html xenkernel48<4.8.2 denial-of-service https://xenbits.xen.org/xsa/advisory-222.html xenkernel42-[0-9]* multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-224.html xenkernel45-[0-9]* multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-224.html xenkernel46<4.6.6 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-224.html xenkernel48<4.8.2 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-224.html py{27,34,35,36}-tlslite<0.4.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-3220 radare2<1.6.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10929 ImageMagick<7.0.6.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10928 ImageMagick6-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10928 ImageMagick<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11166 ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11166 ImageMagick<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11141 ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11141 ImageMagick<7.0.6.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10995 ImageMagick6-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10995 ImageMagick<7.0.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11188 ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11188 ImageMagick<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11170 ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11170 modular-xorg-server<1.19.4 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10971 modular-xorg-server<1.19.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-10972 qemu<2.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9524 faac<1.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9129 #pcre-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11164 # disputed https://lists.exim.org/lurker/message/20200803.110207.8e4981db.en.html php>=5.6<5.6.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11147 php>=7.0<7.0.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11147 php>=5.6<5.6.31 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-11145 php>=7.0<7.0.16 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-11145 php>=7.0<7.1.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-11145 php>=5.6<5.6.31 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-11144 php>=7.0<7.0.16 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-11144 php>=7.0<7.1.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-11144 php>=5.6<5.6.31 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-11143 php>=5.6<5.6.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11142 php>=7.0<7.0.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11142 php>=7.1<7.1.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11142 php>=5.6<5.6.28 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-10397 php>=7.0<7.0.13 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-10397 GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11140 GraphicsMagick<1.3.27 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-11139 GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11102 mpg123<1.25.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11126 ncurses<6.0nb4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11113 ncurses<6.0nb4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11112 ncursesw<6.0nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11113 ncursesw<6.0nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11112 tcpdump<4.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11108 nasm<2.13.02 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11111 vim<8.0.0704 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11109 phpldapadmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-11107 knot<2.5.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-11104 catdoc-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11110 sqlite3<3.20.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10989 libcares<1.13.0 out-of-bounds-read https://c-ares.haxx.se/adv_20170620.html irssi<1.0.4 multiple-vulnerabilities https://irssi.org/security/irssi_sa_2017_07.txt poppler<0.56 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2818 poppler<0.55 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2814 gnome-session<2.29.92 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11171 ImageMagick<7.0.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11478 ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11478 ImageMagick<7.0.6.1 multiple-vulnerabilities https://github.com/ImageMagick/ImageMagick/issues/556 ImageMagick6<6.9.9.0 multiple-vulnerabilities https://github.com/ImageMagick/ImageMagick/issues/556 ImageMagick<7.0.7.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11540 ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11537 ImageMagick6<6.9.9.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11537 ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11538 ImageMagick6<6.9.9.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11538 ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11539 ImageMagick6<6.9.9.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11539 ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11536 ImageMagick6<6.9.9.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11536 ImageMagick6<6.9.9.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11534 ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11534 libsass<3.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11554 libsass<3.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11555 libsass<3.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11556 tcpdump<4.9.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11541 tcpdump<4.9.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11542 tcpdump<4.9.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11543 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11553 # in stills2dv, not libjpeg-turbo-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9614 libid3tag-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11550 libid3tag-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11551 sox-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11332 sox-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11358 sox-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11359 libao-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11548 yaml-cpp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11692 xz<5.2.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2015-4035 cacti-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-11691 cacti-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-1000031 cacti-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-1000032 gsoap<2.8.48 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-9765 nodejs<8.1.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11499 libvorbis<1.3.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11333 vorbis-tools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11331 timidity-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11546 timidity-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11547 timidity-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11549 tinyproxy<1.10.0 local-privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-11747 tenshi-[0-9]* local-privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-11746 nosefart-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11119 php{56,70,71}-owncloud>=9.0<9.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8896 php{56,70,71}-owncloud>=9.1<9.1.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-9338 memcached<1.4.39 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9951 jasper<2.0.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000050 php{56,70,71}-roundcube<1.1.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2015-8864 glpi<9.1.5.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-11474 glpi<9.1.5.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-11475 glpi<9.1.5.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-11329 glpi<9.1.5.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-11183 glpi<9.1.5.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-11184 librsvg<2.40.18 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11464 adobe-flash-player<26.0.0.131 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb17-21.html libmspack<0.7alpha denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11423 libgxps-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11590 jenkins<2.44 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-1000362 shotwell<0.25.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-1000024 libopenmpt<0.2.8461 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-11311 xmlsec1<1.2.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000061 cairo<1.14.10nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9814 yara<3.7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11328 phpmyadmin<4.6.6 denial-of-service https://www.phpmyadmin.net/security/PMASA-2017-3/ gtk-vnc<0.5.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000044 moodle<3.3.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-2642 moodle<3.3.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-7531 moodle<3.3.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-7532 bind>=9.9.0<9.9.10pl2 information-disclosure https://kb.isc.org/article/AA-01504/74/CVE-2017-3142 bind>=9.10.0<9.10.5pl2 information-disclosure https://kb.isc.org/article/AA-01504/74/CVE-2017-3142 bind>=9.9.0<9.9.10pl2 security-bypass https://kb.isc.org/article/AA-01504/74/CVE-2017-3143 bind>=9.10.0<9.10.5pl2 security-bypass https://kb.isc.org/article/AA-01504/74/CVE-2017-3143 nginx<1.12.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7529 nginx>=1.13<1.13.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7529 teamspeak-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8290 heimdal<7.3 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-11103 apache>=2.4.26<2.4.27 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-9789 apache<2.2.34 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9788 apache>=2.4<2.4.27 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9788 apache-roller<5.1.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2015-0249 ruby{22,23,24}-mixlib-archive<0.4.0 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2017-1000026 epiphany<3.18.11 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-1000025 php{56,70,71}-tt-rss-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-1000035 KeePass<1.33 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-1000066 libcares>=1.8.0<1.13.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-1000381 freeradius>=3.0<3.0.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10978 freeradius<2.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10978 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11336 libsass-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11341 chicken<4.13.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11343 php70-intl<7.0.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11362 php71-intl<7.1.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11362 ffmpeg2<2.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11399 ffmpeg3<3.3.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11399 go<1.7.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-8932 go>=1.8<1.8.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-8932 ruby24>=2.4.1<2.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11465 qemu<2.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11434 php<5.6.31 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11628 php>=7.0<7.0.21 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11628 php>=7.1<7.1.7 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11628 gcc48<4.8.5nb4 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2017-11671 gcc49<4.9.4nb4 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2017-11671 gcc5<5.4.0nb5 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2017-11671 gcc6<6.4.0 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2017-11671 soundtouch<1.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9258 mpg123<1.25.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9545 lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11720 ffmpeg3<3.3.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11719 rspamd<1.6.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-11737 ntp<4.2.8p5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5300 links<2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11114 tiff<4.0.9nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11613 GraphicsMagick<1.3.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11643 ImageMagick6<6.9.9.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-11644 ImageMagick<7.0.6.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-11644 arts-[0-9]* temporary-file-race https://nvd.nist.gov/vuln/detail/CVE-2015-7543 kdelibs3-[0-9]* temporary-file-race https://nvd.nist.gov/vuln/detail/CVE-2015-7543 mantis<1.2.20 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-5059 mantis<1.3.21 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12061 mantis>=2.0<2.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12061 mantis>=2.0<2.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12062 libmad-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11552 cacti<1.1.16 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12066 cacti<1.1.16 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-12065 potrace-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12067 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11703 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11704 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11705 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11728 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11729 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11730 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11732 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11733 ImageMagick6>=6.9.9.4<6.9.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11750 ImageMagick>=7.0.6.4<7.0.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11750 ImageMagick6<6.9.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11751 ImageMagick<7.0.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11751 ImageMagick6<6.9.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11754 ImageMagick<7.0.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11754 ImageMagick6<6.9.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11752 ImageMagick<7.0.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11752 ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11753 ImageMagick6<6.9.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11755 ImageMagick<7.0.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11755 ImageMagick6<6.9.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12140 ImageMagick<7.0.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12140 libytnef<1.9.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12141 libquicktime-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12143 libytnef<1.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12142 libytnef<1.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12144 libquicktime-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12145 hplip<3.15.7 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2015-0839 jasper<1.900.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5203 qemu<2.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10664 qemu<2.10.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10806 qemu<2.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11334 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11731 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11734 php56-gd<5.6.31 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-7890 php70-gd<7.0.21 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-7890 php71-gd<7.1.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-7890 ioquake3<1.36.20200125 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11721 mysql-server<5.0.67 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2008-4098 GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11722 ImageMagick<7.0.6.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-12418 ImageMagick6<6.9.9.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-12418 ghostscript-agpl<9.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11714 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11714 varnish>=4.0.0<4.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12425 varnish>=4.1.0<4.1.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12425 varnish>=5.1.0<5.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12425 ImageMagick6<6.9.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12428 ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12428 ImageMagick6<6.9.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12429 ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12429 ImageMagick6<6.9.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12430 ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12430 ImageMagick6<6.9.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12427 ImageMagick<7.0.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12427 ImageMagick6<6.9.9.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12431 ImageMagick<7.0.6.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12431 ImageMagick6<6.9.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12432 ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12432 ImageMagick6<6.9.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12433 ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12433 ImageMagick6<6.9.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12434 ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12434 ImageMagick6<6.9.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12435 ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12435 binutils<2.30 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12448 binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12449 binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12450 binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12452 binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12451 binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12454 binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12453 binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12455 binutils<2.30 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-12457 binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12458 binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12456 binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12459 ledger<3.1.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12481 ledger<3.1.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12482 ImageMagick6<6.9.9.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11724 ImageMagick<7.0.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11724 ffmpeg2<2.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11665 ffmpeg3<3.3.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11665 mantis-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-12419 libsndfile<1.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12562 ImageMagick6<6.9.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12565 ImageMagick<7.0.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12565 ImageMagick6<6.9.9.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12564 ImageMagick<7.0.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12564 ImageMagick6<6.9.9.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12566 ImageMagick<7.0.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12566 ImageMagick6<6.9.9.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12563 ImageMagick<7.0.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12563 ImageMagick6<6.9.9.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12587 ImageMagick<7.0.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12587 rsyslog<8.28.0 format-string https://nvd.nist.gov/vuln/detail/CVE-2017-12588 openexr<2.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12596 opencv<3.3.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12598 opencv<3.3.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-12597 opencv<3.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12600 opencv<3.3.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12599 opencv<3.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12602 opencv<3.3.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12601 opencv<3.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12603 opencv<3.3.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-12604 opencv<3.3.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-12605 opencv<3.3.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-12606 libmspack<0.7alpha denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-6419 clamav<0.99.3nb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-6418 clamav<0.99.3nb1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-6420 samba>=4.0.0<4.5.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2016-2126 ImageMagick6<6.9.9.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12640 ImageMagick<7.0.6.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12640 ImageMagick6<6.9.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12641 ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12641 ImageMagick6<6.9.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12643 ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12643 ImageMagick6<6.9.9.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12642 ImageMagick<7.0.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12642 ImageMagick6<6.9.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12644 ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12644 ghostscript-agpl<9.23 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9835 ghostscript-gpl-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9835 mysql-client>=5.6<5.6.37 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL mysql-server>=5.6<5.6.37 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL mysql-client>=5.7<5.7.19 unauthorized-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3651 mysql-server>=5.7<5.7.19 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL openjdk8<1.8.144 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixJAVA oracle-jdk8<8.0.144 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixJAVA oracle-jre8<8.0.144 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixJAVA ipsec-tools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-10396 firefox<68.0 denial-of-service http://hyp3rlinx.altervista.org/advisories/FIREFOX-v54.0.1-DENIAL-OF-SERVICE.txt cliqz<1.28.0 denial-of-service http://hyp3rlinx.altervista.org/advisories/FIREFOX-v54.0.1-DENIAL-OF-SERVICE.txt seamonkey<2.48 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-04/ fontforge<20170730 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11576 freerdp-[0-9]* multiple-vulnerabilities http://blog.talosintelligence.com/2017/07/vulnerbility-spotlight-freerdp-multiple.html ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12654 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12662 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12663 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12664 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12665 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12666 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12667 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12668 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12669 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12670 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12671 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12672 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12673 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12674 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12675 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12676 binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12967 binutils<2.30 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12799 firefox52<52.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-19/ pspp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12958 pspp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12959 pspp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12960 pspp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12961 libsass<3.5.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12962 libsass-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12963 libsass-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12964 unrar<5.5.7 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2017-12938 unrar<5.5.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12940 unrar<5.5.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12941 unrar<5.5.7 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12942 exiv2<0.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12955 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12956 exiv2<0.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12957 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11683 GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12935 GraphicsMagick<1.3.27 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12936 GraphicsMagick<1.3.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12937 libwildmidi<0.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11661 libwildmidi<0.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11662 libwildmidi<0.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11663 libwildmidi<0.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11664 adobe-flash-player<26.0.0.151 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb17-23.html librest07<0.7.93 weak-authentication https://nvd.nist.gov/vuln/detail/CVE-2015-2675 librest-[0-9]* weak-authentication https://nvd.nist.gov/vuln/detail/CVE-2015-2675 tiff<4.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12944 py{27,34,35,36}-attic<0.15 weak-encryption https://nvd.nist.gov/vuln/detail/CVE-2015-4082 augeas<1.8.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7555 cacti-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12927 postgresql94-server<9.4.13 multiple-vulnerabilities https://www.postgresql.org/about/news/1772/ postgresql95-server<9.5.8 multiple-vulnerabilities https://www.postgresql.org/about/news/1772/ postgresql96-server<9.6.4 multiple-vulnerabilities https://www.postgresql.org/about/news/1772/ apache>=2.4<2.4.26 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-7659 php{56,70,71}-owncloud<10.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9339 php{56,70,71}-owncloud<10.0.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-9340 apache-tomcat>=8.5<8.5.16 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-7675 apache-tomcat>=7.0<7.0.79 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-7675 apache-tomcat>=7.0<7.0.72 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-6796 apache-tomcat>=8.0<8.0.37 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-6796 apache-tomcat>=8.5<8.5.5 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-6796 apache-tomcat>=7.0<7.0.72 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-6797 apache-tomcat>=8.0<8.0.37 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-6797 apache-tomcat>=8.5<8.5.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-6797 apache-tomcat>=7.0<7.0.74 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-8745 apache-tomcat>=8.0<8.0.40 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-8745 apache-tomcat>=8.5<8.5.9 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-8745 apache-tomcat>=8.5<8.5.8 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-6817 apache-tomcat>=8.5<8.5.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-6794 apache-tomcat>=7.0<7.0.72 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-8744 apache-tomcat>=8.0<8.0.37 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-8744 apache-tomcat>=8.5<8.5.5 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-5018 apache-tomcat>=7.0<7.0.72 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-5018 apache-tomcat>=8.0<8.0.37 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-5018 apache-tomcat>=8.5<8.5.5 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-0762 apache-tomcat>=7.0<7.0.72 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-0762 apache-tomcat>=8.0<8.0.37 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-0762 opencv<3.3.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-12863 opencv<3.3.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-12864 opencv<3.3.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-12862 xenkernel45-[0-9]* multiple-vulnerabilities http://xenbits.xen.org/xsa/advisory-230.html xenkernel46<4.6.6nb1 multiple-vulnerabilities http://xenbits.xen.org/xsa/advisory-230.html xenkernel48<4.8.2 multiple-vulnerabilities http://xenbits.xen.org/xsa/advisory-230.html py{27,33,34,35}-numpy-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12852 mantis<2.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12061 mantis<2.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12062 lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9410 lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9411 lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9412 lame<3.100 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-9412 taglib<1.11.1nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12678 subversion-base<1.9.7 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-9800 curl>=7.34.0<7.55.0 out-of-bounds-read https://curl.haxx.se/docs/adv_20170809A.html curl>=7.15.0<7.55.0 information-disclosure https://curl.haxx.se/docs/adv_20170809B.html curl>=7.54.1<7.55.0 out-of-bounds-read https://curl.haxx.se/docs/adv_20170809C.html soundtouch<1.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9259 soundtouch<1.9.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-9260 mit-krb5<1.14.5nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11368 libgcrypt<1.7.8 side-channel https://nvd.nist.gov/vuln/detail/CVE-2017-7526 libsoup<2.58.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2885 py{27,34,35,36}-mercurial<4.3.1 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-1000115 py{27,34,35,36}-mercurial<4.3.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-1000116 cvs<1.12.13nb6 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-12836 patch<2.7.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-9637 salt<2014.7.6 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2015-4017 patch<2.7.3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2015-1395 py{27,33,34,35}-kerberos-[0-9]* weak-authentication https://nvd.nist.gov/vuln/detail/CVE-2015-3206 tidy<5.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13692 php>=7.0<7.0.21 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12934 php>=7.1<7.1.7 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12934 php>=5.6<5.6.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12933 php>=7.0<7.0.21 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12933 php>=7.1<7.1.7 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12933 php>=7.0<7.0.22 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12932 php>=7.1<7.1.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12932 gnutls<3.4.13 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-12932 ntp<4.2.8p2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-3405 qemu<2.0.0 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2014-0143 python27<2.7.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-4616 python34<3.4.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-4616 python35<3.5.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-4616 py{27,33,34,35}-simplejson<3.5.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-4616 apache-tomcat>=7.0<7.0.78 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2017-7674 apache-tomcat>=8.0<8.0.44 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2017-7674 apache-tomcat>=8.5<8.5.15 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2017-7674 apache-tomcat>=8.5<8.5.15 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2017-7675 x265-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13666 ImageMagick6<6.9.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13658 ImageMagick<7.0.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13658 xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-226.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-226.html xenkernel46<4.6.6nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-226.html xenkernel48<4.8.2 denial-of-service https://xenbits.xen.org/xsa/advisory-226.html xenkernel42-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-227.html xenkernel45-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-227.html xenkernel46<4.6.6nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-227.html xenkernel48<4.8.2 privilege-escalation https://xenbits.xen.org/xsa/advisory-227.html xenkernel46<4.6.6nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-228.html xenkernel48<4.8.2 denial-of-service https://xenbits.xen.org/xsa/advisory-228.html py{27,33,34,35}-JWT<1.5.1 weak-encryption https://nvd.nist.gov/vuln/detail/CVE-2017-11424 nagios-base<4.3.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-12847 GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13648 binutils<2.30 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-13710 flightgear<2017.3.1 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-13709 qpdf<7.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12595 GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13147 GraphicsMagick<1.3.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-13063 GraphicsMagick<1.3.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-13064 GraphicsMagick<1.3.27 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-13065 GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13066 ImageMagick6<6.9.9.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12983 ImageMagick<7.0.6.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12983 ImageMagick6<6.9.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13026 ImageMagick<7.0.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13026 ImageMagick6<6.9.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13058 ImageMagick<7.0.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13058 ImageMagick6<6.9.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13059 ImageMagick<7.0.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13059 ImageMagick6<6.9.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13060 ImageMagick<7.0.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13060 ImageMagick6<6.9.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13061 ImageMagick<7.0.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13061 ImageMagick<7.0.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13131 ImageMagick<7.0.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13132 ImageMagick<7.0.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13133 ImageMagick<7.0.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13134 ImageMagick6<6.9.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13139 ImageMagick<7.0.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13139 ImageMagick6<6.9.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13140 ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13140 ImageMagick6<6.9.9.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13141 ImageMagick<7.0.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13141 ImageMagick6<6.9.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13142 ImageMagick<7.0.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13142 ImageMagick6<6.9.7.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13143 ImageMagick<7.0.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13143 ImageMagick6<6.9.7.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13143 ImageMagick6<6.9.8.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13145 ImageMagick<7.0.5.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13145 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13146 ImageMagick<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13146 newsbeuter-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-12904 libzip<1.3.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-12858 salt<2017.7.1 weak-authentication https://nvd.nist.gov/vuln/detail/CVE-2017-12791 salt<2015.8.1 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6941 qemu<2.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12809 py27-supervisor<3.3.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-11610 dnsdist<1.1.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-7557 ha-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2015-1198 ppmd-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2015-1199 wpa_supplicant<2.4 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2015-0210 xymon<4.3.18 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-1430 unshield<1.4 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2015-1386 bash<4.3.047 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-0634 mantis<1.2.20 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2015-2046 qemu<2.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8380 openjpeg<2.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12982 cacti<1.1.18 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12978 ruby22-rest-client<1.8.0 sensitive-information-exposure https://nvd.nist.gov/vuln/detail/CVE-2015-1820 ruby23-rest-client<1.8.0 sensitive-information-exposure https://nvd.nist.gov/vuln/detail/CVE-2015-1820 ruby24-rest-client<1.8.0 sensitive-information-exposure https://nvd.nist.gov/vuln/detail/CVE-2015-1820 qemu<2.0.0 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2014-0142 qemu<2.0.0 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2014-0145 qemu<2.0.0 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2014-0146 asn1c-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12966 kpathsea<6.0.1 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2015-5700 kpathsea<6.2.1 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2015-5701 kgb-bot-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-1554 php{56,70,71}-basercms<3.0.15 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-10842 libfpx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12919 lame<3.100 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-13712 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13716 openssl<1.0.2knb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-3735 openssl>=1.1.0<1.1.0g out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-3735 heimdal<7.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-6594 mpg123<1.25.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12797 sqlite3<3.21.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13685 tiff<4.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13726 tiff<4.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13727 ncurses<6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13728 libraw<0.18.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13735 jasper<2.0.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13745 mpg123<1.18.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-9497 libgcrypt<1.8.1 side-channel https://nvd.nist.gov/vuln/detail/CVE-2017-0379 sleuthkit<4.1.3nb6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-13755 openjpeg<2.2.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-10504 wireshark<2.4.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-13764 ffmpeg010<0.10.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-2805 mbedtls<1.3.21 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-14032 mbedtls>=2<2.1.9 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-14032 ffmpeg3<3.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14054 ffmpeg2<2.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14055 ffmpeg3<3.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14055 ffmpeg2<2.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14056 ffmpeg3<3.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14056 ffmpeg2<2.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14057 ffmpeg3<3.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14057 ffmpeg2<2.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14058 ffmpeg3<3.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14058 ffmpeg3<3.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14059 ffmpeg2<2.8.13 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14169 ffmpeg3<3.3.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14169 ffmpeg2<2.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14170 ffmpeg3<3.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14170 ffmpeg2<2.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14171 ffmpeg3<3.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14171 libidn2<2.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14061 ruby22-base<2.2.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14064 ruby23-base<2.3.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14064 ruby24-base<2.4.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14064 pngcrush<1.7.87 double-free https://nvd.nist.gov/vuln/detail/CVE-2015-7700 qemu<2.11.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-13672 libzip<1.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14107 ImageMagick6<6.9.9.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12691 ImageMagick<7.0.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12691 emacs24-24.4* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-9483 emacs24-nox11-24.4* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-9483 asterisk>=13.0<13.17.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14098 asterisk>=14.0<14.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14098 asterisk>=11.0<11.25.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14099 asterisk>=13.0<13.17.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14099 asterisk>=14.0<14.6.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14099 asterisk>=11.0<11.25.2 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14100 asterisk>=13.0<13.17.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14100 asterisk>=14.0<14.6.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14100 ffmpeg1<1.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2013-0870 jasper<2.0.19 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14132 opencv<3.3.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-14136 evince<3.22.1nb6 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-1000083 gedit-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14108 py{27,34,35,36}-scrapy-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14158 ledger<3.1.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2807 ledger<3.1.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-2808 GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14165 libarchive<3.3.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14166 ruby19<1.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-6438 py{27,34,35,36}-django>=1.10<1.10.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12794 py{27,34,35,36}-django>=1.11<1.11.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12794 mp3gain-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2017-12911 mp3gain-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12912 gd<2.2.5 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-6362 ocaml<4.04.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-9779 php{56,70,71}-concrete5<5.7.4.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2015-4724 php{56,70,71}-concrete5<5.7.4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2015-4721 ntp<4.2.8p3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5146 qt5-qtwebkit<5.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-8079 libwpd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14226 #jasper-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14229 Disputed, see https://github.com/jasper-maint/jasper/issues/20#issuecomment-648920879 libbson-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14227 nasm<2.13.02 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14228 cyrus-imapd<3.0.4 off-by-one https://nvd.nist.gov/vuln/detail/CVE-2017-14230 ImageMagick<7.0.7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14248 ImageMagick6<6.9.9.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14249 ImageMagick<7.0.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14249 libraw<0.18.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14265 file<5.32 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-1000249 GraphicsMagick<1.3.27 off-by-one https://nvd.nist.gov/vuln/detail/CVE-2017-14314 perl<5.26.0nb3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12837 git-base<2.14.1 command-injection https://github.com/git/git/blob/master/Documentation/RelNotes/2.14.1.txt mariadb-server<5.5.57 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL jenkins<1.586 information-leak https://nvd.nist.gov/vuln/detail/CVE-2014-9634 jenkins<1.586 information-leak https://nvd.nist.gov/vuln/detail/CVE-2014-9635 mantis<1.2.19 weak-authentication https://nvd.nist.gov/vuln/detail/CVE-2014-9624 tcpreplay<4.1.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14266 xenkernel42-[0-9]* out-of-bounds-write http://xenbits.xen.org/xsa/advisory-231.html xenkernel45-[0-9]* out-of-bounds-write http://xenbits.xen.org/xsa/advisory-231.html xenkernel46<4.6.6nb1 out-of-bounds-write http://xenbits.xen.org/xsa/advisory-231.html xenkernel48<4.8.3 out-of-bounds-write http://xenbits.xen.org/xsa/advisory-231.html xentools42-[0-9]* double-free http://xenbits.xen.org/xsa/advisory-233.html xentools45-[0-9]* double-free http://xenbits.xen.org/xsa/advisory-233.html xentools46<4.6.6nb1 double-free http://xenbits.xen.org/xsa/advisory-233.html xentools48<4.8.3 double-free http://xenbits.xen.org/xsa/advisory-233.html xenkernel42-[0-9]* null-dereference http://xenbits.xen.org/xsa/advisory-232.html xenkernel45-[0-9]* null-dereference http://xenbits.xen.org/xsa/advisory-232.html xenkernel46<4.6.6nb1 null-dereference http://xenbits.xen.org/xsa/advisory-232.html xenkernel48<4.8.3 null-dereference http://xenbits.xen.org/xsa/advisory-232.html xenkernel42-[0-9]* privilege-escalation http://xenbits.xen.org/xsa/advisory-234.html xenkernel45-[0-9]* privilege-escalation http://xenbits.xen.org/xsa/advisory-234.html xenkernel46<4.6.6nb1 privilege-escalation http://xenbits.xen.org/xsa/advisory-234.html xenkernel48<4.8.3 privilege-escalation http://xenbits.xen.org/xsa/advisory-234.html xenkernel42-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-207.html xenkernel45<4.5.5nb4 denial-of-service http://xenbits.xen.org/xsa/advisory-207.html xenkernel46<4.6.5 denial-of-service http://xenbits.xen.org/xsa/advisory-207.html xenkernel48<4.8.1 denial-of-service http://xenbits.xen.org/xsa/advisory-207.html ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14325 ImageMagick6<6.9.9.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14325 ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14326 ImageMagick6<6.9.9.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14326 ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14324 ImageMagick6<6.9.9.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14341 ImageMagick<7.0.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14341 ImageMagick6<6.9.9.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14343 ImageMagick<7.0.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14343 ImageMagick6<6.9.9.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14342 ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14400 ImageMagick6<6.9.9.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14400 ImageMagick<7.0.6.9 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14248 ImageMagick<7.0.7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14249 ImageMagick6<6.9.9.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14249 ImageMagick<7.0.7.2 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14505 ImageMagick6<6.9.9.13 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14505 ImageMagick6<6.9.9.11 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-14528 ImageMagick<7.0.7.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-14528 ImageMagick<7.0.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14531 ImageMagick6<6.9.9.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14531 ImageMagick<7.0.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14533 ImageMagick6<6.9.9.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14533 ImageMagick<7.0.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14532 ImageMagick6<6.9.9.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14532 ImageMagick<7.0.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14224 ImageMagick6<6.9.9.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14224 ImageMagick<7.0.7.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14607 ImageMagick6<6.9.9.15 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14607 ImageMagick<7.0.7.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14625 ImageMagick6<6.9.9.12 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14625 ImageMagick<7.0.7.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14624 ImageMagick6<6.9.9.12 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14624 ImageMagick<7.0.7.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14626 ImageMagick6<6.9.9.12 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14626 horde>=2.0.0<2.5.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14650 ImageMagick<7.0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14684 ImageMagick6<6.9.9.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14684 ImageMagick<7.0.7.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14682 ImageMagick6<6.9.9.15 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14682 binutils<2.30 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14333 cross-aarch64-none-elf-binutils<2.30 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14333 cross-arm-none-eabi-binutils<2.30 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14333 avr-binutils<2.30 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14333 binutils-mips<2.30 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14333 cross-freemint-binutils<2.30 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14333 cross-h8300-elf-binutils<2.30 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14333 cross-h8300-hms-binutils<2.30 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14333 nios2-binutils<2.30 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14333 binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529 cross-aarch64-none-elf-binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529 cross-arm-none-eabi-binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529 avr-binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529 binutils-mips<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529 cross-freemint-binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529 cross-h8300-elf-binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529 cross-h8300-hms-binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529 nios2-binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529 cross-pdp11-aout-binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529 mingw-binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529 weechat<1.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14727 wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14726 php{56,70,71}-ja-wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14726 wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14724 php{56,70,71}-ja-wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14724 wordpress<4.8.2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2017-14722 php{56,70,71}-ja-wordpress<4.8.2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2017-14722 wordpress<4.8.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2017-14725 php{56,70,71}-ja-wordpress<4.8.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2017-14725 wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14718 php{56,70,71}-ja-wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14718 wordpress<4.8.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-14723 php{56,70,71}-ja-wordpress<4.8.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-14723 wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14721 php{56,70,71}-ja-wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14721 wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14720 php{56,70,71}-ja-wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14720 wordpress<4.8.2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2017-14719 php{56,70,71}-ja-wordpress<4.8.2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2017-14719 magento-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2014-9758 mupdf<1.11nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14685 mupdf<1.11nb5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14686 mupdf<1.11nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14687 bladeenc-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-14648 libexif<0.6.21nb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-7544 GraphicsMagick<1.3.27 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14504 GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14649 openjpeg<2.3.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-14164 libraw<0.19 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14348 libraw<0.19 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-14608 mp3gain-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14406 mp3gain-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14407 mp3gain-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14408 mp3gain-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14409 mp3gain-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14410 mp3gain-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14411 mp3gain-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14412 php{56,70,71}-drupal<7.35 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2015-2749 php{56,70,71}-drupal<7.35 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2015-2750 mit-krb5<1.14.6 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-11462 ruby22-base<2.2.8 information-leak https://nvd.nist.gov/vuln/detail/CVE-2017-0898 ruby23-base<2.3.5 information-leak https://nvd.nist.gov/vuln/detail/CVE-2017-0898 ruby24-base<2.4.2 information-leak https://nvd.nist.gov/vuln/detail/CVE-2017-0898 ruby22-base<2.2.7 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-10784 ruby23-base<2.3.4 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-10784 ruby24-base<2.4.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-10784 ruby22-base<2.2.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14033 ruby23-base<2.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14033 ruby24-base<2.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14033 ruby22-base<2.2.8 command-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0899 ruby23-base<2.3.5 command-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0899 ruby24-base<2.4.2 command-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0899 ruby22-base<2.2.8 command-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0900 ruby23-base<2.3.5 command-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0900 ruby24-base<2.4.2 command-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0900 ruby22-base<2.2.8 arbitrary-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0901 ruby23-base<2.3.5 arbitrary-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0901 ruby24-base<2.4.2 arbitrary-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0901 ruby22-base<2.2.8 dns-hijacking https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0902 ruby23-base<2.3.5 dns-hijacking https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0902 ruby24-base<2.4.2 dns-hijacking https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0902 libofx-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2816 libofx-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2816 tcpdump<4.9.2 multiple-vulnerabilities http://www.tcpdump.org/tcpdump-changes.txt botan>=2.0<2.3.0 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2017-14737 botan<1.10.17 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2017-14737 ImageMagick<7.0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14741 ImageMagick6<6.9.9.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14741 ImageMagick<7.0.7.7 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14739 ImageMagick6-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14739 ffmpeg2<2.8.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14222 ffmpeg3<3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14222 ffmpeg2<2.8.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14223 ffmpeg3<3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14223 ffmpeg3<3.4 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14225 emacs21<21.4anb39 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482 emacs22-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482 emacs23-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482 emacs24-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482 emacs25<25.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482 emacs21-nox11<21.4anb39 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482 emacs22-nox11-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482 emacs23-nox11-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482 emacs24-nox11-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482 emacs25-nox11<25.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482 libbpg-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14734 newsbeuter-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14500 moodle<3.3.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-12157 moodle<3.3.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12156 libarchive<3.3.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-14501 libarchive<3.3.3 off-by-one https://nvd.nist.gov/vuln/detail/CVE-2017-14502 libarchive<3.3.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-14503 poppler<0.61.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14518 poppler<0.61.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14517 poppler<0.61.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14520 poppler<0.61.1 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2017-14519 tor>=0.3.0<0.3.0.11 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-0380 tor>=0.3.1<0.3.1.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-0380 apache<2.2.34nb1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9798 apache>=2.4<2.4.27nb2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9798 apache-tomcat>=7.0<7.0.81 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-12616 gdk-pixbuf2<2.36.10 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2862 qemu<2.11.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14167 dovecot>=2<2.2.17 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3420 mongodb-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14227 nagios-base-[0-9]* privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14312 perl<5.26.0nb3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-12883 py{27,34,35,36}-ipython<3.2.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2015-5607 py{27,34,35,36}-ipython<3.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2015-4707 py{27,34,35,36}-ipython>=3.0<3.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2015-4706 nautilus<3.23.90 spoofing https://nvd.nist.gov/vuln/detail/CVE-2017-14604 libpgf<6.15.32 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2015-6673 SOGo<3.1.0 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2015-5395 kannel-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-14609 ruby{22,23,24}-chef-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-8559 libvorbis<1.3.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-14633 libvorbis<1.3.6 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14632 libvorbis<1.3.6nb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-14160 libsndfile<1.0.28nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14634 libsndfile<1.0.28nb3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14245 libsndfile<1.0.28nb3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14246 samba<4.6.8 man-in-the-middle https://www.samba.org/samba/security/CVE-2017-12150.html samba<4.6.8 man-in-the-middle https://www.samba.org/samba/security/CVE-2017-12151.html samba<4.6.8 information-leak https://www.samba.org/samba/security/CVE-2017-12163.html binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14745 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14930 binutils<2.30 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-14932 binutils<2.30 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-14933 binutils<2.30 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-14934 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14938 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14939 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14940 poppler<0.60.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14617 poppler<0.60.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14926 poppler<0.60.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14927 poppler<0.60.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14928 poppler<0.60.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2017-14929 php{56,70,71}-tiki6<17.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14924 php{56,70,71}-tiki6<17.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14925 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14857 exiv2<0.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14858 exiv2<0.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14859 exiv2<0.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14860 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14861 exiv2<0.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14862 exiv2<0.27 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14863 exiv2<0.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14864 exiv2<0.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14865 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14866 git-base<2.14.2 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-14867 percona-toolkit<2.2.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-2029 libofx-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14731 nodejs<8.6.0 unauthorised-access https://nvd.nist.gov/vuln/detail/CVE-2017-14849 libbpg-[0-9] denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14795 libbpg-[0-9] denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14796 salt<2016.11.2 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-5200 salt<2016.11.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-5192 ffmpeg3<3.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14767 kdepim<4.14.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-8878 tcpdump<4.7.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3138 freexl<1.0.4 arbitrary-code-execution https://www.debian.org/security/2017/dsa-3976 protobuf<3.4.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-5237 openvpn<2.4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12166 dnsmasq<2.78 multiple-vulnerabilities https://www.kb.cert.org/vuls/id/973527 pngcrush<1.7.84 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-2158 modular-xorg-server<1.19.4 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13723 salt<2017.7.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-5192 ruby{18,20,21,22,23}-http<0.7.3 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2015-1828 py{27,34,35,36}-ipython<4.0 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2015-5607 wpa_supplicant<2.6nb1 weak-cryptography http://seclists.org/oss-sec/2017/q4/83 coreutils<8.13 local-file-delete https://nvd.nist.gov/vuln/detail/CVE-2015-1865 libbfd-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14729 wesnoth<1.12.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-5069 ImageMagick<7.0.7.5 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-14989 ImageMagick6<6.9.9.17 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-14989 apache-tomcat>=7.0<7.0.82 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-12617 apache-tomcat>=8.0<8.0.47 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-12617 apache-tomcat>=8.5<8.5.23 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-12617 poppler<0.60.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14926 GraphicsMagick<1.3.27 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14994 git-base<2.14.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-1000117 lame<3.100 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15018 go<1.8.4 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-15041 go>=1.9<1.9.1 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-15041 redis<4.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15047 libofx<0.9.12 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2017-2920 curl>=7.7<7.56.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-1000254 openexif-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14931 upx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15056 libmp3splt-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15185 apache-roller<5.0.3 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2014-0030 mpfr<3.1.2pl11 unspecified https://nvd.nist.gov/vuln/detail/CVE-2014-9474 asterisk>=11.0<11.25.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14603 asterisk>=13.0<13.17.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14603 asterisk>=14.0<14.6.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14603 qemu<2.11.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15038 zookeeper<3.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-5637 wesnoth<1.12.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-5070 salt<2015.5.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-6918 nodejs<4.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-7384 sudo<1.8.7 temporary-file-race https://nvd.nist.gov/vuln/detail/CVE-2015-8239 magento<1.9.2.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-8707 php{56,70,71}-piwigo<2.8.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-10513 php{56,70,71}-piwigo<2.8.3 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-10514 wireshark>=2.4.0<2.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15190 wireshark>=2.0.0<2.0.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15191 wireshark>=2.2.0<2.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15191 wireshark>=2.4.0<2.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15191 wireshark>=2.4.0<2.4.2 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-15189 wireshark>=2.2.0<2.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15193 wireshark>=2.4.0<2.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15193 wireshark>=2.2.0<2.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15192 wireshark>=2.4.0<2.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15192 cacti<1.1.26 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15194 ImageMagick6<6.9.9.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15217 ImageMagick<7.0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15217 ImageMagick6<6.9.9.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15218 ImageMagick<7.0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15218 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15225 libjpeg-turbo<1.5.3 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15232 GraphicsMagick<1.3.27 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-15238 libXfont<1.5.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13720 libXfont2<2.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13720 libXfont<1.5.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13722 libXfont2<2.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13722 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15020 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15021 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15022 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15023 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15024 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15025 libextractor<1.5 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2017-15266 libextractor<1.5 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15267 dnsmasq<2.78 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14492 dnsmasq<2.78 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14493 ImageMagick<7.0.7.3 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2017-15032 SDL2_image<2.0.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2887 SDL_image-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2887 SDL2<2.0.7 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2888 GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14997 ImageMagick6<6.9.9.12 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15015 ImageMagick<7.0.7.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15015 lame<3.100 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15019 ImageMagick6<6.9.9.12 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15016 ImageMagick<7.0.7.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15016 ImageMagick6<6.9.9.12 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15017 ImageMagick<7.0.7.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15017 lame<3.100 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15045 lame<3.100 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15046 ImageMagick<7.0.7.3 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2017-15033 qemu<2.11.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15268 ImageMagick6<6.9.9.3 information-leak https://nvd.nist.gov/vuln/detail/CVE-2017-15277 ImageMagick<7.0.6.3 information-leak https://nvd.nist.gov/vuln/detail/CVE-2017-15277 ImageMagick<7.0.7.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15281 graphicsmagick-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15281 sqlite3<3.21.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15286 dnsmasq<2.78 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13704 dnsmasq<2.78 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14491 dnsmasq<2.78 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14495 dnsmasq<2.78 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14494 dnsmasq<2.78 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14496 wordpress-[0-9]* weak-authentication https://nvd.nist.gov/vuln/detail/CVE-2017-14990 git-base<2.14.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15298 radare2<2.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15368 mupdf<1.11nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15369 sox-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15370 sox-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15372 sox-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15371 icu<59.1nb3 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-14952 thunderbird<52.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-20/ firefox52<52.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/ thunderbird<52.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-23/ irssi<1.0.5 multiple-vulnerabilities https://irssi.org/security/irssi_sa_2017_10.txt wget<1.19.1nb2 stack-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13089 wget<1.19.1nb2 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13090 mupdf<1.11nb5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15587 opensmtpd<5.7.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2015-7687 radare2<2.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15385 qemu<2.11.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-15289 p5-Perl-Tidy<20120714 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2014-2277 mediawiki>=1.24.0<1.24.1 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2014-9487 mediawiki>=1.23.0<1.23.8 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2014-9487 mediawiki>=1.22.0<1.22.15 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2014-9487 mediawiki>=1.19.0<1.19.23 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2014-9487 ruby{22,23,24}-redmine<3.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-10515 ruby{22,23,24}-redmine<3.2.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15568 ruby{22,23,24}-redmine>=3.3.0<3.3.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15568 ruby{22,23,24}-redmine>=3.4.0<3.4.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15568 ruby{22,23,24}-redmine<3.2.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15569 ruby{22,23,24}-redmine>=3.3.0<3.3.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15569 ruby{22,23,24}-redmine>=3.4.0<3.4.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15569 ruby{22,23,24}-redmine<3.2.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15570 ruby{22,23,24}-redmine>=3.3.0<3.3.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15570 ruby{22,23,24}-redmine>=3.4.0<3.4.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15570 ruby{22,23,24}-redmine<3.2.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15573 ruby{22,23,24}-redmine>=3.3.0<3.3.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15573 ruby{22,23,24}-redmine<3.2.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15571 ruby{22,23,24}-redmine>=3.3.0<3.3.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15571 ruby{22,23,24}-redmine>=3.4.0<3.4.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15571 ruby{22,23,24}-redmine<3.2.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15576 ruby{22,23,24}-redmine>=3.3.0<3.3.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15576 ruby{22,23,24}-redmine<3.2.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15574 ruby{22,23,24}-redmine>=3.3.0<3.3.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15574 ruby{22,23,24}-redmine<3.2.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15572 ruby{22,23,24}-redmine>=3.3.0<3.3.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15572 ruby{22,23,24}-redmine<3.2.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15577 ruby{22,23,24}-redmine>=3.3.0<3.3.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15577 ruby{22,23,24}-redmine<3.2.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15575 ruby{22,23,24}-redmine>=3.3.0<3.3.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15575 rsync<3.1.2nb1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-16548 graphicsmagick-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-16352 graphicsmagick-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16353 graphicsmagick-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16545 graphicsmagick-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16547 graphicsmagick-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15930 ImageMagick<7.0.7.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16546 ImageMagick6<6.9.9.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16546 modular-xorg-server<1.19.4 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13721 tor-browser<7.0.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16541 ruby{22,23,24}-yajl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/vulnId=CVE-2017-16516 openssl<1.0.2m sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-3736 openssl>=1.1.0<1.1.0g sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-3736 wordpress<4.8.3 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-16510 php{56,70,71}-ja-wordpress<4.8.3 sql-injection https://nvd.nist.gov/view/vuln/detail/CVE-2017-16510 webkit-gtk<2.16.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000121 webkit-gtk<2.16.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000122 radare2<2.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16359 radare2<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-16358 radare2<2.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16357 radare2<2.1.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15931 radare2<2.1.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15932 slurm>=2.4.0pre4<17.11.0rc2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-15566 go<1.8.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15042 go>=1.9<1.9.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15042 webmin<1.860 multiple-vulnerabilities https://blogs.securiteam.com/index.php/archives/3430 p5-Catalyst-Plugin-Static-Simple<0.34 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16248 mongodb<3.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15535 curl<7.56.1 buffer-overrun https://curl.haxx.se/docs/adv_20171023.html libvirt<3.9.0 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-1000256 nodejs<4.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14919 nodejs>=6<6.11.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14919 nodejs>=8<8.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14919 xenkernel42-[0-9]* memory-corruption http://xenbits.xen.org/xsa/advisory-236.html xenkernel45-[0-9]* memory-corruption http://xenbits.xen.org/xsa/advisory-236.html xenkernel46-[0-9]* memory-corruption http://xenbits.xen.org/xsa/advisory-236.html xenkernel48<4.8.3 memory-corruption http://xenbits.xen.org/xsa/advisory-236.html qemu<2.5.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2015-7549 quagga<1.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16227 py{26,27,33,34}-dulwich<0.9.9 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0838 xerces-j-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-0881 py{27,33,34,35,36}-dulwich<0.18.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-16228 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15996 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15938 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15939 rsync>3.1.2<3.1.2nb1 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-15994 bchunk<1.2.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15953 bchunk<1.2.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15954 bchunk<1.2.2 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15955 apollo<1.7.1 unknown-impact https://nvd.nist.gov/vuln/detail/CVE-2014-3579 libextractor<1.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-15922 glusterfs<3.10 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15096 openssh<7.6 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-15906 redis<3.2.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-10517 ffmpeg3<3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15186 salt<2017.7.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-14695 salt<2017.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14696 apr<1.6.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12613 apr-util<1.6.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12618 py{27,33,34,35,36}-werkzeug<0.11.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-10516 adobe-flash-player<26.0.0.170 remote-code-execution https://helpx.adobe.com/security/products/flash-player/apsb17-32.html sox-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-15642 wordpress-[0-9]* weak-authentication https://nvd.nist.gov/vuln/detail/CVE-2012-6707 mysql-server>=5.5<5.5.58 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL mysql-server>=5.6<5.6.38 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL mysql-server>=5.7<5.7.20 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL mariadb-server>=5.5<5.5.58 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL mysql-client>=5.5<5.5.58 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-10379 mysql-client>=5.6<5.6.38 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-10379 mysql-client>=5.7<5.7.20 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-10379 mariadb-client>=5.5<5.5.58 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-10379 py{27,33,34,35,36}-mistune<0.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15612 oracle-{jdk,jre}8<8.0.151 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixJAVA openjdk8<1.8.151 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixJAVA libextractor<1.6 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15600 libextractor<1.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15601 libextractor<1.6 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-15602 xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-235.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-235.html xenkernel48<4.8.2 denial-of-service https://xenbits.xen.org/xsa/advisory-235.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-237.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-237.html xenkernel46<4.6.6nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-237.html xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-237.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-238.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-238.html xenkernel46<4.6.6nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-238.html xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-238.html xenkernel42-[0-9]* sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-239.html xenkernel45-[0-9]* sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-239.html xenkernel46<4.6.6nb1 sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-239.html xenkernel48<4.8.3 sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-239.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-240.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-240.html xenkernel46<4.6.6nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-240.html xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-240.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-241.html xenkernel46<4.6.6nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-241.html xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-241.html xenkernel42-[0-9]* memory-leak https://xenbits.xen.org/xsa/advisory-242.html xenkernel45-[0-9]* memory-leak https://xenbits.xen.org/xsa/advisory-242.html xenkernel46<4.6.6nb1 memory-leak https://xenbits.xen.org/xsa/advisory-242.html xenkernel48<4.8.3 memory-leak https://xenbits.xen.org/xsa/advisory-242.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-243.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-243.html xenkernel46<4.6.6nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-243.html xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-243.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-244.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-244.html xenkernel46<4.6.6nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-244.html xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-244.html poppler<0.61.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15565 webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0008.html webkit-gtk<2.18.0 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0008.html go<1.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000098 go<1.7.4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2017-1000097 qemu<2.5.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-7504 postgresql94-server<9.4.15 multiple-vulnerabilities https://www.postgresql.org/about/news/1801/ postgresql95-server<9.5.10 multiple-vulnerabilities https://www.postgresql.org/about/news/1801/ postgresql96-server<9.6.6 multiple-vulnerabilities https://www.postgresql.org/about/news/1801/ postgresql10-server<10.1 multiple-vulnerabilities https://www.postgresql.org/about/news/1801/ php{56,70,71}-roundcube<1.2.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16651 php>=5.6<5.6.32 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16651 php>=7.0<7.0.25 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16651 php>=7.1<7.1.11 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16651 cacti-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-16641 cacti-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-16660 cacti-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-16661 libpcap<1.2.1 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2011-1935 ffmpeg3<3.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-15672 openjpeg<2.1.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-1239 openjpeg15-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-1239 php{56,70,71,72}-drupal<7.41 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2015-7943 py{27,34,35,36}-sanic<0.5.1 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2017-16762 openssl<1.0.2h denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-8610 ruby{22,23,24}-redmine<3.2.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16804 ruby{22,23,24}-redmine>=3.3.0<3.3.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16804 tcpdump<4.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16808 couchdb<1.7.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-12635 couchdb>2.0<2.1.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-12635 couchdb<1.7.0 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-12636 couchdb>2.0<2.1.1 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-12636 collectd-snmp<5.6.3 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-16820 cacti<1.0.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2014-4000 scala<2.10.7 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-15288 scala>2.11<2.11.12 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-15288 scala>2.12<2.12.4 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-15288 konversation<1.7.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15923 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16826 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16827 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16828 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16829 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16830 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16831 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16832 mediawiki<1.27.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8808 mediawiki>1.28<1.28.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8808 mediawiki>1.29<1.29.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8808 mediawiki<1.27.4 reflected-file-download https://nvd.nist.gov/vuln/detail/CVE-2017-8809 mediawiki>1.28<1.28.3 reflected-file-download https://nvd.nist.gov/vuln/detail/CVE-2017-8809 mediawiki>1.29<1.29.2 reflected-file-download https://nvd.nist.gov/vuln/detail/CVE-2017-8809 mediawiki<1.27.4 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2017-8810 mediawiki>1.28<1.28.3 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2017-8810 mediawiki>1.29<1.29.2 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2017-8810 mediawiki<1.27.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8811 mediawiki>1.28<1.28.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8811 mediawiki>1.29<1.29.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8811 mediawiki<1.27.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8812 mediawiki>1.28<1.28.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8812 mediawiki>1.29<1.29.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8812 mediawiki<1.27.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8814 mediawiki>1.28<1.28.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8814 mediawiki>1.29<1.29.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8814 mediawiki<1.27.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8815 mediawiki>1.28<1.28.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8815 mediawiki>1.29<1.29.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8815 libbpg-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-13135 libbpg-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-13136 libbpg-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14034 procmail<3.22nb5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-16844 opensaml<2.6.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-16853 varnish<4.1.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-8807 python27<2.7.14 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000158 python34<3.4.8 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000158 python35<3.5.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000158 optipng-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000229 ldns<1.6.17nb5 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-1000231 ldns<1.6.17nb6 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-1000232 trafficserver>5.1<5.1.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2014-3624 root<6.9.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-1000203 lynx<2.8.8.2nb9 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-1000211 exiv2<0.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-1000126 exiv2<0.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000127 exiv2<0.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-1000128 qemu<2.11.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-16845 subversion>1.8<1.8.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2013-4246 trafficserver>5.3<5.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-3249 ming-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-16883 icinga-base-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-16882 bftpd<4.7 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-16892 php{56,70,71,72}-concrete5<5.6.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-5107 php{56,70,71,72}-concrete5<5.6.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2014-5108 php{56,70,71,72}-tt-rss-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-16896 moodle<3.3.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15110 ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-16898 fig2dev<3.2.6anb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16899 webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0009.html webkit-gtk<2.18.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0009.html webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0007.html webkit-gtk<2.16.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0007.html exim<4.90 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16944 exim<4.90 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-16943 libsndfile<1.0.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16942 optipng-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-16938 libxml2<2.9.5 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-16932 libxml2<2.9.5 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-16931 cacti<1.0.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-10700 mit-krb5<1.16.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-15088 rpm<4.13.0.2 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-7501 ncurses<6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16879 slurm>=2.4.0pre4<16.05.11 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-15566 slurm>=17<17.02.9 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-15566 slurm>=17.11<17.11.0rc2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-15566 wordpress<4.9 cross-domain-flash-injection https://nvd.nist.gov/vuln/detail/CVE-2016-9263 php{56,70,71,72}-ja-wordpress<4.9 cross-domain-flash-injection https://nvd.nist.gov/vuln/detail/CVE-2016-9263 wordpress<4.8.3 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-16510 php{56,70,71,72}-ja-wordpress<4.8.3 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-16510 firefox52<52.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-25/ firefox<57.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/ thunderbird<52.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-26/ ffmpeg3<3.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-16840 ansible>=2.3<2.3.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-7550 ansible>=2.4<2.4.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-7550 asterisk>=13.0<13.18.1 buffer-overflow https://downloads.asterisk.org/pub/security/AST-2017-009.html asterisk>=14.0<14.7.1 buffer-overflow https://downloads.asterisk.org/pub/security/AST-2017-009.html asterisk>=15.0<15.1.1 buffer-overflow https://downloads.asterisk.org/pub/security/AST-2017-009.html asterisk>=13.0<13.18.1 buffer-overflow https://downloads.asterisk.org/pub/security/AST-2017-010.html asterisk>=14.0<14.7.1 buffer-overflow https://downloads.asterisk.org/pub/security/AST-2017-010.html asterisk>=15.0<15.1.1 buffer-overflow https://downloads.asterisk.org/pub/security/AST-2017-010.html asterisk>=13.0<13.18.1 multiple-vulnerabilities https://downloads.asterisk.org/pub/security/AST-2017-011.html asterisk>=14.0<14.7.1 multiple-vulnerabilities https://downloads.asterisk.org/pub/security/AST-2017-011.html asterisk>=15.0<15.1.1 multiple-vulnerabilities https://downloads.asterisk.org/pub/security/AST-2017-011.html evince<3.25.91 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000159 vim<8.0.1345 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2017-1000382 bzr<2.6.0nb1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14176 emacs20-[0-9]* insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2017-1000383 emacs21-[0-9]* insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2017-1000383 emacs21-nox11-[0-9]* insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2017-1000383 emacs25-[0-9]* insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2017-1000383 emacs25-nox11-[0-9]* insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2017-1000383 mrxvt-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages rxvt-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages webkit24-gtk{,3}-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages py{34,35,36}-borgbackup>=1.1.0<1.1.3 incorrect-access-controls https://nvd.nist.gov/vuln/detail/CVE-2017-15914 wordpress<4.9.1 multiple-vulnerabilities https://codex.wordpress.org/Version_4.9.1 php{56,70,71,72}-ja-wordpress<4.9.1 multiple-vulnerabilities https://codex.wordpress.org/Version_4.9.1 tiff<4.0.9nb1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17095 asterisk>=13.0<13.18.3 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-013.html asterisk>=14.0<14.7.3 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-013.html asterisk>=15.0<15.1.3 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-013.html vim<8.0.1263 insecure-temporary-files https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17087 wireshark>=2.2.0<2.2.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2017-47.html wireshark>=2.4.0<2.4.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2017-47.html wireshark>=2.2.0<2.2.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2017-48.html wireshark>=2.4.0<2.4.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2017-48.html wireshark>=2.2.0<2.2.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2017-49.html wireshark>=2.4.0<2.4.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2017-49.html php{56,70,71}-piwigo-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-16893 libXcursor<1.1.15 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-16612 libXfont<1.5.4 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-16611 libXfont2<2.0.3 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-16611 adobe-flash-player<27.0.0.130 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb17-28.html binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17080 php>=5.6<5.6.32 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-16642 php>=7.0<7.0.25 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-16642 php>=7.1<7.1.11 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-16642 curl>=7.56.0<7.57.0 out-of-bounds-read https://curl.haxx.se/docs/adv_2017-af0a.html curl>=7.21.0<7.57.0 out-of-bounds-read https://curl.haxx.se/docs/adv_2017-ae72.html curl>=7.36.0<7.57.0 buffer-overflow https://curl.haxx.se/docs/adv_2017-12e7.html radare2<2.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16805 xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-246.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-246.html xenkernel46<4.6.6nb2 denial-of-service https://xenbits.xen.org/xsa/advisory-246.html xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-246.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-247.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-247.html xenkernel46<4.6.6nb2 denial-of-service https://xenbits.xen.org/xsa/advisory-247.html xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-247.html ruby{22,23,24,25,26}-yard<0.9.11 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2017-17042 graphicsmagick-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16669 kmplayer-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16952 cacti<1.1.28 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-16785 samba<4.6.11 information-leak https://www.samba.org/samba/security/CVE-2017-15275.html samba>4<4.6.11 use-after-free https://www.samba.org/samba/security/CVE-2017-14746.html rsync<3.1.2nb2 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-17433 rsync<3.1.2nb2 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-17434 openssl<1.0.2n multiple-vulnerabilities https://www.openssl.org/news/secadv/20171207.txt openjpeg<2.3.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-17479 openjpeg<2.3.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-17480 libsndfile<1.0.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16942 libsndfile<1.0.28nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17456 libsndfile<1.0.28nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17457 libextractor<1.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17440 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16883 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16898 fossil<2.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-17459 nss<3.49 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11695 nss<3.49 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11696 nss<3.49 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2017-11697 nss<3.49 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11698 ImageMagick<7.0.7.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17914 ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17914 ImageMagick<7.0.7.17 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17934 ImageMagick6-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17934 ImageMagick<7.0.7.16 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17884 ImageMagick6<6.9.9.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17884 ImageMagick<7.0.7.12 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17885 ImageMagick6<6.9.9.24 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17885 ImageMagick<7.0.7.16 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17887 ImageMagick6<6.9.9.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17887 ImageMagick<7.0.7.12 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17886 ImageMagick6<6.9.9.24 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17886 ImageMagick<7.0.7.12 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17883 ImageMagick6<6.9.9.24 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17883 ImageMagick<7.0.7.12 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17882 ImageMagick6<6.9.9.24 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17882 ImageMagick<7.0.7.16 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17879 ImageMagick6<6.9.9.28 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17879 ImageMagick<7.0.7.12 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17881 ImageMagick6<6.9.9.24 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17881 ImageMagick<7.0.7.12 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17504 ImageMagick6<6.9.9.24 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17504 ImageMagick<7.0.7.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17682 ImageMagick6<6.9.9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17682 ImageMagick<7.0.7.12 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-17681 ImageMagick6<6.9.9.24 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-17681 ImageMagick<7.0.7.12 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17680 ImageMagick6<6.9.9.24 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17680 ImageMagick6<6.9.9.24 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-17499 ImageMagick<7.0.7.12 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-17499 ffmpeg3<3.2.6 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-9608 ffmpeg3>=3.3<3.3.3 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-9608 ffmpeg2<2.8.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17081 ffmpeg3<3.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17081 aubio<0.4.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17555 h2o<2.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10908 h2o<2.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10869 h2o<2.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10872 h2o<2.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10868 GraphicsMagick<1.3.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17503 GraphicsMagick<1.3.28 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17782 GraphicsMagick<1.3.28 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17783 GraphicsMagick<1.3.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17502 GraphicsMagick<1.3.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17500 GraphicsMagick<1.3.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17501 GraphicsMagick<1.3.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17498 GraphicsMagick<1.3.28 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17913 GraphicsMagick<1.3.28 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17912 GraphicsMagick<1.3.28 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17915 icu<60.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17484 seamonkey-enigmail<1.9.9 signature-spoofing https://nvd.nist.gov/vuln/detail/CVE-2017-17848 seamonkey-enigmail<1.9.9 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2017-17845 seamonkey-enigmail<1.9.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17846 seamonkey-enigmail<1.9.9 spoofing https://nvd.nist.gov/vuln/detail/CVE-2017-17843 seamonkey-enigmail<1.9.9 signature-spoofing https://nvd.nist.gov/vuln/detail/CVE-2017-17847 seamonkey-enigmail<1.9.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-17847 thunderbird-enigmail<1.9.9 signature-spoofing https://nvd.nist.gov/vuln/detail/CVE-2017-17848 seamonkey-enigmail<1.9.9 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2017-17845 seamonkey-enigmail<1.9.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17846 thunderbird-enigmail<1.9.9 spoofing https://nvd.nist.gov/vuln/detail/CVE-2017-17843 thunderbird-enigmail<1.9.9 signature-spoofing https://nvd.nist.gov/vuln/detail/CVE-2017-17847 thunderbird-enigmail<1.9.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-17847 php{56,70,71,72}-piwigo-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-17774 php{56,70,71,72}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-17775 php{56,70,71,72}-piwigo-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17823 php{56,70,71,72}-piwigo-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17822 php{56,70,71,72}-piwigo-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17824 php{56,70,71,72}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-17825 php{56,70,71,72}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-17826 php{56,70,71,72}-piwigo-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-17827 ruby{22,23,24}-puppet<3.6.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-3250 ruby{22,23,24}-puppet<1.6.0 code-injection https://nvd.nist.gov/vuln/detail/CVE-2016-5713 adobe-flash-player<27.0.0.187 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb17-33.html nasm<2.13.02 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-17817 nasm<2.13.02 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17819 nasm<2.13.02 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-17820 nasm<2.13.02 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-17816 nasm<2.13.02 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17818 nasm<2.13.02 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-17814 nasm<2.13.02 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17815 nasm<2.13.02 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17810 nasm<2.13.02 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-17813 nasm<2.13.02 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17811 nasm<2.13.02 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17812 hdf5<1.10.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17508 hdf5<1.10.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-17509 hdf5<1.10.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17506 hdf5<1.10.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17507 hdf5<1.10.3 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-17505 phabricator<20171110 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-17536 gimp<2.10.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17784 gimp<2.10.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17785 gimp<2.10.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17786 gimp<2.10.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17787 gimp<2.10.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17788 gimp<2.10.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17789 nodejs>=8<8.9.3 uninitialized-buffer https://nvd.nist.gov/vuln/detail/CVE-2017-15897 nodejs>=9<9.2.1 uninitialized-buffer https://nvd.nist.gov/vuln/detail/CVE-2017-15897 xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-249.html xenkernel46<4.6.6nb2 denial-of-service https://xenbits.xen.org/xsa/advisory-249.html xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-249.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-248.html xenkernel46<4.6.6nb2 denial-of-service https://xenbits.xen.org/xsa/advisory-248.html xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-248.html xenkernel46<4.6.6nb2 denial-of-service https://xenbits.xen.org/xsa/advisory-250.html xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-250.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-251.html xenkernel46<4.6.6nb2 denial-of-service https://xenbits.xen.org/xsa/advisory-251.html xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-251.html binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17121 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17122 binutils<2.30 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-17123 binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17124 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17125 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17126 asterisk>=13.0<13.18.5 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-014.html asterisk>=14.0<14.7.5 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-014.html asterisk>=15.0<15.1.5 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-014.html asterisk>=14.0<14.7.3 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-013.html asterisk>=15.0<15.1.3 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-013.html asterisk>=13.0<13.18.3 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-013.html asterisk>=13.0<13.18.4 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-012.html asterisk>=14.0<14.7.4 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-012.html asterisk>=15.0<15.1.4 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-012.html wireshark<2.2.12 buffer-underflow https://nvd.nist.gov/vuln/detail/CVE-2017-17935 wireshark<2.2.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17085 wireshark>=2.4<2.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17085 wireshark<2.2.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17084 wireshark>=2.4<2.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17084 wireshark<2.2.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17083 wireshark>=2.4<2.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17083 tidy<5.6.0nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17497 jenkins-[0-9]* cross-site-scripting https://jenkins.io/security/advisory/2017-12-05/ openafs<1.6.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17432 lilypond-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17523 qemu<2.11.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17381 py{27,34,35,36}-mercurial<4.4.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-17458 ruby{22,23,24}-net-ldap<0.16.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2017-17718 ruby24-base<2.4.3 dns-hijacking https://nvd.nist.gov/vuln/detail/CVE-2017-17790 ruby24-base<2.4.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17405 ruby23-base<2.3.6 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17405 ruby22-base<2.2.9 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17405 ruby23-base<2.3.6 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-0903 ruby22-base<2.2.9 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-0903 abiword-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17529 aubio<0.4.7 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-17554 aubio<0.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17054 tiff<4.0.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17942 tkabber-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17533 geomview-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17530 exiv2<0.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17669 libXcursor<1.1.15 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-16612 sylpheed-[0-9]* command-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17517 fontforge-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17521 global<6.6.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17531 ocaml-batteries-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17519 swi-prolog-lite-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17524 scummvm<2.2.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17528 py{27,34,35,36}-kiwi-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17532 ruby{22,23,24}-nexpose-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17532 vlc<3.0.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2017-17670 most-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-1253 tor>=0.3.1<0.3.1.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8819 tor>=0.3.1<0.3.1.9 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-8820 tor>=0.3.1<0.3.1.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8821 tor>=0.3.1<0.3.1.9 weak-anonymity https://nvd.nist.gov/vuln/detail/CVE-2017-8822 heimdal<7.5.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-17439 php{56,70,71,72}-contao35<3.5.31 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-16558 php{56,70,71,72}-contao44<4.4.8 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-16558 wireshark<2.2.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17997 webmin<1.870 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-17089 tiff<4.0.10 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-17973 graphicsmagick-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17782 graphicsmagick-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17783 apache-2.2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages exiv2<0.27 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18005 magento<2.1.2 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2016-10704 ImageMagick<7.0.7.16 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17880 ImageMagick6<6.9.9.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17880 opencv<3.4.0 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17760 py{27,33,34,35,36}-mistune<0.8.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-16876 nodejs>=8<8.9.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-15897 nodejs>=9<9.2.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-15897 mupdf<1.12.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17866 irssi<1.0.6 multiple-vulnerabilities https://irssi.org/security/irssi_sa_2018_01.txt syncthing<0.14.34 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2017-1000420 phpmyadmin<4.7.7 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-1000499 gifsicle<1.90 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-1000421 awstats-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-1000501 ImageMagick<7.0.7.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-13758 ImageMagick6<6.9.9.11 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-13758 ImageMagick<7.0.7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13769 ImageMagick6<6.9.9.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13769 libraw<0.18.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16909 libraw<0.18.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16910 poppler-utils<0.57.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9775 poppler-utils<0.57.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9776 poppler<0.60.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14975 poppler<0.60.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14976 poppler<0.60.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14977 tex-context<2024 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17513 tex-lualibs<2.61 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17513 ruby{22,23,24,25}-rails-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17920 ImageMagick<7.0.7.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18008 opencv<3.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-18009 tiff<4.0.9nb5 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18013 libwildmidi<0.4.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000418 ImageMagick<7.0.7.5 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-1000445 ImageMagick6<6.9.9.17 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-1000445 poppler<0.61.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000456 gdk-pixbuf2<2.36.11 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000422 miniupnpd<2.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000494 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-4868 ffmpeg3<3.2.3 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-1000460 poco<1.8.0 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-1000472 coreutils<8.29 temporary-file-race https://nvd.nist.gov/vuln/detail/CVE-2017-18018 erlang<18.3.4.7 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2017-1000385 erlang>=19<19.3.6.4 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2017-1000385 erlang>=20<20.1.7 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2017-1000385 xenkernel410-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5244 openldap-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17740 ImageMagick<7.0.7.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5247 ImageMagick6<6.9.9.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5247 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5251 podofo<0.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5296 py{27,34,35,36}-numpy<1.8.1 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2014-1858 py{27,34,35,36}-numpy<1.8.1 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2014-1859 p5-Clipboard-[0-9]* temporary-file-race https://nvd.nist.gov/vuln/detail/CVE-2014-5509 teamspeak-client-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-7221 teamspeak-client-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-7222 mono<3.12.1 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2015-2318 mono<3.12.1 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2015-2319 mono<3.12.1 ssl-downgrade https://nvd.nist.gov/vuln/detail/CVE-2015-2320 adobe-flash-player<28.0.0.126 data-manipulation https://helpx.adobe.com/security/products/flash-player/apsb17-42.html magento<2.0.10 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-5301 ffmpeg2<2.4.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-1208 podofo<0.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5308 podofo<0.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5309 ruby{22,23,24,25}-puppet>=3.7<3.8.1 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2015-4100 qemu<2.11.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15124 ruby{22,23,24,25}-rails-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17916 ruby{22,23,24,25}-rails-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17917 ruby{22,23,24,25}-rails-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17919 ruby{22,23,24,25}-redmine<3.2.9 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-18026 ruby{22,23,24,25}-redmine>=3.3<3.3.6 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-18026 ruby{22,23,24,25}-redmine>=3.4<3.4.4 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-18026 adobe-flash-player<28.0.0.137 out-of-bounds-read https://helpx.adobe.com/security/products/flash-player/apsb18-01.html thunderbird-enigmail<1.9.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-17844 seamonkey-enigmail<1.9.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-17844 wireshark<2.2.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5334 wireshark>=2.4<2.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5334 wireshark<2.2.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5335 wireshark>=2.4<2.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5335 wireshark<2.2.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5336 wireshark>=2.4<2.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5336 cups<1.6 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2014-8166 qemu<1.7.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2014-3471 ImageMagick<7.0.7.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5357 ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5357 ImageMagick<7.0.7.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5358 ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5358 ImageMagick<7.0.7.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000476 ImageMagick6<6.9.9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000476 ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18027 ImageMagick6<6.9.9.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18027 ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18028 ImageMagick6<6.9.9.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18028 ImageMagick<7.0.7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18029 ImageMagick6<6.9.9.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18029 lrzip-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5650 xmltooling<1.6.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-0486 GraphicsMagick<1.3.28 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5685 mupdf<1.13.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5686 tiff<4.0.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-5360 php{56,70,71,72}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-5692 webkit-gtk<2.18.5 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2018-0001.html libxml2<2.9.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-15412 mysql-client>=5.6<5.6.39 denial-of-service http://seclists.org/oss-sec/2018/q1/59 mysql-client>=5.7<5.7.21 denial-of-service http://seclists.org/oss-sec/2018/q1/59 asterisk>=11<12 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-server>=5.5<5.5.59 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL mysql-server>=5.6<5.6.39 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL mysql-server>=5.7<5.7.21 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL mariadb-server>=5.5<5.5.59 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL oracle-{jdk,jre}8<8.0.162 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA openjdk8<1.8.162 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA ImageMagick<7.0.7.21 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-5246 ImageMagick6<6.9.9.33 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-5246 ImageMagick<7.0.7.21 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-18022 ImageMagick6<6.9.9.33 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-18022 ImageMagick<7.0.7.21 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-5248 ImageMagick6<6.9.9.33 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-5248 openjpeg<2.3.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-5785 openjpeg<2.3.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-5727 lrzip-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-5747 lrzip-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5786 podofo<0.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5783 tiff<4.0.9nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5784 opencv<3.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000450 mit-krb5<1.16.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-5710 wordpress<4.9.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-5776 php{56,70,71,72}-ja-wordpress<4.9.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-5776 py{27,34,35,36}-markdown2-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-5773 guacamole-server-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-3158 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5772 openocd-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-5704 rsync<3.1.2nb3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-5764 gd<2.3.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5711 php56-gd<5.6.33 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5711 php70-gd<7.0.27 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5711 php71-gd<7.1.13 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5711 php72-gd<7.2.1 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5711 php>=5.6<5.6.36 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-5712 php>=7.0<7.0.30 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-5712 php>=7.1<7.1.17 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-5712 php>=7.2<7.2.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-5712 libdwarf>=20130126<20150806 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2014-9482 firefox52<52.6 side-channel https://www.mozilla.org/en-US/security/advisories/mfsa2018-01/ firefox<57.0.4 side-channel https://www.mozilla.org/en-US/security/advisories/mfsa2018-01/ firefox52<52.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/ firefox52<52.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-04/ firefox<58.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/ mpv<0.27.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-6360 ming-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-6358 ming-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-6359 ming-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-6315 podofo<0.9.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-5295 podofo<0.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6352 clamav<0.99.3 multiple-vulnerabilities http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html binutils<2.31 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-6323 opencv<3.4.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-5268 opencv<3.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5269 dovecot>=2.0<2.2.33.2 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-15132 jenkins<2.84 multiple-vulnerabilities https://jenkins.io/security/advisory/2017-10-11/ jenkins-lst<2.73.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2017-10-11/ jenkins<2.89 multiple-vulnerabilities https://jenkins.io/security/advisory/2017-11-08/ jenkins-lts<2.73.3 multiple-vulnerabilities https://jenkins.io/security/advisory/2017-11-08/ libvirt<4.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5748 w3m<0.5.3.0.20180125 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6196 w3m<0.5.3.0.20180125 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-6197 w3m<0.5.3.0.20180125 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2018-6198 mupdf<1.13.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6192 libreoffice{,5-bin}<5.4.5 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6871 openssh<7.4 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2016-10708 mupdf<1.13.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17858 pdns-recursor>=4.1.0<4.1.1 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000003 knot<1.5.2 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000002 moodle<3.4.1 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-1042 moodle<3.4.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1043 moodle<3.4.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1044 moodle<3.3.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1045 libtasn1<4.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6003 pdns-recursor>=4.0.0<4.0.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15092 pdns-recursor>=4.0.0<4.0.7 dnssec-validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-15090 pdns-recursor<4.0.7 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-15093 pdns-recursor>=4.0.0<4.0.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15094 powerdns<4.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15091 unbound<1.6.8 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2017-15105 dnsmasq-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2017-15107 qemu<2.11.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18030 mailman<2.1.26 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-5950 qemu<2.11.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5683 modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12176 modular-xorg-server<1.19.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12177 modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12178 modular-xorg-server<1.19.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12179 modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12180 modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12181 modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12182 modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12183 modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12184 modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12185 modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12187 modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12186 mupdf<1.13.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-6187 jenkins<2.95 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-1000504 jenkins-lts<2.89.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-1000504 jenkins<2.95 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-1000503 jenkins-lts<2.89.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-1000503 curl>=7.49.0<7.58.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-1000005 curl>=6.0<7.58.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1000007 jenkins<2.57 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-1000353 jenkins-lts<2.46.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-1000353 jenkins<2.57 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-1000354 jenkins-lts<2.46.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-1000354 jenkins<2.57 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-1000356 jenkins-lts<2.46.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-1000356 jenkins<2.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000355 jenkins-lts<2.46.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000355 irssi<1.0.7 multiple-vulnerabilities https://irssi.org/security/html/irssi_sa_2018_02/ irssi>=1.1.0<1.1.1 multiple-vulnerabilities https://irssi.org/security/html/irssi_sa_2018_02/ zziplib<0.13.68 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6381 pound<2.8 http-response-smuggling https://nvd.nist.gov/vuln/detail/CVE-2016-10711 gcpio-[0-9]* arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-7516 ptex<2.1.33 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-3835 ffmpeg2<2.8.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-6392 ffmpeg3<3.4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-6392 p7zip<16.02nb2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-17969 mantis-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-6382 xpdf<3.02 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2011-2902 ffmpeg2<2.4.6 integer-underflow https://nvd.nist.gov/vuln/detail/CVE-2015-1208 ImageMagick6<6.9.9.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6405 ImageMagick<7.0.7.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6405 apache-tomcat>=7.0.79<7.0.84 unexpected-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-15706 apache-tomcat>=8.0.45<8.0.48 unexpected-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-15706 apache-tomcat>=8.5.16<8.5.24 unexpected-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-15706 ming-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-5294 p7zip<18.00 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2018-5996 qemu<2.10.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-18043 zziplib<0.13.68 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6484 zabbix<2.3.2 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2014-3005 gifsicle<1.91 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-18120 mantis<2.11.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-6526 zziplib<0.13.68 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6541 zziplib<0.13.68 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6540 zziplib<0.13.68 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6542 mupdf<1.13.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6544 binutils<2.31 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-6543 patch<2.2.5 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2015-1416 py{27,34,35,36}-django<1.11.10 information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-6188 py{27,34,35,36}-crypto-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-6594 openjpeg<2.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6616 libopenmpt<0.3.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-6611 jhead-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-6612 ffmpeg3<3.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6621 thttpd<2.28 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17663 mini_httpd<1.28 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17663 wordpress-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6389 py{27,34,35,36}-uwsgi<2.0.16 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-6758 adobe-flash-player<28.0.0.161 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb18-03.html binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6759 wavpack<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6767 GraphicsMagick<1.3.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6799 audacity<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-2541 proftpd<1.2.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2001-0136 audacity<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-2540 libxml2<2.9.5 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2017-5130 go<1.8.7 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-6574 go>=1.9.0<1.9.4 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-6574 python27<2.7.15 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000030 wireshark<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6836 ffmpeg010<0.11 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2012-5359 ffmpeg010<0.11 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2012-5360 exim{,3}<4.90.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-6789 php<5.5.32 unspecified https://nvd.nist.gov/vuln/detail/CVE-2016-10712 php>=5.6<5.6.18 unspecified https://nvd.nist.gov/vuln/detail/CVE-2016-10712 php>=7.0<7.0.3 unspecified https://nvd.nist.gov/vuln/detail/CVE-2016-10712 postgresql93-server<9.3.21 multiple-vulnerabilities https://www.postgresql.org/about/news/1829/ postgresql94-server<9.4.16 multiple-vulnerabilities https://www.postgresql.org/about/news/1829/ postgresql95-server<9.5.11 multiple-vulnerabilities https://www.postgresql.org/about/news/1829/ postgresql96-server<9.6.7 multiple-vulnerabilities https://www.postgresql.org/about/news/1829/ postgresql10-server<10.2 multiple-vulnerabilities https://www.postgresql.org/about/news/1829/ transmission<2.93 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2018-5702 zziplib<0.13.68 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6381 binutils<2.31 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-6872 zziplib<0.13.69 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6869 libfpx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6876 fish<2.1.1 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2014-3219 ruby{22,23,24,25}-puppet<5.3.4 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2017-10689 ruby{22,23,24,25}-puppet<5.3.4 information-leak https://nvd.nist.gov/vuln/detail/CVE-2017-10690 squid>=3.0<3.5.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000024 git-base<2.15.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2018-1000021 squid>=3.0<3.5.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000027 unzip-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000035 librsvg<2.40.20 input-validation https://nvd.nist.gov/vuln/detail/CVE-2018-1000041 mupdf<1.13.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-1000051 ffmpeg3-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6912 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17722 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17723 exiv2<0.27 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17725 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17724 mariadb-server<10.1.30 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-15365 mbedtls>=1.3.8<1.3.22 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-0487 mbedtls>=2.1<2.1.10 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-0487 mbedtls>=1.3.0<1.3.22 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-0488 mbedtls>=2.1<2.1.10 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-0488 ImageMagick<7.0.7.23 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-6930 freetype2<2.9.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-6942 qpdf<7.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-9252 qpdf<7.0.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-18183 qpdf<7.0.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-18186 qpdf<7.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-18184 qpdf<7.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-18185 patch<2.7.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-10713 patch<2.7.6nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6951 patch<2.7.6nb1 double-free https://nvd.nist.gov/vuln/detail/CVE-2018-6952 mbedtls<2.7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18187 sox-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18189 jenkins<2.107 information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-1000067 jenkins-lts<2.89.4 information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-1000067 jenkins<2.107 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1000068 jenkins-lts<2.89.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1000068 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7173 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7174 xpdf<4.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-7175 cups<2.2.2 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-18190 leptonica<1.75.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7186 php{56,70,71}-tiki6<18.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-7188 go<1.10.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-7187 bind>=9.9.0<9.9.11 denial-of-service https://kb.isc.org/article/AA-01542/0/CVE-2017-3145 bind>=9.10.0<9.10.6 denial-of-service https://kb.isc.org/article/AA-01542/0/CVE-2017-3145 tiff<4.0.9 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-11335 quagga<1.2.3 sensitive-information-disclosure https://www.quagga.net/security/Quagga-2018-0543.txt quagga<1.2.3 double-free https://www.quagga.net/security/Quagga-2018-1114.txt quagga<1.2.3 out-of-bounds-read https://www.quagga.net/security/Quagga-2018-1550.txt quagga>=0.99.9<1.2.3 infinite-loop https://www.quagga.net/security/Quagga-2018-1975.txt webkit-gtk<2.18.6 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2018-0002.html binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7208 bugzilla<5.0.4 sensitive-information-disclosure https://www.bugzilla.org/security/4.4.12/ leptonica<1.76.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7247 libvncserver<0.9.12 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7225 php{56,70,71,72}-fpm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-9253 libxml2<2.9.7 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2017-7375 libxml2<2.9.7 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-7376 wavpack<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7253 wavpack<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7254 libid3tag-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2004-2779 libmad-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7263 wpa_supplicant<2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5315 wpa_supplicant<2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5316 elinks-[0-9]* remote-spoofing https://nvd.nist.gov/vuln/detail/CVE-2012-6709 unixodbc<2.3.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7409 php{56,70,71}-tiki6-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-7302 php{56,70,71}-tiki6-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-7303 php{56,70,71}-tiki6-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-7304 asterisk>=13.0<13.19.2 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-004.html asterisk>=14.0<14.7.6 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-004.html asterisk>=15.0<15.2.2 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-004.html asterisk>=13.0<13.19.2 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-005.html asterisk>=14.0<14.7.6 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-005.html php{56,70,71,72}-drupal<7.57 multiple-vulnerabilities https://www.drupal.org/sa-core-2018-001 php{56,70,71,72}-drupal>8<8.4.5 multiple-vulnerabilities https://www.drupal.org/sa-core-2018-001 xpdf<4.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-7452 xpdf<4.05 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-7453 xpdf<4.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-7454 xpdf<4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-7455 php{56,70,71,72}-piwigo<2.9.3 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-6883 libcdio<1.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18199 libcdio<1.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18198 leptonica<1.75.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-7440 leptonica<1.76.0 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2018-7441 leptonica<1.76.0 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-7442 leptonica<1.75.0 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-18196 ImageMagick6<6.9.9.36 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7443 ImageMagick<7.0.7.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7443 freexl<1.0.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7435 freexl<1.0.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7436 freexl<1.0.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7437 freexl<1.0.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7438 freexl<1.0.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7439 apache-tomcat>=7.<7.0.85 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1305 apache-tomcat>=8.<8.0.50 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1305 apache-tomcat>=8.5.0<8.5.28 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1305 mp4v2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7339 wireshark<2.2.13 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-05.html wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-05.html wireshark<2.2.13 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-06.html wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-06.html wireshark<2.2.13 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-07.html wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-07.html wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-08.html wireshark<2.2.13 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-09.html wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-09.html wireshark<2.2.13 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-10.html wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-10.html wireshark<2.2.13 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-11.html wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-11.html wireshark<2.2.13 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-12.html wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-12.html wireshark<2.2.13 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-13.html wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-13.html wireshark<2.2.13 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-14.html wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-14.html php{56,70,71,72}-concrete5<8.3.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-18195 libcdio<2.0.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-18201 ImageMagick<7.0.7.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7470 ImageMagick6<6.9.9.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7470 unixodbc<2.3.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7485 py{27,34,35,36}-uwsgi<2.0.17 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-7490 xmltooling<1.6.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-0489 zsh<5.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-18206 trafficserver<7.0.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-5660 xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-252.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-252.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-252.html xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-252.html zsh<5.4.2nb1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-7548 xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-255.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-255.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-255.html xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-255.html xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-256.html zsh<5.4.2nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7549 ffmpeg2<2.8.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7557 ffmpeg3<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7557 apache-tomcat>=7.0.0<7.0.85 unauthorised-access https://nvd.nist.gov/vuln/detail/CVE-2018-1304 apache-tomcat>=8.0.0<8.0.50 unauthorised-access https://nvd.nist.gov/vuln/detail/CVE-2018-1304 apache-tomcat>=8.5.0<8.5.28 unauthorised-access https://nvd.nist.gov/vuln/detail/CVE-2018-1304 binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7568 binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7569 binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7570 xerces-c<3.2.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-12627 qemu<2.12.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-7550 ImageMagick<7.0.7.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18209 ImageMagick6<6.9.9.18 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18209 curl<7.59.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000122 libvorbis<1.3.6 remote-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/ tremor<1.0.2.20180316 remote-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/ seamonkey<2.49.2nb3 remote-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/ firefox52<52.7.2nb1 remote-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/ firefox45-[0-9]* remote-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/ firefox<59.0.1 remote-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/ squirrelmail<1.4.23pre14764 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2018-8741 zsh<5.0.7 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2014-10070 zsh<5.4.2nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1071 zsh<5.4.2nb1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1083 zsh<5.4 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18205 zsh<5.0.7 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-10071 zsh<5.0.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-10072 zsh<5.3 off-by-one https://nvd.nist.gov/vuln/detail/CVE-2016-10714 ImageMagick<7.0.7.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7470 ImageMagick6<6.9.9.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7470 ImageMagick<7.0.7.7 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18211 ImageMagick6<6.9.9.19 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18211 ImageMagick<7.0.7.7 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18210 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8106 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8107 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8105 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8103 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8104 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8102 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8100 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8101 exempi<2.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18236 exempi<2.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18238 exempi<2.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18235 exempi<2.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18237 exempi<2.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18233 exempi<2.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18234 exempi<2.4.5 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-7731 exempi<2.4.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7730 exempi<2.4.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7729 exempi<2.4.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7728 php{56,70,71,72}-piwigo<2.6.2 cross-site-request-forgeries https://nvd.nist.gov/vuln/detail/CVE-2014-4613 php{56,70,71,72}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-7724 php{56,70,71,72}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-7723 php{56,70,71,72}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-7722 sqlite3<3.23.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-8740 php>=5.6<5.6.34 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7584 php>=7.0<7.0.28 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7584 php>=7.1<7.1.14 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7584 php>=7.2<7.2.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7584 dovecot<2.2.34 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15130 dovecot<2.2.34 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-14461 postgresql93-server<9.3.22 multiple-vulnerabilities https://www.postgresql.org/about/news/1834/ postgresql94-server<9.4.17 multiple-vulnerabilities https://www.postgresql.org/about/news/1834/ postgresql95-server<9.5.12 multiple-vulnerabilities https://www.postgresql.org/about/news/1834/ postgresql96-server<9.6.8 multiple-vulnerabilities https://www.postgresql.org/about/news/1834/ postgresql10-server<10.3 multiple-vulnerabilities https://www.postgresql.org/about/news/1834/ binutils<2.31 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-7642 binutils<2.31 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7643 openjpeg<2.3.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7648 nodejs>=8<11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7651 xv<3.10anb24 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-18215 tor<0.2.9.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-0490 tor>=0.3.1<0.3.1.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-0490 tor>=0.3.2<0.3.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-0490 tor>=0.3.2<0.3.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-0491 memcached<1.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000115 GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18219 GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18220 phpmyadmin<4.7.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-7260 mit-krb5>=1.6<1.16.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5729 mit-krb5>=1.6<1.16.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-5730 ntp<4.2.8p7 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-7170 ntp<4.2.8p11 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-7182 ntp<4.2.8p11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7184 ntp<4.2.8p11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7185 zziplib<0.13.69 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7725 zziplib<0.13.69 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7726 zziplib<0.13.69 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-7727 gcc48<4.8.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-5044 net-snmp<5.7.3 command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000116 ruby{22,23,24,25}-rack-protection<2.0.0 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-1000119 gpac<0.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7752 py{27,34,35,36}-bleach>=2.1<2.1.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2018-7753 ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-7866 ming-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7867 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7868 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7869 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7870 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7871 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7872 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7873 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7874 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7875 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7876 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7877 calibre<3.19.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-7889 ntp>=4.2.8p6<4.2.8p11 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-7183 php{56,70,71}-tiki6<18.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-7290 py{27,34,35,36}-django>=1.8<1.8.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7536 py{27,34,35,36}-django>=1.11<1.11.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7536 py{27,34,35,36}-django>=2.0<2.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7536 py{27,34,35,36}-django>=1.8<1.8.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7537 py{27,34,35,36}-django>=1.11<1.11.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7537 py{34,35,36}-django>=2.0<2.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7537 graphite2<1.3.12 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-7999 podofo<0.9.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8000 podofo<0.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8001 podofo-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-8002 postgresql10-server<10.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1052 tiff<4.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-8129 tiff<4.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-8130 tiff<4.0.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-5314 jasper<2.0.11 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2016-9600 py{34,35,36}-asyncssh<1.12.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-7749 gsharutils-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000097 glpi<9.2.2 temporary-file-race https://nvd.nist.gov/vuln/detail/CVE-2018-7562 glpi<9.2.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-7563 qemu<2.12.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7858 isc-dhclient<4.3.6p1 denial-of-service https://kb.isc.org/article/AA-01565/75/CVE-2018-5732 isc-dhcpd<4.3.6p1 denial-of-service https://kb.isc.org/article/AA-01541/0/CVE-2017-3144 isc-dhcpd<4.3.6p1 denial-of-service https://kb.isc.org/article/AA-01567/75/CVE-2018-5733 trafficserver<7.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7671 magento<1.9.3.8 cross-site-request-forgery https://www.defensecode.com/advisories/DC-2018-03-001-Magento-Backups-Cross-Site-Request-Forgery.pdf magento>=2.0<2.0.18 cross-site-scripting https://www.defensecode.com/advisories/DC-2018-03-003-Magento-Stored-XSS-Downloadable-Products.pdf magento>=2.1<2.1.12 cross-site-scripting https://www.defensecode.com/advisories/DC-2018-03-003-Magento-Stored-XSS-Downloadable-Products.pdf magento>=2.2<2.2.3 cross-site-scripting https://www.defensecode.com/advisories/DC-2018-03-003-Magento-Stored-XSS-Downloadable-Products.pdf magento>=2.0<2.0.18 cross-site-scripting https://www.defensecode.com/advisories/DC-2018-03-002-Magento-Multiple-Stored-XSS.pdf magento>=2.0<2.0.18 cross-site-scripting https://www.defensecode.com/advisories/DC-2018-03-004-Magento-Stored-XSS-Product-Attributes.pdf magento>=2.1<2.1.12 cross-site-scripting https://www.defensecode.com/advisories/DC-2018-03-004-Magento-Stored-XSS-Product-Attributes.pdf magento>=2.2<2.2.3 cross-site-scripting https://www.defensecode.com/advisories/DC-2018-03-004-Magento-Stored-XSS-Product-Attributes.pdf asterisk>=13.0<13.19.2 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-002.html asterisk>=14.0<14.7.6 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-002.html asterisk>=15.0<15.2.2 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-002.html asterisk>=13.0<13.19.2 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-003.html asterisk>=14.0<14.7.6 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-003.html asterisk>=15.0<15.2.2 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-003.html libvpx<1.7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13194 php{56,70,71,72}-tiki6-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-7394 php{56,70,71,72}-roundcube<1.3.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1000071 ruby22-base<2.2.9nb1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000073 ruby23-base<2.3.6nb2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000073 ruby24-base<2.4.3nb2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000073 ruby25-base<2.5.0nb2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000073 ruby22-base<2.2.9nb1 command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000074 ruby23-base<2.3.6nb2 command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000074 ruby24-base<2.4.3nb2 command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000074 ruby25-base<2.5.0nb2 command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000074 ruby22-base<2.2.9nb1 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1000075 ruby23-base<2.3.6nb2 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1000075 ruby24-base<2.4.3nb2 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1000075 ruby25-base<2.5.0nb2 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1000075 ruby22-base<2.2.9nb1 signature-spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000076 ruby23-base<2.3.6nb2 signature-spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000076 ruby24-base<2.4.3nb2 signature-spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000076 ruby25-base<2.5.0nb2 signature-spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000076 ruby22-base<2.2.9nb1 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000077 ruby23-base<2.3.6nb2 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000077 ruby24-base<2.4.3nb2 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000077 ruby25-base<2.5.0nb2 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000077 ruby22-base<2.2.9nb1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1000078 ruby23-base<2.3.6nb2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1000078 ruby24-base<2.4.3nb2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1000078 ruby25-base<2.5.0nb2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1000078 ruby22-base<2.2.9nb1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000079 ruby23-base<2.3.6nb2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000079 ruby24-base<2.4.3nb2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000079 ruby25-base<2.5.0nb2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000079 py{27,34,35,36}-bitmessage<0.6.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-1000070 clamav<0.99.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000085 samba>=3.6.0<4.6.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1050 samba>=4.0.0<4.6.14 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1057 py{27,34,35,36}-paramiko<2.4.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-7750 firefox52<52.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-07/ py{27,34,35,36}-notebook<5.4.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-8768 libvirt<4.1.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-6764 slurm>=2.4.0pre4<17.02.10 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-7033 slurm>=17.11<17.11.5 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-7033 webmin-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-8712 py{27,34,35,36}-mercurial<4.5.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1000132 curl<7.59.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000121 curl<7.59.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000120 libgit2<0.26.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8099 libgit2<0.26.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8098 memcached<1.4.37 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000127 GraphicsMagick<1.3.27 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18231 GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18229 GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18230 ImageMagick<7.0.7.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18250 ImageMagick6<6.9.9.17 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-18251 ImageMagick<7.0.7.10 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-18251 ImageMagick6<6.9.9.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18252 ImageMagick<7.0.7.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18252 ImageMagick<7.0.7.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18253 ImageMagick6<6.9.9.17 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-18254 ImageMagick<7.0.7.10 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-18254 ImageMagick6<6.9.9.39 double-free https://nvd.nist.gov/vuln/detail/CVE-2018-8804 ImageMagick<7.0.7.27 double-free https://nvd.nist.gov/vuln/detail/CVE-2018-8804 ImageMagick6<6.9.9.39 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8960 ImageMagick<7.0.7.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8960 ming-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-8806 ming-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-8807 ming-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-8961 ming-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-8962 ming-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-8963 ming-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-8964 ming-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-9009 jenkins<2.107 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-6356 jenkins-lts<2.89.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-6356 jasper<2.0.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9055 firefox<59.0.2 use-after-free https://www.mozilla.org/en-US/security/advisories/mfsa2018-10/ firefox52<52.7.3 use-after-free https://www.mozilla.org/en-US/security/advisories/mfsa2018-10/ seamonkey<2.49.3 use-after-free https://www.mozilla.org/en-US/security/advisories/mfsa2018-10/ apache<2.4.33 multiple-vulnerabilities https://httpd.apache.org/security/vulnerabilities_24.html#2.4.33 gpac<0.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000100 cups<2.2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18248 thunderbird<52.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/ seamonkey<2.49.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/ GraphicsMagick<1.3.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9018 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8976 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8977 netpbm<10.73.20 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8975 libressl<2.7.1 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2018-8970 librelp>=1.1.1<1.2.15 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000140 binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7570 tiff<4.0.9nb3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8905 nasm<2.13.02 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8881 nasm<2.14 buffer-underflow https://nvd.nist.gov/vuln/detail/CVE-2018-8882 nasm<2.14 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8883 radare2<2.5.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8808 radare2<2.6.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8809 radare2<2.5.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8810 php{56,70,71,72}-drupal>=7<7.58 remote-code-execution https://www.drupal.org/SA-CORE-2018-002 php{56,70,71,72}-drupal>=8.4<8.4.6 remote-code-execution https://www.drupal.org/SA-CORE-2018-002 php{56,70,71,72}-drupal>=8.5<8.5.1 remote-code-execution https://www.drupal.org/SA-CORE-2018-002 php{53,54,55}-owncloud<6.0.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2014-1665 php{53,54,55}-owncloud<5.0.15 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2014-2048 knot<1.5.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-0486 clamav<0.99.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-0202 ruby{22,23,24,25}-loofah<2.2.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-8048 openssl<1.0.2o multiple-vulnerabilities https://www.openssl.org/news/secadv/20180327.txt openssl>=1.1.0<1.1.0h multiple-vulnerabilities https://www.openssl.org/news/secadv/20180327.txt lrzip-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-9058 libvirt<4.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1064 php{56,70,71,72}-nextcloud<11.0.7 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-0936 opera-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-6608 ruby{22,23,24,25}-rails-html-sanitizer<1.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-3741 ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-9132 ImageMagick<7.0.7.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9133 ImageMagick6<6.9.9.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9133 ImageMagick<7.0.7.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-9135 ImageMagick6<6.9.9.41 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-9135 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9138 exiv2<0.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-9144 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9145 ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-9165 botan>=2.2.0<2.5.0 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-9127 ruby22-base<2.2.10 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2017-17742 ruby23-base<2.3.7 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2017-17742 ruby24-base<2.4.4 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2017-17742 ruby25-base<2.5.1 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2017-17742 ruby22-base<2.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8777 ruby23-base<2.3.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8777 ruby24-base<2.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8777 ruby25-base<2.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8777 ruby22-base<2.2.10 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-6914 ruby23-base<2.3.7 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-6914 ruby24-base<2.4.4 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-6914 ruby25-base<2.5.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-6914 ruby22-base<2.2.10 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8778 ruby23-base<2.3.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8778 ruby24-base<2.4.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8778 ruby25-base<2.5.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8778 ruby22-base<2.2.10 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-8780 ruby23-base<2.3.7 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-8780 ruby24-base<2.4.4 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-8780 ruby25-base<2.5.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-8780 ruby22-base<2.2.10 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8779 ruby23-base<2.3.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8779 ruby24-base<2.4.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8779 ruby25-base<2.5.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8779 wireshark<2.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9256 wireshark<2.4.6 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-9257 wireshark<2.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9258 wireshark<2.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9259 wireshark<2.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9260 wireshark<2.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9261 wireshark<2.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9262 wireshark<2.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9263 wireshark<2.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9264 wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9265 wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9266 wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9267 wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9268 wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9269 wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9270 wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9271 wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9272 wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9273 wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9274 gnupg2<2.2.6 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-9234 ncmpc<0.30 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-9240 jasper<2.0.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9252 libxml2>=2.9.6<2.9.8nb1 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-9251 pam-yubico>=2.18 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-9275 moodle<3.4.2 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1081 moodle<3.4.2 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1082 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9303 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9304 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9305 py{27,34,35,36}-rope-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2014-3539 patch<2.7.6nb1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000156 ocaml<4.07.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-9838 ffmpeg3<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9841 php{56,70,71,72}-roundcube<1.2.8 imap-injection https://nvd.nist.gov/vuln/detail/CVE-2018-9846 php56-fpm<5.6.35 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10545 php70-fpm<7.0.29 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10545 php71-fpm<7.1.16 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10545 php72-fpm<7.2.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10545 icu<60.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15422 libxml2<2.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18258 php{56,70,71,72}-typo3<7.6.26 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-6905 php{56,70,71,72}-contao35<3.5.35 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10125 php{56,70,71,72}-contao44<4.4.18 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10125 php{71,72}-contao45<4.5.8 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10125 squid<3.5.27nb3 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2018_3.txt zabbix<3.4.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-2826 horde<2.0.6 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2014-3999 qpdf<8.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9918 mbedtls<2.1.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9988 mbedtls<2.1.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9989 ffmpeg3<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10001 SDL2_image<2.0.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-3837 SDL2_image<2.0.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-3838 SDL2_image<2.0.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-3839 binutils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9996 jenkins-lts<2.44 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-2599 nasm<2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10016 libopenmpt<0.3.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-10017 zsh<5.5 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1100 wordpress<4.4 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2014-6412 py27-trytond<2.4.15 command-injection https://nvd.nist.gov/vuln/detail/CVE-2014-6633 py{27,34,35,36}-diffoscope<77 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-0359 fuse-ntfs-3g<2017.3.23 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-0358 mediawiki<1.28.1 multiple-vulnerabilities https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html mysql-server>=5.5<5.5.60 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL mysql-server>=5.6<5.6.40 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL mysql-server>=5.7<5.7.22 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL mysql-client>=5.5<5.5.60 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL mysql-client>=5.6<5.6.40 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL mysql-client>=5.7<5.7.22 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL oracle-{jdk,jre}8<8.0.171 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixJAVA openjdk8<1.8.171 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixJAVA cacti<1.1.37 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-10059 cacti<1.1.37 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-10060 cacti<1.1.37 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-10061 botan>=1.11.32<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9860 mediawiki-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-1686 postfix<2.11.10 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-10140 postfix>3.0<3.0.10 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-10140 postfix>3.1<3.1.6 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-10140 postfix>3.2<3.2.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-10140 openssl>=1.1.0<1.1.0i timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-0737 jenkins<2.116 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1000169 jenkins-lts<2.107.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1000169 jenkins<2.116 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1000170 jenkins-lts<2.107.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1000170 wordpress<4.9.5 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-10100 wordpress<4.9.5 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-10101 wordpress<4.9.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-10102 gegl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10111 gegl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10112 gegl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10113 gegl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10114 libreoffice<5.4.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10119 libreoffice>=6<6.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10119 libreoffice<5.4.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10120 libreoffice>=6<6.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10120 cfitsio<3.43 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-3846 cfitsio<3.43 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-3848 cfitsio<3.43 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-3849 ImageMagick<7.0.7.29 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-10177 radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10186 radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10187 perl<5.26.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-6797 perl<5.26.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-6798 perl<5.26.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-6913 maradns<2.0.09 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-2031 maradns<2.0.09 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-2032 py{27,34,35,36}-gunicorn<19.5.0 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2018-1000164 nmap<7.70 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000161 glusterfs<3.12.9 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-1088 kodi-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-8831 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10194 ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10194 mysql-cluster<7.4.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-2877 phpmyadmin<4.8.0.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-10188 php{56,70,71,72}-drupal>=8.4<8.4.7 cross-site-scripting https://www.drupal.org/SA-CORE-2018-003 php{56,70,71,72}-drupal>=8.5<8.5.2 cross-site-scripting https://www.drupal.org/SA-CORE-2018-003 eclipse-[0-9]* xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2017-8315 awstats-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10245 binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8945 zabbix<3.4.1 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2017-2825 nasm<2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10254 # reported against tiff, see https://gitlab.com/libtiff/libtiff/-/issues/128 jpeg<9d null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-10126 mupdf<1.14.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-10289 curl<7.52.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-9586 curl<7.52.1 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2016-9594 openslp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17833 salt<2016.3.6 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2017-7893 nasm<2.14 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-10316 packagekit<1.1.10 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1106 mupdf<1.11 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2016-8728 jbig2dec<0.14 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2016-8729 ansible<2.1.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-9587 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2899 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2900 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2901 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2902 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2903 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2904 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2905 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2906 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2907 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2908 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2918 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12081 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12082 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12086 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12099 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12100 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12101 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12102 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12103 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12104 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12105 SDL2_image<2.0.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-12122 SDL2_image<2.0.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14440 SDL2_image<2.0.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14441 SDL2_image<2.0.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14442 SDL2_image<2.0.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14448 SDL2_image<2.0.3 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-14449 SDL2_image<2.0.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14450 freerdp-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-2834 freerdp-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-2835 freerdp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-2836 freerdp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-2837 freerdp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-2838 freerdp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-2839 freexl<1.0.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2923 freexl<1.0.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2924 openssl>=1.1.0<1.1.0h verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-0733 npm<6.0.1 modification-of-assumed-immutable-data https://nvd.nist.gov/vuln/detail/CVE-2018-3728 leptonica<1.75.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-3836 ffmpeg3<3.4.3 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-7751 ktexteditor>=5.34.0 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2018-10361 binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10372 binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10373 glusterfs<3.12.9 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1112 flac<1.3.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-6888 qemu<2.9 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2016-9602 libvorbis<1.3.6nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10392 libvorbis<1.3.6nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10393 enlightenment<0.17.6 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2014-1845 enlightenment<0.17.6 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2014-1846 xenkernel42-[0-9]* information-leak https://xenbits.xen.org/xsa/advisory-258.html xenkernel45-[0-9]* information-leak https://xenbits.xen.org/xsa/advisory-258.html xenkernel46-[0-9]* information-leak https://xenbits.xen.org/xsa/advisory-258.html xenkernel48<4.8.4 information-leak https://xenbits.xen.org/xsa/advisory-258.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-259.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-259.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-259.html xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-259.html libraw<0.18.10 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10528 libraw<0.18.10 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-10529 binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10535 binutils<2.31 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-10534 wavpack<5.2.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10536 wavpack<5.2.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10537 wavpack<5.2.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-10538 wavpack<5.2.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-10539 wavpack<5.2.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-10540 php56-iconv<5.6.36 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-10546 php70-iconv<7.0.30 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-10546 php71-iconv<7.1.17 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-10546 php72-iconv<7.2.5 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-10546 php>=5.6<5.6.36 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-10547 php>=7.0<7.0.30 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-10547 php>=7.1<7.1.17 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-10547 php>=7.2<7.2.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-10547 php56-exif<5.6.36 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-10549 php70-exif<7.0.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-10549 php71-exif<7.1.17 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-10549 php72-exif<7.2.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-10549 php56-ldap<5.6.36 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10548 php70-ldap<7.0.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10548 php71-ldap<7.1.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10548 php72-ldap<7.2.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10548 phpmyadmin<4.7.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-18264 libreoffice<5.4.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10583 openvpn<2.4.6 double-free https://nvd.nist.gov/vuln/detail/CVE-2018-9336 ansible<1.2.1 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2013-2233 p7zip<18.05 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-10115 lrzip-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10685 libgxps-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10733 libgxps-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10767 ncurses<6.1nb3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-10754 jasper<2.0.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9154 abcm2ps<8.13.21 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10753 abcm2ps<8.13.21 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10771 wget<1.19.5 cookie-injection https://nvd.nist.gov/vuln/detail/CVE-2018-0494 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10772 poppler-utils<0.37 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-10768 webkit-gtk<2.20.0 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2018-0003.html webkit-gtk<2.20.2 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2018-0004.html gd<2.0.35 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2007-2756 gd<2.0.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2007-3473 gd<2.0.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2007-3477 php{56,70,71,72}-drupal>=7<7.58 remote-code-execution https://www.drupal.org/SA-CORE-2018-004 php{56,70,71,72}-drupal>=8.4<8.4.8 remote-code-execution https://www.drupal.org/SA-CORE-2018-004 php{56,70,71,72}-drupal>=8.5<8.5.3 remote-code-execution https://www.drupal.org/SA-CORE-2018-004 firefox52<52.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/ python27<2.7.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1060 python27<2.7.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1061 python34<3.4.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1060 python34<3.4.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1061 python35<3.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1060 python35<3.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1061 python36<3.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1060 python36<3.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1061 jenkins-lts<2.32.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2017-02-01/ jenkins<2.44 multiple-vulnerabilities https://jenkins.io/security/advisory/2017-02-01/ xenkernel42-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-260.html xenkernel45-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-260.html xenkernel46-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-260.html xenkernel48<4.8.4 privilege-escalation https://xenbits.xen.org/xsa/advisory-260.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-261.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-261.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-261.html xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-261.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-262.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-262.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-262.html xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-262.html ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11017 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11095 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11100 xpdf<4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11033 exiv2<0.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10998 exiv2<0.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10999 lilypond-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-10992 postgresql96-contrib<9.6.9 unauthorised-access https://nvd.nist.gov/vuln/detail/CVE-2018-1115 postgresql10-contrib<10.4 unauthorised-access https://nvd.nist.gov/vuln/detail/CVE-2018-1115 poppler<0.65.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18267 xdg-open<1.1.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-18266 tiff<4.0.9nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10963 exiv2<0.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10780 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10958 haproxy<1.8.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10184 prosody<0.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18265 ImageMagick<7.0.7.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10804 ImageMagick6-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10804 ImageMagick<7.0.7.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10805 ImageMagick6-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10805 ImageMagick<7.0.7.17 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-11251 ImageMagick6<6.9.9.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-11251 ImageMagick<7.0.7.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18271 ImageMagick6<6.9.9.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18271 ImageMagick<7.0.7.23 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-18272 ImageMagick6<6.9.9.35 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-18272 ImageMagick<7.0.7.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18273 ImageMagick6<6.9.9.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18273 tiff<4.0.7 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10801 nghttp2>=1.10.0<1.31.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-1000168 mp3gain-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10776 mp3gain-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10777 mp3gain-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10778 adobe-flash-player<29.0.0.113 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb18-05.html adobe-flash-player<29.0.0.140 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb18-08.html adobe-flash-player<29.0.0.171 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb18-16.html podofo<0.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11254 podofo<0.9.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-11255 podofo<0.9.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-11256 upx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11243 nodejs>=9<9.10.0 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/ nodejs>=8<8.11.0 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/ nodejs>=6<6.14.0 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/ ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11225 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11226 apache-tomcat>=7.0.0<7.0.89 insecure-defaults https://nvd.nist.gov/vuln/detail/CVE-2018-8014 apache-tomcat>=8.0.0<8.0.53 insecure-defaults https://nvd.nist.gov/vuln/detail/CVE-2018-8014 apache-tomcat>=8.5.0<8.5.32 insecure-defaults https://nvd.nist.gov/vuln/detail/CVE-2018-8014 hdf5<1.12.2 multiple-vulnerabilities https://github.com/Twi1ight/fuzzing-pocs/tree/master/hdf5 git-base<2.16.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-11235 git-base>=2.17<2.17.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-11235 jpeg<9c denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11212 jpeg<9c denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11213 jpeg<9c denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11214 zookeeper<3.4.10 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-8012 jenkins-lts<2.32.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-2607 jenkins<2.44 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-2607 jenkins-lts<2.32.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-2609 jenkins<2.44 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-2609 cppcms<1.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11367 radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11375 radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11376 radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11377 radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11378 radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11379 radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11380 radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11381 radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11382 radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11383 radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11384 wireshark>=2.6.0<2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11354 wireshark>=2.6.0<2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11355 wireshark<2.2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11356 wireshark>=2.4.0<2.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11356 wireshark>=2.6.0<2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11356 wireshark<2.2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11357 wireshark>=2.4.0<2.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11357 wireshark>=2.6.0<2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11357 wireshark<2.2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11358 wireshark>=2.4.0<2.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11358 wireshark>=2.6.0<2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11358 wireshark<2.2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11359 wireshark>=2.4.0<2.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11359 wireshark>=2.6.0<2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11359 wireshark<2.2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11360 wireshark>=2.4.0<2.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11360 wireshark>=2.6.0<2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11360 wireshark>=2.6.0<2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11361 wireshark<2.2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11362 wireshark>=2.4.0<2.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11362 wireshark>=2.6.0<2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11362 epiphany-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11396 mupdf<1.12.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000036 mupdf<1.12.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000037 mupdf<1.12.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000038 mupdf<1.12.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-1000039 mupdf<1.12.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000040 curl>=7.54.1<7.60.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000300 curl>=7.20.0<7.60.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000301 jpegoptim<1.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11416 moodle<3.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1133 moodle<3.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1134 moodle<3.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1135 moodle<3.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1136 moodle<3.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1137 discount<2.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11468 haproxy>=1.8.0<1.8.10 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-11469 libsass>=3.4.7<3.6.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-11499 lrzip-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-11496 discount<2.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11503 discount<2.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11504 vlc<3.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11516 sudo<1.8.18p1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-7076 exiv2<0.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-11531 git-base<2.16.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-11233 git-base>=2.17<2.17.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-11233 taglib<1.11.1nb1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-11439 graphviz-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-10196 slurm>=2.4.0pre4<17.11.7 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-10995 ImageMagick<7.0.7.20 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-11655 ImageMagick<7.0.7.20 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-11656 ImageMagick6<6.9.9.50 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-11624 ImageMagick<7.0.7.38 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-11624 ImageMagick6<6.9.9.50 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-11625 ImageMagick<7.0.7.38 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-11625 ruby{22,23,24,25}-sinatra<2.0.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-11627 ghostscript-gpl-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-11645 ghostscript-agpl<9.21rc1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-11645 nikto-[0-9]* arbitrary-command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-11652 thunderbird<52.8.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/ sysinfo<10.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-7268 xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-263.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-263.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-263.html xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-263.html mariadb-server<5.5.60 multiple-vulnerabilities https://mariadb.com/kb/en/library/mariadb-5560-release-notes/ prosody<0.10.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-10847 npm<5.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16023 npm<2.14.18 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16026 libsass<3.6.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-11693 libsass<3.6.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-11694 libsass<3.6.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-11695 libsass<3.6.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-11696 libsass<3.6.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-11697 libsass<3.6.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-11698 libopenmpt<0.3.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11710 webkit-gtk>=2.20.0<2.20.2 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-11712 webkit-gtk<2.20.0 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-11713 webkit-gtk<2.20.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11646 webkit24-gtk-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11646 webkit24-gtk3-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11646 gnupg<1.4.23 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12020 gnupg2<2.2.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12020 bird<1.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12066 bird6<1.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12066 epiphany<3.28.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12016 perl<5.28.0 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2018-12015 p5-Archive-Tar<2.30 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2018-12015 npm<6.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-3739 npm<6.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-3737 npm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-3721 npm<6.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16137 jpeg<9cnb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11813 firefox52<52.8.1 heap-buffer-overflow https://www.mozilla.org/en-US/security/advisories/mfsa2018-14/ firefox<60.0.2 heap-buffer-overflow https://www.mozilla.org/en-US/security/advisories/mfsa2018-14/ jenkins>=2.107<2.121 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-05-09/ jenkins<2.107.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-05-09/ sleuthkit-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-11737 sleuthkit-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-11738 sleuthkit-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-11739 sleuthkit-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-11740 file<5.32nb2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-10360 grafana<5.2.0b1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-12099 lepton-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12108 thunderbird-enigmail<2.0.7 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-12019 seamonkey-enigmail<2.0.7 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-12019 libgcrypt<1.8.3 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-0495 nodejs>=10<10.4.1 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/ nodejs>=8<8.11.3 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/ nodejs>=6<6.14.3 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/ radare2<2.7.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-12320 radare2<2.7.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-12321 radare2<2.7.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-12322 exiv2<0.27 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-12264 exiv2<0.27 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-12265 qemu<3.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-11806 openssl<1.0.2p denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-0732 openssl>1.1.0<1.1.0i denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-0732 asterisk>=15.0<15.4.1 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-007.html asterisk>=13.0<13.21.1 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-008.html asterisk>=14.0<14.7.7 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-008.html asterisk>=15.0<15.4.1 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-008.html firefox<56.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/ password-store<1.7.2 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-12356 libressl<2.7.4 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-12434 botan>=2.5.0<2.7.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-12435 libtomcrypt<1.18.2 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-12437 boringssl-[0-9]* side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-12440 ImageMagick<7.0.7.16 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-18271 ImageMagick6<6.9.9.28 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-18271 ImageMagick<7.0.7.17 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-18272 ImageMagick<6.9.9.29 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-18272 ImageMagick<7.0.7.16 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-18273 ImageMagick6<6.9.9.28 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-18273 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11037 hdf5<1.10.3 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2018-11203 hdf5<1.10.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-11204 hdf5<1.10.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11205 hdf5<1.10.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11206 hdf5<1.10.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11207 yara-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-12034 yara-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-12035 evolution-data-server-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-12422 libbpg-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-12447 ffmpeg2<2.8.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12458 ffmpeg3<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12458 ffmpeg4<4.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12458 ffmpeg4<4.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12459 ffmpeg4<4.0.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-12460 discount<2.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12495 redis<4.0.10 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-11218 redis<4.0.10 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-11219 redis<4.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-12326 passenger<5.3.2 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2018-12026 passenger<5.3.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12027 passenger<5.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12028 passenger<5.3.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-12029 hdf5<1.10.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-11202 libjpeg-turbo<2.0.0 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2018-1152 liblnk<20180626 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12096 liblnk<20180626 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12097 liblnk<20180626 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12098 webkit-gtk<2.20.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2018-0005.html firefox52<52.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/ glusterfs<3.12.11 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-10841 ntp<4.2.8p12 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-12327 p5-Email-Address<1.912 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12558 ImageMagick<7.0.8.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-12599 ImageMagick6<6.9.10.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-12599 ImageMagick<7.0.8.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-12600 ImageMagick6<6.9.10.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-12600 dovecot<2.2.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-2669 passenger<5.3.2 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-12615 qemu<3.0.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-12617 phpmyadmin<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-12581 phpmyadmin<4.8.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-12613 ansible2<2.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2017-7466 jetty<9.4.11.20180605 http-response-smuggling https://nvd.nist.gov/vuln/detail/CVE-2017-7656 jetty<9.4.11.20180605 http-response-smuggling https://nvd.nist.gov/vuln/detail/CVE-2017-7657 jetty<9.4.11.20180605 http-response-smuggling https://nvd.nist.gov/vuln/detail/CVE-2017-7658 jetty<9.4.11.20180605 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12536 jetty<9.4.11.20180605 session-hijack https://nvd.nist.gov/vuln/detail/CVE-2018-12538 exempi<2.4.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-12648 phpldapadmin-[0-9]* remote-code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-12689 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12641 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12697 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12698 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12699 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12700 binutils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12934 php72-exif<7.2.7 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-12882 php{56,70,71,72}-basercms<3.0.16 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-0569 php{56,70,71,72}-basercms<3.0.16 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-0570 php{56,70,71,72}-basercms<3.0.16 remote-file-write https://nvd.nist.gov/vuln/detail/CVE-2018-0571 php{56,70,71,72}-basercms<3.0.16 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-0572 php{56,70,71,72}-basercms<3.0.16 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-0573 php{56,70,71,72}-basercms<3.0.16 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-0574 php{56,70,71,72}-basercms<3.0.16 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-0575 h2o<2.2.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-0608 u-boot<2018.07 input-validation https://nvd.nist.gov/vuln/detail/CVE-2018-1000205 py{34,35,36}-websockets<5.0 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000518 mbedtls-[0-9]* verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1000520 ruby{22,23,24,25}-zip<1.2.2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000544 wordpress<4.9.7 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-12895 ruby{22,23,24,25}-sprockets<2.2.3nb3 information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-3760 ruby{22,23,24,25}-sprockets<3.7.2 information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-3760 tiff<4.0.10nb1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-12900 py{27,34,35,36}-yaml<4.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-18342 wine-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12932 wine-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12933 apache-cassandra<3.11.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-8016 openslp-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2018-12938 p5-Archive-Zip<1.61 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-10860 xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-264.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-264.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-264.html xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-264.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-265.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-265.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-265.html xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-265.html xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-266.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-267.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-267.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-267.html xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-267.html podofo<0.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12982 podofo<0.9.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12983 gpac<0.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13005 gpac<0.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13006 htslib-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2018-14329 htslib<1.9 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-13843 htslib<1.9 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-13844 htslib<1.9 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-13845 powerdns<4.1.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1046 mp4v2<4.1.0.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14326 mp4v2<4.1.0.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14325 mp4v2<4.1.0.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2018-14054 clamav<0.100.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-0360 clamav<0.100.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-0361 curl>=7.52.0<7.54.0 security-bypass https://curl.haxx.se/docs/adv_20170419.html curl>=7.54.1<7.61.0 heap-overflow https://curl.haxx.se/docs/adv_2018-70a2.html libsixel<1.8.2 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14072 libsixel<1.8.2 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14073 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13866 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-13867 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-13868 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13869 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-13870 hdf5-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-13871 hdf5-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-13872 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-13873 hdf5-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-13874 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-13875 hdf5-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-13876 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-14031 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-14032 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-14033 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-14034 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-14035 ffmpeg3<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13300 ffmpeg4<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13300 ffmpeg4<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13301 ffmpeg2<2.8.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13302 ffmpeg3<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13302 ffmpeg4<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13302 ffmpeg4<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13303 ffmpeg4<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13304 ffmpeg4<4.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-13305 php{56,70,71,72}-nextcloud<12.0.8 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-3761 php{56,70,71,72}-nextcloud>=13<13.0.3 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-3761 php{56,70,71,72}-nextcloud<12.0.8 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-3762 php{56,70,71,72}-nextcloud>=13<13.0.3 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-3762 xapian<1.4.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-0499 ansible<2.6.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-10874 giflib<5.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11490 binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13033 glpi>=9.2<9.3.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-13049 ming-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-13066 qemu<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-2615 ansible<2.4.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10855 tcpreplay<4.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13112 npm<6.0.1 code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-3750 libsndfile<1.0.28nb3 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-13139 ImageMagick<7.0.8.5 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-13153 ImageMagick6<6.9.10.5 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-13153 ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-13250 ming-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-13251 libsoup<2.62.3 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-12910 ntopng<3.4 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2018-12520 py27-mercurial<4.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13346 py27-mercurial<4.6.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-13347 py27-mercurial<4.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13348 libsndfile-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-13419 libaudiofile-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-13440 qemu<2.9.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-7471 png<1.6.35 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-13785 adobe-flash-player<30.0.0.113 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb18-19.html php{56,70,71,72}-concrete5<8.3.0 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-13790 rust<1.27.1 local-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000622 libgit2<0.27.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-10887 libgit2<0.27.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-10888 moodle<3.5.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10889 moodle<3.5.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10890 moodle<3.5.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-10891 polkit<0.116 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1116 vlc<3.0.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-11529 couchdb<2.1.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-8007 nagios<4.4.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-13441 nagios<4.4.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-13457 nagios<4.4.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-13458 mailman<2.1.28 frame-content-spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-13796 radare2<2.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14015 radare2<2.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14016 radare2<2.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14017 exiv2<0.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-14046 soundtouch<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14044 soundtouch<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14045 epubcheck<4.0.2 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2016-9487 xfe<1.40 file-permissions https://nvd.nist.gov/vuln/detail/CVE-2014-2079 libextractor<1.7 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14346 libextractor<1.7 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-14347 mutt<1.10.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14349 neomutt<20180716 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14349 mutt<1.10.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14350 neomutt<20180716 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14350 mutt<1.10.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14351 neomutt<20180716 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14351 mutt<1.10.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14352 neomutt<20180716 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14352 mutt<1.10.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14353 neomutt<20180716 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14353 mutt<1.10.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-14354 neomutt<20180716 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-14354 mutt<1.10.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-14355 neomutt<20180716 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-14355 mutt<1.10.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14356 neomutt<20180716 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14356 mutt<1.10.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-14357 neomutt<20180716 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-14357 mutt<1.10.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14358 neomutt<20180716 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14358 mutt<1.10.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14359 neomutt<20180716 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14359 neomutt<20180716 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14360 neomutt<20180716 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14361 mutt<1.10.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14362 neomutt<20180716 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14362 neomutt<20180716 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14363 mp4v2<4.1.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14379 mysql-workbench<8.0.12 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-2598 oracle-{jdk,jre}8<8.0.173 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixJAVA openjdk8<1.8.173 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixJAVA mysql-client>=5.5<5.5.61 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL mysql-client>=5.6<5.6.41 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL mysql-client>=5.7<5.7.23 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL mysql-server>=5.5<5.5.61 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL mysql-server>=5.6<5.6.41 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL mysql-server>=5.7<5.7.23 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL apache<2.4.34 multiple-vulnerabilities https://httpd.apache.org/security/vulnerabilities_24.html#2.4.34 wireshark<2.6.2 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-14339 wireshark<2.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14340 wireshark<2.6.2 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-14341 wireshark<2.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14342 wireshark<2.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14343 wireshark<2.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14344 wireshark<2.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14367 wireshark<2.6.2 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-14368 wireshark<2.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14369 wireshark<2.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14370 nss<3.30 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-9574 ansible<2.3.1.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-7481 ffmpeg3<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14394 ffmpeg4<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14394 ffmpeg3<3.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14395 ffmpeg4<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14395 mp4v2<4.1.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-14403 libxml2<2.9.8nb2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-14404 openjpeg<2.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14423 evolution-data-server<3.21.2 weak-ssl-authentication https://nvd.nist.gov/vuln/detail/CVE-2016-10727 ImageMagick<7.0.8.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14434 ImageMagick<7.0.8.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14435 ImageMagick6<6.9.10.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14435 ImageMagick<7.0.8.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14436 ImageMagick6<6.9.10.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14436 ImageMagick<7.0.8.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14437 ImageMagick6<6.9.10.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14437 confuse<3.2.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-14447 mp4v2<4.1.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14446 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-14460 npm<6.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-3736 adobe-flash-player<30.0.0.134 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb18-24.html mitmproxy<4.0.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-14505 aubio<0.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14521 aubio<0.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14522 aubio<0.4.7 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14523 ImageMagick<7.0.8.8 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2018-14551 ImageMagick6<6.9.10.8 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2018-14551 jenkins-lts<2.121.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-07-18/ jenkins<2.132 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-07-18/ ffmpeg2<2.8.15 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-1999010 ffmpeg2<2.8.15 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1999012 ffmpeg4<4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-1999010 ffmpeg4<4.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1999011 ffmpeg4<4.1 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1999012 ffmpeg4<4.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-1999013 ffmpeg3<3.4.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-1999010 ffmpeg3<3.4.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1999011 ffmpeg3<3.4.3 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1999012 ffmpeg3<3.4.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-1999013 ffmpeg4<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1999014 ffmpeg4<4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-1999015 wesnoth>=1.7.0<1.14.4 code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-1999023 u-boot<2017.09 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2017-3225 u-boot<2017.09 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3226 fuse<2.9.8 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-10906 poppler<0.67.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-13988 ansible<2.2.1.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-8647 gdm<3.24.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-12164 kafka<0.10.2.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-12610 qemu<2.10.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7539 mit-krb5<1.16.1 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2017-7562 mailman<2.1.27 frame-content-spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-0618 kafka<1.1.0 data-loss https://nvd.nist.gov/vuln/detail/CVE-2018-1288 qemu<2.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15119 powerdns-recursor<4.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15120 npm<6.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16114 netpbm<10.61 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-2579 netpbm<10.61 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-2580 netpbm<10.61 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-2581 netpbm<10.61 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-2586 netpbm<10.61 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-2587 qemu<2.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-2620 modular-xorg-server<1.19.0 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2017-2624 libXdmcp<1.1.3 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2017-2625 libICE<1.0.10 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2017-2626 qemu<2.9 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2630 curl<7.53.0 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-2629 qemu<1.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-2633 advancecomp<2.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-1056 qemu<2.9 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-9603 qemu<2.11 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15118 cups<2.2.2 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-15400 cups<2.2.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-4180 cups<2.2.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-4181 cups<2.2.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-4182 cups<2.2.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-4183 php56-exif<5.6.37 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14883 php70-exif<7.0.31 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14883 php71-exif<7.1.20 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14883 php72-exif<7.2.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14883 php56-exif<5.6.37 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14851 php71-exif<7.1.20 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14851 php70-exif<7.0.31 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14851 php72-exif<7.2.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14851 bind>=9.9.12<9.9.13 authorization-bypass https://kb.isc.org/article/AA-01616/74/CVE-2018-5738 bind>=9.10.7<9.10.8 authorization-bypass https://kb.isc.org/article/AA-01616/74/CVE-2018-5738 libraw<0.18.11 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5813 libraw<0.18.12 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-5815 libraw<0.18.12 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-5816 thunderbird<52.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/ mbedtls>=1.2<2.1.14 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-0497 mbedtls>=2.2<2.7.5 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-0497 mbedtls>=1.2<2.1.14 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-0498 mbedtls>=2.2<2.7.5 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-0498 libmspack<0.7alpha denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14679 libmspack<0.7alpha unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14680 libmspack<0.7alpha out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-14681 libmspack<0.7alpha denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14682 firefox<49.0.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/ firefox<50.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-89/ firefox45<45.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-89/ firefox45<45.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-90/ thunderbird45<45.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-93/ firefox<55.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/ firefox52<52.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/ firefox52<52.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/ thunderbird45<45.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-07/ thunderbird<52.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-09/ firefox<50.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-91/ firefox45<45.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-89/ firefox52<52.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/ firefox<59.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/ firefox52<52.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/ firefox<59.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/ firefox<57.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-27/ firefox52<52.5.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-28/ firefox52<52.0.1 integer-overflow https://www.mozilla.org/en-US/security/advisories/mfsa2017-08/ thunderbird<52.5.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-30/ wordpress-[0-9]* remote-file-write https://nvd.nist.gov/vuln/detail/CVE-2018-14028 postgresql93-server<9.3.24 multiple-vulnerabilities https://www.postgresql.org/about/news/1878/ postgresql94-server<9.4.19 multiple-vulnerabilities https://www.postgresql.org/about/news/1878/ postgresql95-server<9.5.14 multiple-vulnerabilities https://www.postgresql.org/about/news/1878/ postgresql96-server<9.6.10 multiple-vulnerabilities https://www.postgresql.org/about/news/1878/ postgresql10-server<10.5 multiple-vulnerabilities https://www.postgresql.org/about/news/1878/ wpa_supplicant<2.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-14526 couchdb<2.2.0 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-11769 webkit-gtk<2.20.4 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2018-0006.html nmap<7.80 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15173 squirrelmail<1.4.23pre14832 multiple-vulnerabilities https://sourceforge.net/p/squirrelmail/bugs/2831/ tcpflow-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14938 cgit<1.2.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-14912 py{27,34,35,36,37}-cryptography>=1.9.0<2.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10903 ansible<2.2.0 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-8614 ansible<2.2.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2016-8628 curl<7.51.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2016-8618 curl<7.51.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2016-8617 curl<7.51.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-8622 curl<7.51.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2016-8624 curl<7.51.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-8621 curl<7.51.0 cookie-injection https://nvd.nist.gov/vuln/detail/CVE-2016-8615 curl<7.51.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2016-8616 curl<7.51.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-8620 curl<7.51.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2016-8619 curl<7.51.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-8623 curl<7.51.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2016-8625 nss<3.28 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-8635 nagios-base<4.2.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2016-8641 openjpeg<2.2.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2016-9572 openjpeg<2.2.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-9573 openjpeg<2.2.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-9580 openjpeg<2.2.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2016-9581 lftp<4.8.4 arbitrary-file-removal https://nvd.nist.gov/vuln/detail/CVE-2018-10916 libXcursor<1.1.15 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-9262 jasper<2.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-8654 jasper<2.0.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-9583 cfitsio<3.44 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-3847 apache-tomcat>=7.0.28<7.0.87 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1336 apache-tomcat>=8.0.0<8.0.52 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1336 apache-tomcat>=8.5.0<8.5.31 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1336 apache-tomcat>=9.0.0<9.0.8 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1336 apache-tomcat>=7.0.35<7.0.89 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-8034 apache-tomcat>=8.0.0<8.0.53 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-8034 apache-tomcat>=8.5.0<8.5.32 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-8034 apache-tomcat>=9.0.0<9.0.10 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-8034 apache-tomcat>=8.5.5<8.5.32 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8037 apache-tomcat>=9.0.0<9.0.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8037 ntp<4.2.8p10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-9042 knot<2.4.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2018-10920 #php-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-9118 # disputed https://bugs.php.net/bug.php?id=74604 php{56,70,71,72}-mysqli-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9120 php>=7.0<7.0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14884 php>=7.1<7.1.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14884 php>=7.2<7.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14884 mantis>=2.1.0<2.15.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-13055 mantis>=2.0<2.15.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-14504 py{27,34,35,36,37}-django>=1.11.0<1.11.15 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2018-14574 py{34,35,36,37}-django>=2.0<2.0.8 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2018-14574 php{56,70,71,72}-drupal>=7<7.56 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2017-003 php{56,70,71,72}-drupal>=8<8.3.4 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2017-003 rpm<4.14.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-7500 webkit-gtk<2.20.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-12293 webkit-gtk<2.20.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12294 php{56,70,71,72}-tiki6<18.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-14849 php{56,70,71,72}-tiki6<18.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-14850 php{56,70,71,72}-nextcloud<13.05 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-3780 apache>=2.2<2.2.32 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2016-4975 apache>=2.4<2.4.25 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2016-4975 redis<5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12453 gdm<3.29.91 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14424 mingw-w64-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-5392 libxml2<2.9.8nb3 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-14567 xentools42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-272.html xentools45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-272.html xentools48<4.8.5 denial-of-service https://xenbits.xen.org/xsa/advisory-272.html xentools411<4.11.1 denial-of-service https://xenbits.xen.org/xsa/advisory-272.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-269.html xenkernel48<4.8.5 denial-of-service https://xenbits.xen.org/xsa/advisory-269.html xenkernel411<4.11.0nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-269.html openssh<7.8 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-15473 libgit2<0.27.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15501 py{27,34,35,36,37}-cryptodome<3.6.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-15560 py{27,34,35,36,37}-Pyro<3.15 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2011-2765 sympa<6.2.32 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000550 zutils<1.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000637 libtasn1<4.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000654 rust>=1.3.0<1.22.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000657 libvirt<2.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-5160 pkgconf>=1.5.0<1.5.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000221 soundtouch<2.1.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000223 gd<2.2.5nb4 double-free https://nvd.nist.gov/vuln/detail/CVE-2018-1000222 dropbear<2019.77 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-15599 nodejs<6.14.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-7166 nodejs>=8<8.11.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-7166 nodejs>=10<10.9.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-7166 nodejs<6.14.4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-12115 nodejs>=8<8.11.4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-12115 nodejs>=10<10.9.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-12115 ImageMagick<7.0.8.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15607 ImageMagick6<6.9.10.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15607 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15671 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15672 gnutls<3.6.3 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-10844 gnutls<3.6.3 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-10845 gnutls<3.6.3 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-10846 samba<4.6.16 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10858 samba>=4.7<4.7.9 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-10918 samba>=4.8<4.8.4 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-10918 samba<4.6.16 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10919 samba>=4.7<4.7.9 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2018-1139 samba>=4.8<4.8.4 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2018-1139 samba>=4.8<4.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1140 libbpg-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-2575 libvirt>=2.5.0<3.0.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-2635 curl<7.10.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2003-1605 jenkins-lts<2.121.3 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-08-15/ jenkins<2.138 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-08-15/ ffmpeg2<2.8.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15822 ffmpeg3<3.4.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15822 ffmpeg4<4.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15822 php{56,70,71,72}-nextcloud<12.0.3 weak-authorization https://nvd.nist.gov/vuln/detail/CVE-2018-3775 php{56,70,71,72}-nextcloud<12.0.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2018-3776 libX11<1.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14598 libX11<1.6.6 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-14599 libX11<1.6.6 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-14600 pango<1.42.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15120 php{56,70,71,72,73}-phpmyadmin<4.8.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-15605 ntp<4.2.8p11 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-15605 xenkernel42-[0-9]* sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-273.html xenkernel45-[0-9]* sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-273.html xenkernel46-[0-9]* sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-273.html xenkernel48<4.8.5 sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-273.html xenkernel411<4.11.1 sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-273.html apache-ant<1.9.13 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2018-15605 apache-ant>=1.10<1.10.5 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2018-15605 opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16391 opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16392 opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16393 opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16418 opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16419 opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16420 opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16421 opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16422 opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16423 opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16424 opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16425 opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16426 opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16427 libykneomgr-[0-9]* multiple-vulnerabilities https://www.x41-dsec.de/lab/advisories/x41-2018-004-libykneomgr/ ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15870 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15871 libxkbcommon<0.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15853 libxkbcommon<0.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15854 libxkbcommon<0.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15855 libxkbcommon<0.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15856 libxkbcommon<0.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15857 libxkbcommon<0.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15858 libxkbcommon<0.8.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15859 libxkbcommon<0.8.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15861 libxkbcommon<0.8.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15862 libxkbcommon<0.8.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15863 libxkbcommon<0.8.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15864 ap{22,24}-perl<2.0.11 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2011-2767 podofo<0.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15889 ghostscript-agpl<9.24 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2018-15908 ghostscript-gpl-[0-9]* arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2018-15908 ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15909 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15909 ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15910 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15910 ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15911 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15911 nsd<4.1.23 sensitive-information-disclosure https://www.nlnetlabs.nl/projects/nsd/security-advisories/#nsd-time-sensitive-tsig-compare-vulnerability firefox<62.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/ firefox60<60.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/ ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16511 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16511 ghostscript-agpl<9.24 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-16509 ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-16509 ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16510 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16510 ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16513 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16513 ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16541 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16541 ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16539 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16539 ghostscript-agpl<9.24 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-16540 ghostscript-gpl-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-16540 ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16542 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16542 ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16543 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16585 ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16585 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16543 ghostscript-agpl<9.25 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-16802 ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-16802 adobe-flash-player<30.0.0.154 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb18-25.html trafficserver<7.1.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1318 trafficserver<7.1.4 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2018-8004 trafficserver<7.1.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8005 trafficserver<6.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8022 trafficserver<7.1.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8040 spamassassin<3.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15705 spamassassin<3.4.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-11780 spamassassin<3.4.2 code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-11781 ImageMagick<7.0.8.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16323 ImageMagick<7.0.8.8 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-16328 ImageMagick6<6.9.10.9 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-16328 ImageMagick<7.0.8.8 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-16329 ImageMagick<7.0.8.11 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16412 ImageMagick<7.0.8.11 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16413 ImageMagick6<6.9.10.11 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16413 ImageMagick<7.0.8.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-16640 ImageMagick6<6.9.10.7 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-16640 ImageMagick<7.0.8.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16641 ImageMagick<7.0.7.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16642 ImageMagick6<6.9.9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16642 ImageMagick<7.0.8.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16643 ImageMagick6<6.9.10.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16643 ImageMagick<7.0.8.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16644 ImageMagick<6.9.10.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16644 ImageMagick<7.0.8.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16645 ImageMagick<7.0.7.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16749 ImageMagick6<6.9.9.43 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16749 ImageMagick<7.0.7.32 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-16750 ImageMagick6<6.9.9.43 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-16750 mgetty<1.2.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-16741 mgetty<1.2.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16742 mgetty<1.2.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16743 mgetty<1.2.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-16744 mgetty<1.2.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16745 glusterfs<3.12.14 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-10904 glusterfs<3.12.14 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10907 glusterfs<3.12.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10911 glusterfs<3.12.14 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10913 glusterfs<3.12.14 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10914 glusterfs<3.12.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10923 glusterfs<3.12.14 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10924 glusterfs<3.12.14 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-10926 glusterfs<3.12.14 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10927 glusterfs<3.12.14 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-10928 glusterfs<3.12.14 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-10929 glusterfs<3.12.14 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2018-10930 icu<60.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15396 moodle<3.5.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-14630 moodle<3.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-14631 curl<7.61.1 buffer-overrun https://nvd.nist.gov/vuln/detail/CVE-2018-14618 wireshark<2.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16056 wireshark<2.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16057 wireshark<2.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16058 glib2<2.56.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-16428 glib2<2.56.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-16429 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16336 php{56,70,71,72}-contao35<3.5.36 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17057 php{56,70,71,72}-contao44<4.4.25 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17057 php{71,72}-contao45-4.5.* cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17057 php{71,72}-contao45-4.5.* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages openssh-[0-9]* oracle-attack https://nvd.nist.gov/vuln/detail/CVE-2018-15919 qemu<4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15746 grafana<4.6.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-15727 fig2dev-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-16140 jdbc-postgresql{93,94}-[0-9]* man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2018-10936 tiff<4.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16335 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16368 xpdf<4.05 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16369 openjpeg<2.3.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16375 openjpeg<2.3.1nb1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16376 jhead-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16554 jhead-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17088 mupdf<1.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16647 mupdf<1.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16648 nasm<2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16382 nasm<2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16517 nasm<2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16999 nasm<2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000667 openafs<1.6.23 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-16947 openafs>=1.7<1.8.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-16947 openafs<1.6.23 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16948 openafs>=1.7<1.8.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16948 openafs<1.6.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16949 openafs>=1.7<1.8.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16949 powerdns<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-7068 pdns-recursor<4.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-7068 powerdns<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-7072 powerdns<4.0.2 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2016-7073 pdns-recursor<4.0.4 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2016-7073 powerdns<4.0.2 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2016-7074 pdns-recursor<4.0.4 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2016-7074 soundtouch<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17096 soundtouch<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17097 soundtouch<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17098 tiff<4.0.10nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17000 tiff<4.0.9nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17100 tiff<4.0.9nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17101 wordpress<4.9 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-1000600 wordpress-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000773 zsh<5.6 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-0502 zsh<5.6 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-13259 libextractor<1.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-16430 lcms2<2.10 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16435 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-16438 pidgin<2.11.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-1000030 npm<3.10.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-1000232 py{27,34,35,36,37,38}-flask-admin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-16516 zziplib<0.13.70 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-16548 sympa<6.2.36 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1000671 okular<18.08.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000801 accountsservice<0.6.50 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-14036 poppler<0.72 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16646 openssl<1.0.2 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2016-7056 monit<5.20.0 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2016-7067 ansible<2.4.6 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-10875 libbson<1.13.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16790 dnsdist<1.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-7069 radare2<2.9.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-15834 gitolite<3.6.9 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-16976 opencc-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16982 tor-browser<8.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-16983 php<5.6.38 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-17082 php>=7.0<7.0.32 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-17082 php>=7.1<7.1.22 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-17082 php>=7.2<7.2.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-17082 libaudiofile-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-17095 podofo<0.9.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-14320 thunderbird<60.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-19/ firefox<61.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/ boringssl-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15423 xml-security-c<2.0.1 denial-of-service https://shibboleth.net/community/advisories/secadv_20180803.txt seamonkey<2.49.4 multiple-vulnerabilities https://www.seamonkey-project.org/releases/seamonkey2.49.4/ bitcoin<0.16.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17144 ghostscript-agpl<9.25 code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-17183 ghostscript-gpl-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-17183 elasticsearch<6.3.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-3826 elasticsearch<6.4.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-3831 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17229 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17230 hylafax<6.0.7 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17141 asterisk>=11<12 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-009.html bind<8.2.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2001-0497 bind>=9.0<9.1.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2001-0497 sun-{jre,jdk}<1.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2000-1099 dropbear<0.43 unauthorised-access https://nvd.nist.gov/vuln/detail/CVE-2004-2486 hdf5<1.10.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17233 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17234 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17237 libmp4v2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17235 libmp4v2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17236 exiv2<0.27 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-17282 gitolite<3.5.3.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2013-4451 gitolite<3.5.3.1 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2013-7203 haproxy<1.8.14 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14645 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17358 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17359 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17360 mediawiki<1.31.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-0503 mediawiki<1.31.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-0504 mediawiki<1.31.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-0505 mediawiki>=1.31<1.31.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-13258 firefox60<60.2.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-23/ dvipsk<5.998nb1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-17407 luatex<1.07.0nb6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-17407 web2c<2018nb5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-17407 hdf5-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-17432 hdf5-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-17433 hdf5<1.10.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17434 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17435 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17436 hdf5<1.10.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17437 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17438 hdf5-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-17439 spidermonkey52-[0-9]* multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-24/ firefox<62.0.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-24/ firefox60<60.2.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-24/ git-base<2.14.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17456 git-base>=2.15<2.15.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17456 git-base>=2.16<2.16.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17456 git-base>=2.17<2.17.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17456 git-base>=2.18<2.18.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17456 git-base>=2.19<2.19.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17456 py27-expat<2.7.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14647 py34-expat<3.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14647 py35-expat<3.5.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14647 py36-expat<3.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14647 py37-expat<3.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14647 adobe-flash-player<31.0.0.108 privilege-escalation https://helpx.adobe.com/security/products/flash-player/apsb18-31.html apache>=2.4.17<2.4.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11763 ruby{23,24,25}-jekyll<3.6.3 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2018-17567 ruby{23,24,25}-jekyll>=3.7<3.7.4 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2018-17567 ruby{23,24,25}-jekyll>=3.8<3.8.4 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2018-17567 tcpreplay<4.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17580 tcpreplay<4.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17582 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17581 libiberty-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-17794 zziplib-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-17828 py{34,35,36,37,38}-django>=2.1<2.1.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16984 ImageMagick<7.0.7.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-17965 ImageMagick<7.0.7.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-17966 ImageMagick<7.0.7.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-17967 ImageMagick<7.0.7.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-18016 ImageMagick<7.0.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18023 ImageMagick6<6.9.10.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18024 ImageMagick<7.0.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18024 ImageMagick<7.0.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18025 tcpreplay<4.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17974 apache-tomcat<7.0.91 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2018-11784 apache-tomcat>=8.0<8.5 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2018-11784 apache-tomcat>=8.5.0<8.5.34 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2018-11784 apache-tomcat>=9.0.0<9.0.12 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2018-11784 py27-mercurial<4.7.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-17983 libiberty-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17985 py{27,34,35,36,37,38}-paramiko<2.4.2 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000805 py{27,34,35,36,37,38}-OpenSSL<17.5.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-1000807 py{27,34,35,36,37,38}-OpenSSL<17.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000808 rust<1.29.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000810 cairo<1.16.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-18064 net-snmp<5.8 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18065 net-snmp<5.8 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18066 webkit-gtk<2.22.0 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2018-0007.html firefox45-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages firefox52-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages spidermonkey52-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages tinc<1.0.30 oracle-attack https://nvd.nist.gov/vuln/detail/CVE-2018-16737 tinc<1.0.35 oracle-attack https://nvd.nist.gov/vuln/detail/CVE-2018-16738 tinc<1.0.35 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2018-16758 geeklog<1.4.0rc1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2005-4026 ghostscript-agpl<9.26 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17961 ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17961 py{27,34,35,36,37,38}-requests<2.20.0 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2018-18074 qemu<4.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-17958 qemu<4.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-17962 qemu<4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17963 openjpeg<2.3.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-18088 jenkins-lts<2.138.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-10-10/ jenkins<2.146 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-10-10/ wireshark>=2.6.0<2.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18225 wireshark>=2.6.0<2.6.4 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-18226 wireshark<2.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18227 wireshark>=2.6.0<2.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18227 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18309 py27-moin<1.9.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-5934 clamav<0.100.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15378 ghostscript-agpl<9.26 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-18073 ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-18073 libssh<0.76 remote-security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-10933 firefox{,-bin,-gtk1}<1.5.0.9 heap-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-69.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 heap-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-69.html thunderbird{,-gtk1}<1.5.0.9 heap-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-69.html seamonkey{,-bin,-gtk1}<1.0.7 heap-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-69.html firefox60<60.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-16/ firefox<62.0.2 denial-of-service https://www.mozilla.org/en-US/security/advisories/mfsa2018-22/ thunderbird<60.2.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/ firefox60<60.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-27/ tiff<4.0.9nb4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-18557 modular-xorg-server>=1.19<1.20.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-14665 mkvtoolnix<28.2.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-4022 salt<2018.3.3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-15750 salt<2018.3.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-15751 mysql-server>=5.5<5.5.62 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL mysql-server>=5.6<5.6.42 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL mysql-server>=5.7<5.7.24 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL mariadb-server>=5.5<5.5.62 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL oracle-{jdk,jre}8<8.0.192 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixJAVA openjdk8<1.8.192 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixJAVA xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18454 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18455 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18456 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18457 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18458 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18459 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18650 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18651 qemu<4.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-18438 qemu<4.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10839 unzip<6.0nb9 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-18384 tcpreplay<4.3.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-18407 tcpreplay<4.3.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-18408 tcpflow-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18409 openexr<2.4.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-18443 openexr<2.4.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-18444 libiberty-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18483 libiberty-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18484 ghostscript-agpl<9.26 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-18284 ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-18284 xfce4-thunar-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-18398 ImageMagick<7.0.8.14 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-18544 ImageMagick6<6.9.10.14 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-18544 teeworlds<0.6.5 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18541 libmspack<0.8alpha out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-18584 libmspack<0.8alpha unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-18585 libmspack<0.8alpha directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-18586 ansible<2.6.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16837 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18605 binutils<2.32 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-18606 binutils<2.32 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-18607 amanda-client<3.3.9 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2016-10729 amanda-client<3.3.9 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2016-10730 prayer-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-18655 mupdf<1.15.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-18662 tiff<4.0.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-18661 openssl>=1.1.0<1.1.0j timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-0735 py{27,34,35,36,37,38}-flask<0.12.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000656 gthumb-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2018-18718 gettext-tools<0.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18751 mini_httpd<1.30 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2018-18778 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18700 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18701 openssl<1.0.2q timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-0734 openssl>=1.1.0<1.1.0j timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-0734 firefox<63.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/ ruby{22,23,24,25}-loofah<2.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-16468 curl<7.62.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16839 curl<7.62.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-16840 curl<7.62.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16842 php{56,70,71,72}-nextcloud<12.0.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16463 php{56,70,71,72}-nextcloud>=13<13.0.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16463 php{56,70,71,72}-nextcloud<14.0.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16464 php{56,70,71,72}-nextcloud<14.0.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-16465 php{56,70,71,72}-nextcloud<12.0.11 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-16466 php{56,70,71,72}-nextcloud>=13<13.0.6 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-16466 php{56,70,71,72}-nextcloud<14.0.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16467 mantis>=2.1.0<2.17.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-17782 mantis>=2.1.0<2.17.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-17783 redis<6.0.6nb1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-2121 glusterfs<4.1.6 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2018-14651 glusterfs<4.1.6 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14652 glusterfs<4.1.6 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2018-14653 glusterfs<4.1.6 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2018-14654 glusterfs<4.1.6 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14659 glusterfs<4.1.6 format-string https://nvd.nist.gov/vuln/detail/CVE-2018-14661 jasper<2.0.19 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-18873 samba<4.3.13 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-2125 libexif<0.6.22 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-6328 xenkernel411<4.11.0nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18883 icecast<2.4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-18820 samba>=4.0.0<4.3.13 remote-privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2016-2123 powerdns<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-2120 glusterfs<4.1.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14660 SDL2_image<2.0.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-3977 qemu<3.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16847 qemu<4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18849 poppler<0.73.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-18897 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18915 icu<63.1nb2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-18928 ruby23-base<2.3.8 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-16395 ruby24-base<2.4.5 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-16395 ruby25-base<2.5.2 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-16395 ruby23-base<2.3.8 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2018-16396 ruby24-base<2.4.5 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2018-16396 ruby25-base<2.5.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2018-16396 ruby{23,24,25}-rack>=2.0.4<2.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16470 ruby{23,24,25}-rack16<1.6.11 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-16471 ruby{23,24,25}-rack<2.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-16471 php{56,70,71,72}-basercms<4.1.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-18942 php{56,70,71,72}-basercms<4.1.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-18943 ruby{23,24,25}-i18n<0.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-10077 nginx<1.14.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16843 nginx>=1.15<1.15.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16843 nginx<1.14.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16844 nginx>=1.15<1.15.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16844 powerdns<4.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10851 powerdns>=4.1.0<4.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10851 pdns-recursor<4.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10851 pdns-recursor>=4.1.0<4.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10851 powerdns>=4.1.0<4.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14626 pdns-recursor<4.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14626 pdns-recursor>=4.1.0<4.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14626 pdns-recursor<4.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14644 pdns-recursor>=4.1.0<4.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14644 lighttpd<1.4.50 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-19052 poppler<0.72.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19058 poppler<0.72.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-19059 poppler<0.72.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19060 librecad-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19105 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19107 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19108 postgresql93-server<9.3.25 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-16850 postgresql94-server<9.4.20 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-16850 postgresql95-server<9.5.15 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-16850 postgresql96-server<9.6.11 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-16850 postgresql10-server<10.6 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-16850 squid-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-19131 squid-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-19132 jasper<2.0.19 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-19139 poppler<0.70.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19149 caddy<0.11.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-19148 poppler<0.70.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19149 thunderbird<60.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-28/ py{27,34,35,36,37,38}-crypto-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages uriparser<0.9.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-19198 uriparser<0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19199 uriparser<0.9.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19200 php{56,70,71,72}-roundcube-plugin-enigma<1.3.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-19205 php{56,70,71,72}-roundcube<1.3.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-19206 libwpd-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19208 tiff<4.0.10nb1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19210 ncurses<6.1nb7 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19211 ncurses<6.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19217 nasm<2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19209 nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19213 nasm<2.14 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19214 nasm<2.14 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19215 nasm<2.13.02 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-19216 libsass-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19218 libsass-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19219 adobe-flash-player<31.0.0.148 information-disclosure https://helpx.adobe.com/security/products/flash-player/apsb18-39.html asterisk>=15.0<15.6.2 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-010.html harfbuzz<1.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-9274 qemu<3.1.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-18954 webkit1-gtk{,3}-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages go-net<20180713 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17075 go-net<20180926 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17142 go-net<20180926 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17143 go-net<20190126 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-17846 go-net<20190126 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17847 go-net<20190126 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17848 py{27,34,35,36,37,38}-notebook<5.7.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-19351 py{27,34,35,36,37,38}-notebook<5.7.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-19352 gnome-keyring-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-19358 xenkernel42-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-275.html xenkernel45-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-275.html xenkernel46-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-275.html xenkernel48<4.8.5 privilege-escalation https://xenbits.xen.org/xsa/advisory-275.html xenkernel411<4.11.0nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-275.html xenkernel411<4.11.0nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-276.html xenkernel411<4.11.0nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-277.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-279.html xenkernel48<4.8.5 denial-of-service https://xenbits.xen.org/xsa/advisory-279.html xenkernel411<4.11.0nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-279.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-280.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-280.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-280.html xenkernel48<4.8.5 denial-of-service https://xenbits.xen.org/xsa/advisory-280.html xenkernel411<4.11.0nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-280.html u-boot<2018.09 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18439 u-boot<2018.09 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18440 php<7.2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19396 webkit-gtk<2.22.4 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2018-0008.html ghostscript-agpl<9.26 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-19409 ghostscript-gpl-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-19409 libsndfile<1.0.28nb3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19432 adobe-flash-player<31.0.0.153 arbitrary-code-execution https://helpx.adobe.com/security/products/flash-player/apsb18-44.html php56-imap<5.6.39 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-19518 php70-imap<7.0.33 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-19518 php71-imap<7.1.25 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-19518 php72-imap<7.2.13 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-19518 py{27,34,35,36,37,38}-tryton>=5.0.0<5.0.1 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2018-19443 openssl<1.0.2q timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-5407 openssl>=1.1.0<1.1.0i timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-5407 ghostscript-agpl<9.26 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-19475 ghostscript-gpl-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-19475 ghostscript-agpl<9.26 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-19476 ghostscript-gpl-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-19476 ghostscript-agpl<9.26 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-19477 ghostscript-gpl-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-19477 git-base<2.19.2 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-19486 gnuplot<5.2.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19490 gnuplot<5.2.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19491 gnuplot<5.2.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19492 faad2<2.9.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19502 faad2<2.9.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19503 faad2<2.9.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19504 qpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18020 tcpdump-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-19519 podofo<0.9.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19532 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19535 jasper<2.0.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19539 jasper<2.0.19 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19540 jasper<2.0.19 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19541 jasper<2.0.17 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19542 jasper<2.0.19 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19543 pdns-recursor>=4.1.0<4.1.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16855 moodle<3.5.3 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-16854 dcraw-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19565 dcraw-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19566 dcraw-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19567 dcraw-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19568 dnsdist<1.3.3 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2018-14663 ruby{23,24,25}-activejob42<4.2.11 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16476 ruby{23,24,25}-activejob51<5.1.6.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16476 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19607 samba>=4.0.0<4.9.3 denial-of-service https://www.samba.org/samba/security/CVE-2018-14629.html samba>=4.3.0<4.9.3 double-free https://www.samba.org/samba/security/CVE-2018-16841.html samba>=4.0.0<4.9.3 denial-of-service https://www.samba.org/samba/security/CVE-2018-16851.html avahi-[0-9]* traffic-amplification https://nvd.nist.gov/vuln/detail/CVE-2018-1000845 nodejs<6.15.0 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2018-12116 nodejs>=8<8.14.0 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2018-12116 nodejs<6.15.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-12120 nodejs<6.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12121 nodejs>=8<8.14.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12121 nodejs>=10<10.14.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12121 nodejs<6.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12122 nodejs>=8<8.14.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12122 nodejs>=10<10.14.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12122 nodejs<6.15.0 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-12123 nodejs>=8<8.14.0 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-12123 nodejs>=10<10.14.0 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-12123 samba>=4.9.0<4.9.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-16852 samba>=4.9.0<4.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16853 samba>=4.9.0<4.9.3 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2018-16857 qemu<4.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19665 dcraw-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19655 wireshark<2.4.11 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-19622 wireshark>=2.6.0<2.6.5 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-19622 wireshark<2.4.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19623 wireshark>=2.6.0<2.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19623 wireshark<2.4.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19624 wireshark>=2.6.0<2.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19624 wireshark<2.4.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19625 wireshark>=2.6.0<2.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19625 wireshark<2.4.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19626 wireshark>=2.6.0<2.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19626 wireshark<2.4.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19627 wireshark>=2.6.0<2.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19627 wireshark>=2.6.0<2.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19628 lighttpd<1.4.20 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2008-4359 lighttpd<1.4.20 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2008-4360 seamonkey<2.4 multiple-vulnerabilities https://www.mozilla.org/security/announce/2011/mfsa2011-41.html seamonkey<2.4 information-disclosure https://www.mozilla.org/security/announce/2011/mfsa2011-45.html libsndfile<1.0.28nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19661 libsndfile<1.0.28nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19662 libjpeg-turbo<2.0.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19664 freerdp<2.0.0rc4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8784 freerdp<2.0.0rc4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8785 freerdp<2.0.0rc4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8786 freerdp<2.0.0rc4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8787 freerdp<2.0.0rc4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-8788 freerdp<2.0.0rc4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-8789 perl<5.28.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-18311 perl<5.28.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-18312 perl<5.26.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-18313 perl<5.26.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-18314 sleuthkit-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19497 nasm<2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19755 libsixel<1.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19756 libsixel<1.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19757 libsixel<1.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19759 libsixel<1.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19761 libsixel<1.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19762 libsixel<1.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19763 confuse<3.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-19760 libsndfile<1.0.28nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19758 mxml-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-19764 mupdf-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-19777 py{27,34,35,36,37,38}-lxml<4.2.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-19787 libsass<3.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19797 libsass<3.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19827 gnutls<3.6.5 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-16868 nettle<3.4.1 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-16869 polkit-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-19788 ruby1{8,9}-puppet<2.7.18 spoofing https://nvd.nist.gov/vuln/detail/CVE-2012-3408 nss<3.40.1 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-12404 libsass<3.5.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19837 libsass<3.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19838 libsass<3.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19839 wavpack<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19840 wavpack<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19841 radare2<3.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19842 radare2<3.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19843 vault<1.0.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-19786 qt5-qtbase<5.11.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-19865 vlc<3.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19857 webkit-gtk<2.22.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19876 mbedtls<2.7.8 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-19608 mupdf<1.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19881 mupdf<1.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19882 faac<1.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19886 faac<1.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19887 faac<1.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19888 faac<1.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19889 faac<1.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19890 faac<1.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19891 adobe-flash-player<32.0.0.101 arbitrary-code-execution https://helpx.adobe.com/security/products/flash-player/apsb18-42.html php{53,54}-owncloud<5.0.6 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2013-2085 py{27,34,35,36,37,38}-httplib2-[0-9]* man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2013-2037 jenkins-lts<2.138.4 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-12-05/ jenkins<2.154 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-12-05/ php-5.5.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php-5.6.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php-7.0.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-282.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-282.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-282.html xenkernel48<4.8.5 denial-of-service https://xenbits.xen.org/xsa/advisory-282.html xenkernel411<4.11.1 denial-of-service https://xenbits.xen.org/xsa/advisory-282.html binutils<2.32 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19931 binutils<2.32 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-19932 php56-imap<5.6.39 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19935 php70-imap<7.0.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19935 php71-imap<7.1.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19935 php72-imap<7.2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19935 libraw<0.18.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5800 libraw<0.18.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5801 libraw<0.18.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5802 libraw<0.18.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5804 libraw<0.18.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5805 libraw<0.18.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5806 libraw<0.18.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5807 libraw<0.18.9 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-5808 libraw<0.18.9 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-5809 libraw<0.18.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5810 libraw<0.18.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5811 libraw<0.18.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5812 consul<1.4.1 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-19653 binutils<2.32 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-20002 mxml-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20004 mxml-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-20005 php{56,70,71,72,73}-phpmyadmin<4.8.4 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2018-19968 php{56,70,71,72,73}-phpmyadmin<4.8.4 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-19969 php{56,70,71,72,73}-phpmyadmin<4.8.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-19970 py{27,34,35,36,37,38}-urllib3<1.2.3 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2018-20060 firefox<64.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/ firefox60<60.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-30/ exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20096 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20097 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20098 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20099 haproxy<1.8.15 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-20102 haproxy<1.8.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20103 inetutils-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2005-0469 grafana<4.6.5 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2018-19039 qemu<3.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-19364 qemu<3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19489 webkit-gtk<2.22.5 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2018-0009.html qemu<4.0 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2018-16872 go<1.10.6 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-16873 go>=1.11<1.11.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-16873 go<1.10.6 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-16874 go>=1.11<1.11.3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-16874 go<1.10.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16875 go>=1.11<1.11.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16875 wordpress<5.0.1 arbitrary-file-deletion https://nvd.nist.gov/vuln/detail/CVE-2018-20147 wordpress<5.0.1 php-object-injection https://nvd.nist.gov/vuln/detail/CVE-2018-20148 wordpress<5.0.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-20149 wordpress<5.0.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-20150 wordpress<5.0.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20151 wordpress<5.0.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-20152 wordpress<5.0.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-20153 sqlite3<3.25.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-20346 couchdb<2.3.0 remote-privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-17188 nagios-base<4.4.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-18245 icinga-base>=2<2.6.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-18246 icinga-base>=2<2.6.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-18247 icinga-base>=2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-18248 icinga-base>=2<2.6.2 code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-18249 icinga-base>=2<2.6.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-18250 yara-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-19974 yara-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-19975 yara-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-19976 qemu<4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20123 GraphicsMagick<1.3.32 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20184 GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20185 GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20189 libsass<3.6.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20190 libraw<0.19.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5817 libraw<0.19.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5818 libraw<0.19.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5819 libexif<0.6.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20030 faad2<2.8.8nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20194 faad2<2.9.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20195 faad2<2.9.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20196 faad2<2.8.8nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20197 faad2<2.8.8nb1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20198 faad2<2.9.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20199 ruby{193,200,21,22,23,24,25}-sprockets>=2.2<2.2.3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2014-7819 ruby{193,200,21}-sprockets>=2.8<2.8.3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2014-7819 libVNCServer<0.9.12 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-6307 libVNCServer<0.9.12 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-15126 libVNCServer<0.9.12 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-15127 libVNCServer<0.9.12 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-20019 libVNCServer<0.9.12 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-20020 libVNCServer<0.9.12 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20021 libVNCServer<0.9.12 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20022 libVNCServer<0.9.12 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20023 libVNCServer<0.9.12 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20024 netatalk22<3.1.12 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1160 netatalk30<3.1.12 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1160 netatalk3<3.1.12 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1160 grafana<5.3.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1000816 freecol-[0-9]* xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2018-1000825 zoneminder<1.32.3 php-object-injection https://nvd.nist.gov/vuln/detail/CVE-2018-1000832 zoneminder<1.32.3 php-object-injection https://nvd.nist.gov/vuln/detail/CVE-2018-1000833 freerdp-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-1000852 gnupg2<2.2.12 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-1000858 binutils<2.32 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000876 libarchive>=3.1.0<3.4.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2018-1000877 libarchive>=3.1.0<3.4.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-1000878 libarchive>=3.3.0<3.4.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-1000879 libarchive>=3.2.0<3.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000880 mbedtls1-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages nasm-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000886 knc<1.11.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9732 elasticsearch>=6.4.0<6.4.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-17244 elasticsearch>=6.5.0<6.5.2 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2018-17247 ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-19134 ghostscript-agpl<9.26 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-19134 qemu<4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-20124 qemu<4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20125 qemu<4.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-20126 qemu<4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20191 qemu<4.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-20216 libjpeg-turbo<2.0.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20330 libraw<0.20.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20337 faad2<2.8.8nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20357 faad2<2.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20358 faad2<2.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20359 faad2<2.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20360 faad2<2.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20361 faad2<2.8.8nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20362 libraw<0.19.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20363 libraw<0.19.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20364 libraw<0.19.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20365 xchat-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python36<3.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20406 python37<3.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20406 ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20425 ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20426 ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20427 ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20428 ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20429 libextractor<1.9 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-20430 libextractor<1.9 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20431 radare2<3.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20455 radare2<3.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20456 radare2<3.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20457 radare2<3.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20458 radare2<3.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20459 radare2<3.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20460 radare2<3.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20461 ImageMagick<7.0.8.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20467 poppler<0.73.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20481 gtar-base<1.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20482 wget<1.20.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20483 mit-krb5<1.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20217 qt5-qtbase<5.11.3 double-free https://nvd.nist.gov/vuln/detail/CVE-2018-15518 qt5-qtbase<5.11.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19870 qt5-qtbase<5.11.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19873 qt5-qtimageformats<5.11.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19871 qt5-qtsvg<5.11.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19869 wireshark<2.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12086 wireshark>=2.6.0<2.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12086 py{27,34,35,36,37,38}-mezzanine-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-16632 nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20535 nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20538 libcaca-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2018-20544 libcaca-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20545 libcaca-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-20546 libcaca-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-20547 libcaca-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20548 libcaca-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20549 tcpreplay<4.3.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20552 tcpreplay<4.3.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20553 poppler<0.73.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20551 jasper<2.0.19 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20570 yaml-cpp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20573 yaml-cpp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20574 #jasper-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20584 Disputed, see https://github.com/jasper-maint/jasper/issues/19 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20591 mxml-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20592 mxml-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20593 netbeans-ide<10.0 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17191 jasper<2.0.19 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-20622 binutils<2.32 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-20623 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20651 binutils-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-20657 poppler<0.73.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20650 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19478 ghostscript-agpl<9.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19478 aria2<1.35.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-3500 libsixel<1.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-3573 libsixel<1.8.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3574 ming-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3572 ansible<2.6.11 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16876 pspp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20230 poppler<0.73.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20662 py{27,34,35,36,37,38}-django<1.11.18 frame-content-spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-3498 py{34,35,36,37,38}-django>=2.0<2.0.10 frame-content-spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-3498 py{34,35,36,37,38}-django>=2.1<2.1.5 frame-content-spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-3498 py27-django-1.4.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages py{27,34,35,36}-django-1.8.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages uriparser<0.9.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-20721 rdesktop<1.8.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8791 rdesktop<1.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8792 rdesktop<1.8.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-8793 rdesktop<1.8.4 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2018-8794 rdesktop<1.8.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-8795 rdesktop<1.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8796 rdesktop<1.8.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-8797 rdesktop<1.8.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8798 rdesktop<1.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8799 rdesktop<1.8.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-8800 rdesktop<1.8.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20174 rdesktop<1.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20175 rdesktop<1.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20176 rdesktop<1.8.4 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2018-20177 rdesktop<1.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20178 rdesktop<1.8.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-20179 rdesktop<1.8.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-20180 rdesktop<1.8.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-20181 rdesktop<1.8.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-20182 binutils<2.32 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20671 binutils-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20673 qemu<3.1.0 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-16867 wireshark>=2.6.0<2.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5716 wireshark<2.4.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5717 wireshark>=2.6.0<2.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5717 wireshark<2.4.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5718 wireshark>=2.6.0<2.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5718 wireshark<2.4.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5719 wireshark>=2.6.0<2.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5719 wireshark<2.4.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5721 mate-screensaver<1.20.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20681 gitolite<3.6.11 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-20683 irssi<1.1.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-5882 tiff<4.0.10nb1 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-6128 mupdf<1.14.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6130 mupdf<1.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6131 openssh<8.0 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-20685 openssh<8.0 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-6109 openssh<8.0 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-6110 openssh<8.0 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-6111 polkit-[0-9]* authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-6133 zeromq>=4.2.0<4.3.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-6250 binutils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20712 yaml-cpp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6285 yaml-cpp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6292 libsass<3.6.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-6283 libsass<3.6.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-6284 libsass<3.6.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-6286 nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6290 nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6291 flex-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6293 php{56,70,71,72}-drupal>=8<8.3.7 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2017-004 php{56,70,71,72}-tiki6<17.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-20719 mysql-server>=5.6<5.6.43 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixMSQL mysql-server>=5.7<5.7.25 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixMSQL mariadb-server>=5.5<5.5.63 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixMSQL oracle-{jdk,jre}8<8.0.202 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixJAVA openjdk8<1.8.202 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixJAVA bind>=9.9<9.9.9pl8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3138 bind>=9.10<9.10.4pl8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3138 bind>=9.11<9.11.0pl5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3138 bind>=9.12<9.12.1pl1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5736 bind>=9.12<9.12.1pl2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5737 bind>=9.9<9.9.13pl1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5740 bind>=9.10<9.10.8pl1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5740 bind>=9.11<9.11.4pl1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5740 bind>=9.12<9.12.2pl1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5740 bind>=9.11<9.11.5 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2018-5741 bind>=9.12<9.12.3 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2018-5741 cacti<1.2.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-20723 cacti<1.2.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-20724 cacti<1.2.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-20725 cacti<1.2.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-20726 cairo<1.18.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6461 cairo<1.16.0nb8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6462 py{27,34,35,36,37,38}-numpy-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-6446 php{56,70,71,72}-drupal>=7<7.62 unspecified https://www.drupal.org/SA-CORE-2019-001 php{56,70,71,72}-drupal>=8<8.6.6 unspecified https://www.drupal.org/SA-CORE-2019-001 php{56,70,71,72}-drupal>=7<7.62 arbitrary-code-execution https://www.drupal.org/SA-CORE-2019-002 php{56,70,71,72}-drupal>=8<8.6.6 arbitrary-code-execution https://www.drupal.org/SA-CORE-2019-002 jenkins-lts<2.150.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-01-16/ jenkins<2.160 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-01-16/ mysql-client>=5.5<5.5.62nb1 information-disclosure https://gwillem.gitlab.io/2019/01/20/sites-hacked-via-mysql-protocal-flaw/ mysql-client>=5.6<5.6.42nb1 information-disclosure https://gwillem.gitlab.io/2019/01/20/sites-hacked-via-mysql-protocal-flaw/ mysql-client>=5.7<5.7.24nb2 information-disclosure https://gwillem.gitlab.io/2019/01/20/sites-hacked-via-mysql-protocal-flaw/ pdns-recursor>=4.1.0<4.1.9 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-3806 pdns-recursor>=4.1.0<4.1.9 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-3807 firefox<68.0 information-disclosure https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-041.txt cliqz<1.28.0 information-disclosure https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-041.txt firefox60-[0-9]* information-disclosure https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-041.txt tor-browser<9.0 information-disclosure https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-041.txt apache>=2.4.17<2.4.38 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17189 apache>=2.4.37<2.4.38 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-0190 apache>=2.4.0<2.4.38 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-17199 opensc<0.20.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-6502 ap{22,24}-subversion<1.10.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-11803 lua53<5.3.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-6706 go110<1.10.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-6486 go111<1.11.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-6486 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-6777 postgresql{10,94,95,96}-postgis2<2.3.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18359 mumble<1.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20743 faad2<2.9.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-6956 php{56,70,71,72,73}-phpmyadmin<4.8.5 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-6798 php{56,70,71,72,73}-phpmyadmin<4.8.5 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2019-6799 gd<2.3.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-6977 php56-gd<5.6.40 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-6977 php71-gd<7.1.26 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-6977 php72-gd<7.2.14 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-6977 php73-gd<7.3.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-6977 ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-6116 ghostscript-agpl<9.27 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-6116 py27-gnupg<0.4.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2019-6690 gd<2.3.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-6978 openjpeg<2.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6988 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-6990 zoneminder-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-6991 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-6992 firefox<65.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-01/ firefox60<60.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-02/ nasm-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-7147 thunderbird<60.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-31/ thunderbird<60.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-03/ libvncserver<0.9.12 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20748 libvncserver<0.9.12 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20749 libvncserver-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20750 rssh-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-1000018 rssh-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages npm<6.2.0 code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-16487 npm<6.4.1 code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-16492 poppler<0.74.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7310 php{56,70,71,72}-pear<1.10.7nb1 arbitrary-file-deletion https://nvd.nist.gov/vuln/detail/CVE-2018-1000888 py{27,34,35,36,37,38}-buildbot<1.8.1 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-7313 libreoffice<6.1.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-16858 rssh-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-3463 rssh-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-3464 podofo<0.9.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20751 agg-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6245 agg-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-6247 png<1.6.37 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-7317 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7325 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7326 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7327 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7328 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7329 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7330 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7331 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7332 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7333 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7334 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7335 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7336 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7337 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7338 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7339 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7340 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7341 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7342 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7343 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7344 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7345 zoneminder-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-7346 zoneminder-[0-9]* improper-session-handling https://nvd.nist.gov/vuln/detail/CVE-2019-7347 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7348 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7349 zoneminder-[0-9]* session-fixation https://nvd.nist.gov/vuln/detail/CVE-2019-7350 zoneminder-[0-9]* log-injection https://nvd.nist.gov/vuln/detail/CVE-2019-7351 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7352 cvsweb<3.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1000998 rebar3>3.7<3.8.0 oracle-attack https://nvd.nist.gov/vuln/detail/CVE-2019-1000014 ffmpeg4<4.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1000016 libarchive>=3.0.2<3.4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-1000019 libarchive>=2.8.0<3.4.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-1000020 ImageMagick6<6.9.10.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7395 ImageMagick<7.0.8.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7395 ImageMagick6<6.9.10.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7396 ImageMagick<7.0.8.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7396 ImageMagick6<6.9.10.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7397 ImageMagick<7.0.8.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7397 ImageMagick6<6.9.10.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7398 ImageMagick<7.0.8.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7398 dovecot<2.3.4.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-3814 curl>=7.36.0<7.64.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-16890 gnurl<7.64.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-16890 curl>=7.36.0<7.64.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-3822 gnurl<7.64.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-3822 curl>=7.34.0<7.64.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3823 gnurl<7.64.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3823 gdm<3.31.4 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-3825 cgiirc<0.5.12 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8920 gpac<0.8.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20760 gpac<0.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20761 gpac<0.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20762 gpac<0.8.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20763 py{27,34,35,36,37,38}-sqlalchemy<1.3.0b3 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-7548 ming-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-7581 ming-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-7582 SDL<1.2.15nb27 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7572 SDL2<2.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7572 SDL<1.2.15nb27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7573 SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7573 SDL<1.2.15nb27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7574 SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7574 SDL<1.2.15nb27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7575 SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7575 SDL<1.2.15nb27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7576 SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7576 SDL<1.2.15nb27 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7577 SDL2<2.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7577 SDL<1.2.15nb27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7578 SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7578 ghostscript-gpl-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages guacamole-server<1.0.0 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2018-1340 SDL<1.2.15nb27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7635 SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7635 SDL<1.2.15nb27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7636 SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7636 SDL<1.2.15nb27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7637 SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7637 SDL<1.2.15nb27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7638 SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7638 tiff<4.0.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-7663 gsoap>=2.7<2.8.75 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-7659 webkit-gtk<2.22.6 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2019-0001.html py{27,34,35,36,37,38}-django<1.11.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6975 py{34,35,36,37,38}-django>=2.0<2.0.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6975 py{34,35,36,37,38}-django>=2.1<2.1.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6975 thunderbird-enigmail<2.0.6 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-15586 seamonkey-enigmail<2.0.6 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-15586 evolution<3.31.2 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-15587 bitcoin>=0.12.0<0.17.1 incorrect-access-controls https://nvd.nist.gov/vuln/detail/CVE-2018-20587 adobe-flash-player<32.0.0.142 information-disclosure https://helpx.adobe.com/security/products/flash-player/apsb19-06.html gnome-keyring<3.27.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20781 firefox<65.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-04/ firefox60<60.5.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/ msmtp>=1.8.2<1.8.3 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-8337 thunderbird<60.5.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-06/ nasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-8343 sox-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-8354 sox-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-8355 sox-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-8356 sox-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-8357 hiawatha<10.8.4 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-8358 tcpreplay<4.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8376 tcpreplay<4.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8377 tcpreplay<4.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8381 advancecomp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8379 advancecomp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8383 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8396 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-8397 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-8398 zabbix<3.4.4rc1 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2016-10742 zoneminder-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8423 zoneminder-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8424 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-8425 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-8426 zoneminder-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8427 zoneminder-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8428 zoneminder-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8429 file<5.36 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-8904 file<5.36 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-8905 file<5.36 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-8906 file<5.36 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8907 qemu<4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3812 ansible<2.6.14 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-3828 liblive<20181017 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-4013 liblive<20181126 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6256 wordpress<5.0.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-8942 wordpress-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-8943 py{27,34,35,36,37,38}-sqlalchemy<1.3.0b3 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-7164 php{56,70,71,72,73}-drupal>=8<8.6.10 remote-code-execution https://www.drupal.org/SA-CORE-2019-003 php<5.6.39 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20783 php>=7.0<7.0.33 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20783 php>=7.1<7.1.25 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20783 php>=7.2<7.2.13 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20783 tor<0.3.5.8 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8955 bind>=9.11<9.11.5pl4 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-5744 bind>=9.11<9.11.5pl4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5745 bind>=9.11<9.11.5pl4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-6465 bind>=9.12<9.12.3pl4 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-5744 bind>=9.12<9.12.3pl4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5745 bind>=9.12<9.12.3pl4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-6465 php56-xmlrpc<5.6.40 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9020 php71-xmlrpc<7.1.26 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9020 php72-xmlrpc<7.2.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9020 php73-xmlrpc<7.3.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9020 php>=5.6<5.6.40 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9021 php>=7.1<7.1.26 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9021 php>=7.2<7.2.14 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9021 php>=7.3<7.3.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9021 php>=7.1<7.1.26 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9022 php>=7.2<7.2.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9022 php>=7.3<7.3.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9022 php56-mbstring<5.6.40 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9023 php71-mbstring<7.1.26 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9023 php72-mbstring<7.2.14 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9023 php73-mbstring<7.3.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9023 php56-xmlrpc<5.6.40 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9024 php71-xmlrpc<7.1.26 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9024 php72-xmlrpc<7.2.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9024 php73-xmlrpc<7.3.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9024 php73-mbstring<7.3.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-9025 matio-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9026 matio-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9027 matio-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9028 matio-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9029 matio-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9030 matio-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-9031 matio-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-9032 matio-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9033 matio-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9034 matio-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9035 matio-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9036 matio-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9037 matio-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9038 binutils-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9070 binutils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9071 binutils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9072 binutils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9073 binutils-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9074 binutils-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9075 binutils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9076 binutils-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9077 vim<8.1.0633 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20786 webkit-gtk<2.24.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-8375 ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-9113 ming-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-9114 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9143 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9144 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9151 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9152 openssl<1.0.2r oracle-attack https://nvd.nist.gov/vuln/detail/CVE-2019-1559 podofo<0.9.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-9199 poppler<0.75.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9200 podofo-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20797 advancecomp-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9210 pspp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9211 wireshark<2.4.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9208 wireshark>=2.6<2.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9208 wireshark<2.4.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9209 wireshark>=2.6<2.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9209 wireshark<2.4.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9214 wireshark>=2.6<2.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9214 liblive<20190227 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9215 ikiwiki<3.20190228 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-9187 asterisk>=15.0<15.7.2 denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-001.html asterisk>=16.0<16.2.1 denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-001.html nodejs<6.17.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5737 nodejs>=8<8.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5737 nodejs>=10<10.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5737 nodejs<6.17.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5739 poppler-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9543 poppler-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9545 python27<2.7.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-1752 python27<2.7.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5010 python34<3.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5010 python35<3.5.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5010 python36<3.6.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5010 python37<3.7.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5010 consul>=1.4<1.4.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-8336 openssl>=1.1.0<1.1.0k security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-1543 openssl>=1.1.1<1.1.1c security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-1543 samba>=4.1<4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-3824 webmin-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-9624 xpdf<5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9587 xpdf<5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9588 xpdf<4.1.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-9589 xenkernel45-[0-9]* memory-leak https://xenbits.xen.org/xsa/advisory-284.html xenkernel46-[0-9]* memory-leak https://xenbits.xen.org/xsa/advisory-284.html xenkernel48-[0-9]* memory-leak https://xenbits.xen.org/xsa/advisory-284.html xenkernel411<4.11.1nb1 memory-leak https://xenbits.xen.org/xsa/advisory-284.html xenkernel45-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-285.html xenkernel46-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-285.html xenkernel48-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-285.html xenkernel411<4.11.1nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-285.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-287.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-287.html xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-287.html xenkernel411<4.11.1nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-287.html xenkernel45-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-288.html xenkernel46-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-288.html xenkernel48-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-288.html xenkernel411<4.11.1nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-288.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-290.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-290.html xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-290.html xenkernel411<4.11.1nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-290.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-291.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-291.html xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-291.html xenkernel411<4.11.1nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-291.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-292.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-292.html xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-292.html xenkernel411<4.11.1nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-292.html xenkernel45-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-293.html xenkernel46-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-293.html xenkernel48-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-293.html xenkernel411<4.11.1nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-293.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-294.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-294.html xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-294.html xenkernel411<4.11.1nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-294.html xenkernel45-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel46-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools45-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools46-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages trafficserver<7.1.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-11783 gdk-pixbuf2<2.38.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12447 libjpeg-turbo<2.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14498 binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14038 go-dns<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17419 ImageMagick6<6.9.10.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7175 ImageMagick<7.0.8.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7175 poppler<0.76.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9631 botan>=1.11.20<2.8.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-20187 glib2<2.59.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9633 python27<2.7.16 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-9636 python34<3.4.10 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-9636 python35<3.5.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-9636 python36<3.6.9 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-9636 python37<3.7.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-9636 php>=7.1<7.1.27 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2019-9637 php>=7.2<7.2.16 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2019-9637 php>=7.3<7.3.3 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2019-9637 php71-exif<7.1.27 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-9638 php72-exif<7.2.16 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-9638 php73-exif<7.3.3 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-9638 php71-exif<7.1.27 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-9639 php72-exif<7.2.16 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-9639 php73-exif<7.3.3 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-9639 php71-exif<7.1.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9640 php72-exif<7.2.16 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9640 php73-exif<7.3.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9640 php71-exif<7.1.27 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-9641 php72-exif<7.2.16 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-9641 php73-exif<7.3.3 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-9641 ntp<4.2.8p13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8936 libofx-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-9656 podofo<0.9.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9687 vixie-cron-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9704 vixie-cron-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9705 vixie-cron-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9706 ruby24-base<2.4.5nb1 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2019-8320 ruby25-base<2.5.3nb2 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2019-8320 ruby26-base<2.6.1nb1 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2019-8320 ruby24-base<2.4.5nb1 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8321 ruby25-base<2.5.3nb2 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8321 ruby26-base<2.6.1nb1 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8321 ruby24-base<2.4.5nb1 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8322 ruby25-base<2.5.3nb2 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8322 ruby26-base<2.6.1nb1 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8322 ruby24-base<2.4.5nb1 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8323 ruby25-base<2.5.3nb2 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8323 ruby26-base<2.6.1nb1 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8323 ruby24-base<2.4.5nb1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-8324 ruby25-base<2.5.3nb2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-8324 ruby26-base<2.6.1nb1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-8324 ruby24-base<2.4.5nb1 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8325 ruby25-base<2.5.3nb2 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8325 ruby26-base<2.6.1nb1 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8325 py{27,34,35,36,37}-notebook<5.7.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-9644 ffmpeg3<3.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9718 ffmpeg3<3.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9721 ffmpeg4<4.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9718 ffmpeg4<4.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9721 xmltooling<3.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9628 python27<2.7.17 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9740 python34-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9740 python35-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9740 python36<3.6.9 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9740 python37<3.7.4 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9740 go111-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9741 gpsd>=2.90<3.18 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-17937 wordpress<5.1.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-9787 liblive<20190203 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-7314 qemu<4.0 information-leak https://nvd.nist.gov/vuln/detail/CVE-2019-9824 ruby{22,23,24,25,26}-actionpack42<4.2.11.1 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2019-5418 ruby{22,23,24,25,26}-actionpack51<5.1.6.2 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2019-5418 ruby{22,23,24,25,26}-actionpack52<5.2.2.1 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2019-5418 ruby{22,23,24,25,26}-actionpack42<4.2.11.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5419 ruby{22,23,24,25,26}-actionpack51<5.1.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5419 ruby{22,23,24,25,26}-actionpack52<5.2.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5419 libssh2<1.8.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-3855 libssh2<1.8.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-3856 libssh2<1.8.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-3857 libssh2<1.8.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3858 libssh2<1.8.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3859 libssh2<1.8.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3860 libssh2<1.8.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3861 libssh2<1.8.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3862 libssh2<1.8.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-3863 firefox<66.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/ firefox60<60.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-08/ php{56,70,71,72,73}-drupal>=7<7.65 cross-site-scripting https://www.drupal.org/SA-CORE-2019-004 php{56,70,71,72,73}-drupal>=8<8.6.13 cross-site-scripting https://www.drupal.org/SA-CORE-2019-004 ghostscript-gpl-[0-9]* arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-3835 ghostscript-agpl<9.27 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-3835 ghostscript-gpl-[0-9]* arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-3838 ghostscript-agpl<9.27 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-3838 dropbear<2013.59 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-2659 p5-Email-Address-List<0.06 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18898 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-19191 qt5-qtbase-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19872 haproxy<1.8.17 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-20615 libsndfile<1.0.28nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-3832 qemu<4.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-6501 qemu<4.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-6778 qemu<4.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-8934 moodle>=3.5<3.5.4 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-6970 xpdf<4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9877 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9878 putty<0.71 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-9894 putty<0.71 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9895 putty<0.71 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9897 putty<0.71 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2019-9898 poppler<0.75.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9903 graphviz-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9904 powerdns<4.0.7 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-3871 powerdns>=4.1.0<4.1.7 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-3871 fuse-ntfs-3g-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-9755 gtar-base<1.32 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-9923 bash<4.4 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9924 sqlite3<3.28.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9936 sqlite3<3.28.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-9937 firefox<66.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-09/ firefox60<60.6.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-10/ python27<2.7.17 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9947 python34-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9947 python35-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9947 python36-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9947 python37<3.7.4 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9947 python27<2.7.17 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9948 python34-[0-9]* restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9948 python35-[0-9]* restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9948 python36<3.6.9 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9948 python37<3.7.4 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9948 ImageMagick6<6.9.10.35 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9956 ImageMagick<7.0.8.35 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9956 gitea<1.16.0 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-15192 ap24-auth-mellon<0.14.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-3877 ap24-auth-mellon<0.14.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-3878 xpdf-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10018 xpdf-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10019 xpdf<4.2 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10020 xpdf-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10021 xpdf-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-10022 xpdf-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10023 xpdf<4.2 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10024 xpdf<4.2 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10025 xpdf-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10026 moodle<3.6.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-3808 moodle<3.1.16 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-3809 moodle<3.6.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-3810 gvfs<1.39.4 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-3827 elasticsearch<6.6.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-7611 thunderbird<60.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-11/ thunderbird<60.6.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-12/ prometheus<2.7.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-3826 moodle<3.6.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-3848 moodle<3.6.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-3849 moodle<3.6.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-3850 moodle<3.6.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-3851 moodle<3.6.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-3852 consul<1.4.4 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9764 qemu<4.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20815 gnutls>=3.5.8<3.6.7 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-3829 gnutls>=3.6.4<3.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-3836 glpi<9.4.1.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10231 glpi<9.4.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-10232 glpi<9.4.1.1 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2019-10233 libvirt<5.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-3840 moodle<3.6.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-3847 znc<1.7.3rc1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9917 jetty<9.4.12.20180830 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12545 jetty-7.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages dovecot<2.3.5.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7524 py{27,34,35,36,37,38}-notebook<5.7.8 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-10255 ImageMagick6<6.9.10.36 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-10649 ImageMagick<7.0.8.36 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-10649 ImageMagick6<6.9.10.36 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10650 ImageMagick<7.0.8.36 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10650 lzo-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10654 bwa-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10269 apache>=2.4.17<2.4.39 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-0196 apache>=2.4.34<2.4.39 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-0197 apache>=2.4.17<2.4.39 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-0211 apache>=2.4.27<2.4.39 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-0215 apache>=2.4<2.4.39 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-0217 apache>=2.4<2.4.39 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-0220 ImageMagick6<6.9.10.34 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-10714 ImageMagick<7.0.8.34 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-10714 sqlite3<3.25.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20505 sqlite3<3.25.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-20506 cups<2.2.10 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2018-4300 podofo<0.9.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10723 py{27,34,35,36,37,38}-notebook<5.7.8 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-10856 libvirt>=4.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-3886 py27-trytond<4.2.21 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10868 poppler<0.81.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10871 poppler<0.77.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10872 poppler<0.76.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-10873 teeworlds<0.7.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10877 teeworlds<0.7.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-10878 teeworlds<0.7.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10879 roundup-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-10904 py{27,34,35,36,37,38}-jinja2<2.8.1 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2016-10745 py{27,34,35,36,37,38}-jinja2<2.10.1 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-10906 php{56,70,71,72,73}-roundcube-plugin-enigma-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10740 claws-mail-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10735 trojita-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10734 wireshark<2.4.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10894 wireshark>=2.6<2.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10894 wireshark>=3.0<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10894 wireshark<2.4.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10895 wireshark>=2.6<2.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10895 wireshark>=3.0<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10895 wireshark<2.4.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10896 wireshark>=2.6<2.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10896 wireshark>=3.0<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10896 wireshark>=3.0<3.0.1 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-10897 wireshark>=3.0<3.0.1 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-10898 wireshark<2.4.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10899 wireshark>=2.6<2.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10899 wireshark>=3.0<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10899 wireshark<2.4.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10899 wireshark>=2.6<2.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10899 wireshark>=3.0<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10899 wireshark>=3.0<3.0.1 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-10900 wireshark<2.4.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10901 wireshark>=2.6<2.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10901 wireshark>=3.0<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10901 wireshark>=3.0<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10902 wireshark<2.4.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10903 wireshark>=2.6<2.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10903 wireshark>=3.0<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10903 GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11005 GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11006 GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11007 GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11008 GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11009 GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11010 clamav>=0.101<0.101.2 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1785 clamav>=0.101<0.101.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-1786 clamav<0.100.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-1787 clamav>=0.101<0.101.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-1787 clamav<0.100.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-1788 clamav>=0.101<0.101.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-1788 clamav<0.100.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-1789 clamav>=0.101<0.101.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-1789 clamav>=0.101<0.101.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-1798 graphviz-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-11023 libsixel<1.8.4 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-11024 cacti<1.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-11025 poppler<0.76.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-11026 wget<1.20.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5953 samba>=4.9<4.10.2 information-disclosure https://www.samba.org/samba/security/CVE-2019-3870.html samba>=3.2.0<4.10.2 symlink-attack https://www.samba.org/samba/security/CVE-2019-3880.html php{56,70,71,72,73}-contao35<3.5.39 improper-session-handling https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10641 ruby22-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby23-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages adobe-flash-player<32.0.0.171 information-disclosure https://helpx.adobe.com/security/products/flash-player/apsb19-19.html jenkins-lts<2.164.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-04-10/ jenkins<2.172 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-04-10/ gradle>=1.4<5.4 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2019-11065 wpa_supplicant<2.8 side-channel https://nvd.nist.gov/vuln/detail/CVE-2019-9494 wpa_supplicant<2.8 side-channel https://nvd.nist.gov/vuln/detail/CVE-2019-9495 wpa_supplicant<2.8 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-9496 wpa_supplicant<2.8 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-9497 wpa_supplicant<2.8 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-9498 wpa_supplicant<2.8 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-9499 apache-tomcat>=8.5.0<8.5.38 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-0199 apache-tomcat>=9.0.0<9.0.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-0199 webkit-gtk<2.24.1 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2019-0002.html libxslt<1.1.34 bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2019-11068 lighttpd<1.4.54 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11072 magento<1.9.4.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-7139 gpac<0.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11221 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11222 gitea<1.8.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-11228 gitea<1.8.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-11229 py{27,34,35,36,37,38}-urllib3<1.25 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-11236 png<1.6.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14048 png<1.6.37 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14550 dovecot<2.3.5.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10691 php{56,70,71,72,73}-contao35<3.5.37 incorrect-access-controls https://nvd.nist.gov/vuln/detail/CVE-2018-20028 wpa_supplicant<2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11555 libvirt<1.3.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-10746 php71-exif<7.1.28 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11034 php72-exif<7.2.17 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11034 php73-exif<7.3.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11034 php71-exif<7.1.28 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11035 php72-exif<7.2.17 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11035 php73-exif<7.3.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11035 py{27,34,35,36,37,38}-urllib3<1.24.2 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-11324 ffmpeg2<2.8.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11338 ffmpeg3<3.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11338 ffmpeg4<4.1.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11338 ffmpeg4<4.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11339 teamspeak-client<3.2.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-11351 qemu<4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5008 libmediainfo<20.03 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-11372 libmediainfo<20.03 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-11373 php{56,70,71,72,73}-drupal>=8<8.6.15 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2019-005 php{56,70,71,72,73}-drupal>=7<7.66 cross-site-scripting https://www.drupal.org/SA-CORE-2019-006 php{56,70,71,72,73}-drupal>=8<8.6.15 cross-site-scripting https://www.drupal.org/SA-CORE-2019-006 ekiga<3.3.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2011-1830 freeradius<3.0.19 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-11234 freeradius<3.0.19 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-11235 bwa-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11371 py27-mercurial<4.9 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-3902 jetty<9.2.27 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-10241 jetty<9.2.27.20190418 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10247 evince-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11459 gnome-desktop<3.30.2.2 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-11460 nautilus<3.30.6 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-11461 lepton-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20819 lepton-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20820 libsass<3.6.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20821 libsass<3.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20822 ImageMagick<7.0.8.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11470 ImageMagick6<6.9.10.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11470 ImageMagick<7.0.8.41 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-11472 ImageMagick<6.9.10.41 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-11472 GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11473 GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11474 mariadb-server>=5.5<5.5.64 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL mysql-server>=5.6<5.6.44 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL mysql-server>=5.7<5.7.26 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL mysql-server>=8.0<8.0.16 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL oracle-{jdk,jre}8<8.0.203 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixJAVA openjdk8<1.8.203 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixJAVA wavpack<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11498 gst-plugins1-base<1.16.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9928 GraphicsMagick<1.3.32 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11505 GraphicsMagick<1.3.32 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11506 bind>=9.11<9.11.6pl1 denial-of-service https://kb.isc.org/docs/cve-2018-5743 bind>=9.12<9.12.4pl1 denial-of-service https://kb.isc.org/docs/cve-2018-5743 bind>=9.12<9.12.4pl1 denial-of-service https://kb.isc.org/docs/cve-2019-6467 firefox<58.0.1 arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2018-05/ gitea<1.8.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-11576 dhcpcd<7.2.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11577 dhcpcd<7.2.1 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2019-11578 dhcpcd<7.2.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11579 bind>=9.6<9.11.0 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages nss<3.39 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2018-12384 bugzilla<4.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-5123 ImageMagick<7.0.8.43 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11597 ImageMagick6<6.9.10.42 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11597 ImageMagick<7.0.8.40 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11598 ImageMagick6<6.9.10.40 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11598 memcached<1.5.14 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-11596 filezilla<3.41.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-5429 dovecot<2.3.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11494 dovecot<2.3.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11499 npm<6.2.0 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2018-20834 ImageMagick<7.0.7.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10131 php71-exif<7.1.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11036 php72-exif<7.2.18 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11036 php73-exif<7.3.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11036 u-boot<2019.07 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2019-11690 php{56,70,71,72,73}-imagick<3.4.4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-11037 dhcpcd<7.2.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11766 kauth<5.55 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-7443 mpg123<1.25.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12839 ImageMagick<7.0.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12805 ImageMagick<7.0.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12806 haproxy<1.9.7 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2019-11323 go-crypto<0.0.20190320 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2019-11840 libreoffice<6.2.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-9847 postgresql94-server<9.4.22 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10129 postgresql95-server<9.5.17 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10129 postgresql96-server<9.6.13 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10129 postgresql10-server<10.8 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10129 postgresql11-server<11.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10129 postgresql95-server<9.5.17 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10130 postgresql96-server<9.6.13 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10130 postgresql10-server<10.8 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10130 postgresql11-server<11.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10130 postgresql91-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages postgresql92-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages postgresql93-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages u-boot<2019.07 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11059 sqlite3<3.28.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-5018 ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-3839 ghostscript-agpl<9.27 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-3839 go-crypto<0.0.20190426 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-11841 rust>=1.34<1.34.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-12083 adobe-flash-player<32.0.0.192 arbitrary-code-execution https://helpx.adobe.com/security/products/flash-player/apsb19-26.html xenkernel48-[0-9]* side-channel https://xenbits.xen.org/xsa/advisory-297.html xenkernel411<4.11.2 side-channel https://xenbits.xen.org/xsa/advisory-297.html samba>=4.0<4.10.3 invalid-validation https://www.samba.org/samba/security/CVE-2018-16860.html php{56,70,71,72,73}-drupal>=7<7.67 path-traversal https://www.drupal.org/SA-CORE-2019-007 php{56,70,71,72,73}-drupal>=8<8.6.16 path-traversal https://www.drupal.org/SA-CORE-2019-007 intel-microcode-netbsd<20190618 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-12126 intel-microcode-netbsd<20190618 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-12127 intel-microcode-netbsd<20190618 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-12130 intel-microcode-netbsd<20190618 side-channel https://nvd.nist.gov/vuln/detail/CVE-2019-11091 capstone<4.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2016-7151 heimdal<7.6.0 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2018-16860 heimdal<7.6.0 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2019-12098 miniupnpd-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-12107 miniupnpd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12108 miniupnpd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12109 miniupnpd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12110 miniupnpd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12111 rdesktop<1.8.5 multiple-vulnerabilities https://github.com/rdesktop/rdesktop/releases/tag/v1.8.5 webkit-gtk<2.24.2 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2019-0003.html freeimage-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12211 freeimage-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12212 freeimage-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12213 freeimage-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-12214 SDL2_image<2.0.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12216 SDL2_image<2.0.5 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-12217 SDL2_image<2.0.5 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-12218 SDL2_image<2.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12219 SDL2_image<2.0.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-12220 SDL2_image<2.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12221 SDL2_image<2.0.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-12222 php-[0-9]* security-bypass https://seclists.org/bugtraq/2019/May/52 caff<2.10 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-12222 qemu<4.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12155 thunderbird-enigmail<2.0.11 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-12269 seamonkey-enigmail<2.0.11 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-12269 curl>=7.62.0<7.65.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5435 gnurl>=7.62.0<7.65.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5435 curl>=7.19.4<7.65.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5436 gnurl>=7.19.4<7.65.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5436 firefox<67.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/ cliqz<1.27.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/ firefox60<60.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/ thunderbird<60.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-15/ wordpress-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-6514 gcc48-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12886 gcc49-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12886 gcc5-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12886 gcc6-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12886 gcc7-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12886 gcc8-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12886 gzip<1.3.9 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2003-0367 ghostscript-agpl<9.23 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-15652 ghostscript-gpl-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-15652 zookeeper<3.4.14 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-0201 poppler<0.77.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12293 wireshark<2.4.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12295 wireshark>=2.6<2.6.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12295 wireshark>=3.0<3.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12295 py{27,34,35,36,37,38}-buildbot<1.8.2 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2019-12300 libwebp<0.5.2 double-free https://nvd.nist.gov/vuln/detail/CVE-2016-9969 ampache-[0-9]* php-object-injection https://nvd.nist.gov/vuln/detail/CVE-2017-18375 tor-browser<8.0.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-12383 xpdf<4.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12360 horde-[0-9]* remote-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-9858 glib2>=2.15.0<2.60.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12450 gvfs<1.41.3 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2019-12448 gvfs<1.41.3 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2019-12447 gvfs<1.41.3 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2019-12449 apache-roller>=5.1<5.2.2 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2018-17198 apache-tomcat>=7.0.0<7.0.94 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-0221 apache-tomcat>=8.5.0<8.5.40 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-0221 apache-tomcat>=9.0.0.M1<9.0.18 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-0221 sqlite3>=3.6.0<3.28.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-8457 gpac<0.8.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-12481 gpac<0.8.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-12482 gpac<0.8.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12483 xpdf<4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-12493 gd<2.3.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11038 php71-gd<7.1.30 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11038 php72-gd<7.2.19 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11038 php73-gd<7.3.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11038 php71-iconv<7.1.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-11039 php72-iconv<7.2.19 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-11039 php73-iconv<7.3.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-11039 php71-exif<7.1.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11040 php72-exif<7.2.19 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11040 php73-exif<7.3.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11040 R-RSQLite-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-8457 xpdf<4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-12515 py{27,34,35,36,37,38}-django<1.11.21 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-12308 py{34,35,36,37,38}-django>=2.0<2.2.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-12308 py{34,35,36,37,38}-django>=2.0<2.2.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-11358 ffmpeg2<2.8.16 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-12730 ffmpeg3<3.4.7 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-12730 ffmpeg4<4.1.4 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-12730 exim>=4.87<4.92 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-10149 php{56,70,71,72,73}-phpmyadmin<4.9.0.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-11768 php{56,70,71,72,73}-phpmyadmin<4.9.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-12616 vim<8.1.1365 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-12735 mantis<2.13.2 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2018-9839 py{27,34,35,36,37,38}-parso-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-12760 py{27,34,35,36,37,38}-xdg<0.26 code-injection https://nvd.nist.gov/vuln/detail/CVE-2019-12761 python34-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages aubio>=0.4.0<0.4.9 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19800 aubio>=0.4.0<0.4.9 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19802 aubio>=0.4.0<0.4.9 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19801 bind>=9.12<9.13 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python27<2.7.17 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10160 python35-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10160 python36<3.6.9 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10160 python37<3.7.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10160 cyrus-imapd>=2.5<2.5.13 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-11356 cyrus-imapd>=3.0<3.0.10 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-11356 consul>=1.4<1.4.5 incorrect-access-controls https://nvd.nist.gov/vuln/detail/CVE-2019-12291 consul>=1.5<1.5.1 incorrect-access-controls https://nvd.nist.gov/vuln/detail/CVE-2019-12291 py{27,34,35,36,37,38}-twisted<19.2.0 input-validation https://nvd.nist.gov/vuln/detail/CVE-2019-12387 dbus<1.12.16 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12749 ruby{22,23,24,25,26}-ruby-openid-[0-9]* remote-unknown https://nvd.nist.gov/vuln/detail/CVE-2019-11027 radare2<3.5.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12790 adobe-flash-player<32.0.0.207 arbitrary-code-execution https://helpx.adobe.com/security/products/flash-player/apsb19-30.html gvfs<1.40.2 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12795 mediawiki<1.32.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-11358 mediawiki<1.32.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-12466 mediawiki<1.32.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12467 mediawiki<1.32.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12468 mediawiki<1.32.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-12469 mediawiki<1.32.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-12470 mediawiki<1.32.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-12471 mediawiki<1.32.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12472 mediawiki<1.32.2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12473 mediawiki<1.32.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-12474 vlc<3.0.7 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5439 mupdf<1.15.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7321 mupdf<1.15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12798 radare2<3.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12802 radare2<3.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12829 radare2<3.6.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-12865 znc<1.7.3nb2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-12816 php{56,71,72,73}-orangehrm<4.3.2 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-12839 webmin-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-12840 py{27,34,35,36,37,38}-twisted-[0-9]* man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2019-12855 php{56,71}-concrete5<8.5.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-19146 thunderbird<60.7.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-17/ vlc<3.0.7 multiple-vulnerabilities https://www.videolan.org/developers/vlc-branch/NEWS bash<4.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2012-6711 vlc<3.0.7 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-12874 firefox<67.0.3 denial-of-service https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/ cliqz<1.27.3 denial-of-service https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/ firefox60<60.7.1 denial-of-service https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/ tor-browser<8.5.60.7.1 denial-of-service https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/ samba>=4.0<4.10.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12435 samba>=4.0<4.10.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12436 bind>=9.11<9.11.8 denial-of-service https://kb.isc.org/docs/cve-2019-6471 bind>=9.12<9.12.4pl2 denial-of-service https://kb.isc.org/docs/cve-2019-6471 bind>=9.14<9.14.3 denial-of-service https://kb.isc.org/docs/cve-2019-6471 bzip2<1.0.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-12900 libgcrypt<1.8.5 side-channel https://nvd.nist.gov/vuln/detail/CVE-2019-12904 firefox<67.0.4 sandbox-escape https://www.mozilla.org/en-US/security/advisories/mfsa2019-19/ cliqz<1.27.4 sandbox-escape https://www.mozilla.org/en-US/security/advisories/mfsa2019-19/ firefox60<60.7.2 sandbox-escape https://www.mozilla.org/en-US/security/advisories/mfsa2019-19/ tor-browser<8.5.60.7.2 sandbox-escape https://www.mozilla.org/en-US/security/advisories/mfsa2019-19/ thunderbird<60.7.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-20/ mantis<2.17.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-16514 apache-tomcat>=8.5.0<8.5.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10072 apache-tomcat>=9.0.0.M1<9.0.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10072 postgresql10-server<10.9 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10164 postgresql11-server<11.4 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10164 libvirt>=0.9.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-10161 libvirt-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-10166 libvirt-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-10167 libvirt-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-10168 powerdns<4.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10162 powerdns>=4.1.0<4.1.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10162 powerdns<4.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10163 powerdns>=4.1.0<4.1.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10163 expat<2.2.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20843 xpdf>=4.0<4.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12957 xpdf>=4.0<4.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12958 binutils-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12972 openjpeg<2.3.1 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2018-20845 openjpeg<2.3.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20847 moodle>=3.6<3.6.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10133 moodle>=3.5<3.5.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10133 moodle>=3.4<3.4.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10133 moodle>=3.1<3.1.18 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10133 openjpeg<2.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20846 moodle>=3.6<3.6.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10154 ImageMagick<7.0.8.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12974 ImageMagick6<6.9.10.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12974 openjpeg<2.3.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12973 ImageMagick<7.0.8.35 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-12975 ImageMagick6<6.9.10.36 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-12975 ImageMagick<7.0.8.35 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-12976 ImageMagick6<6.9.10.35 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-12976 ImageMagick<7.0.8.35 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-12977 ImageMagick6<6.9.10.35 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-12977 moodle>=3.6<3.6.4 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10134 moodle>=3.5<3.5.6 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10134 moodle>=3.4<3.4.9 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10134 moodle>=3.1<3.1.18 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10134 ImageMagick<7.0.8.35 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-12979 ImageMagick6<6.9.10.35 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-12979 ming-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12980 ming-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12981 ming-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12982 ImageMagick<7.0.8.35 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-12978 ImageMagick6<6.9.10.35 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-12978 glib2<2.59.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-13012 FlightCrew-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-13032 irssi<1.0.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-13045 irssi>=1.1.0<1.1.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-13045 irssi>=1.2.0<1.2.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-13045 ap{22,24}-auth-mellon-[0-9]* open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-13038 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-13072 grafana<6.2.5 html-attribute-injection https://nvd.nist.gov/vuln/detail/CVE-2019-13068 tor-browser<9.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-13075 matio<1.5.16 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13107 exiv2<0.27.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13109 exiv2<0.27.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13111 exiv2<0.27.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13112 exiv2<0.27.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13113 exiv2<0.27.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13110 libxslt<1.1.34 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-13117 exiv2<0.27.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13114 libxslt<1.1.34 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-13118 exiv2<0.27.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13108 dosbox<0.74.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7165 dosbox<0.74.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-12594 py{27,34,35,36,37,38}-django>=1.11<1.11.22 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12781 py{34,35,36,37,38}-django>=2.1<2.1.10 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12781 py{34,35,36,37,38}-django>=2.2<2.2.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12781 squirrelmail<1.4.23pre14832 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-12970 libaudiofile-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13147 ImageMagick<7.0.8.50 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13134 ImageMagick<7.0.8.50 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13133 ImageMagick<7.0.8.50 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-13135 ImageMagick6<6.9.10.50 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-13135 ImageMagick<7.0.8.50 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13136 ImageMagick<7.0.8.50 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13137 ImageMagick6<6.9.10.50 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13137 virt-manager>=2.2.0 information-leak https://nvd.nist.gov/vuln/detail/CVE-2019-10183 qemu<4.1.0 acl-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-13164 SDL2_image<2.0.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5052 SDL2_image<2.0.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5051 nsd<4.2.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13207 intellij-ue-bin<2018.1.8 sensitive-information-exposure https://nvd.nist.gov/vuln/detail/CVE-2019-9872 intellij-ue-bin<2018.1.8 sensitive-information-exposure https://nvd.nist.gov/vuln/detail/CVE-2019-9873 intellij-idea-ce<2017.3.7 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-9186 intellij-idea-ce<2018.1.8 sensitive-information-exposure https://nvd.nist.gov/vuln/detail/CVE-2019-9823 intellij-ue-bin<2017.3.7 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-10104 glpi<9.4.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-13239 FlightCrew<0.9.3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-13241 xpdf<4.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13281 xpdf<4.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13282 xpdf<4.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13283 xpdf<4.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13286 xpdf<4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-13287 xpdf<4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13288 xpdf<4.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-13289 xpdf<4.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-13291 mupdf<1.15.0nb1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13290 unzip-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13232 squid-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-13345 ffmpeg4<4.2.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13312 ImageMagick<7.0.8.50 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13309 ImageMagick6<6.9.10.50 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13309 ImageMagick<7.0.8.50 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13310 ImageMagick6<6.9.10.50 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13310 ImageMagick<7.0.8.52 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13311 ImageMagick6<6.9.10.52 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13311 ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13307 ImageMagick6<6.9.10.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13307 ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13308 ImageMagick6<6.9.10.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13308 ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13305 ImageMagick6<6.9.10.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13305 ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13303 ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13306 ImageMagick6<6.9.10.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13306 ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13304 ImageMagick6<6.9.10.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13304 ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13302 ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13300 ImageMagick6<6.9.10.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13300 ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13298 ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13299 ImageMagick<7.0.8.50 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13301 ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13297 ImageMagick6<6.9.10.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13297 ImageMagick<7.0.8.50 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13296 ImageMagick<7.0.8.50 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13295 ImageMagick6<6.9.10.50 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13295 ffmpeg3<3.4.7 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-13390 ffmpeg4<4.2.1 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-13390 ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13391 ImageMagick6<6.9.10.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13391 libtomcrypt<1.18.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-0739 gnupg-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13050 gnupg2<2.2.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13050 ImageMagick<7.0.8.54 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-13454 ImageMagick6<6.9.10.54 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-13454 php{56,70,71,72}-contao44<4.4.39 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-11512 zeromq<4.3.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-13132 firefox<68.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/ cliqz<1.28.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/ firefox60<60.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/ tor-browser<8.5.60.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/ php<7.0.18 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2017-7189 png<1.6.32 unspecified https://nvd.nist.gov/vuln/detail/CVE-2017-12652 oniguruma<6.9.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-13224 oniguruma<6.9.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-13225 glpi<9.4.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-13240 exiv2<0.27.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-13504 asterisk>=13.0<13.27.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-002.html asterisk>=15.0<15.7.3 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-002.html asterisk>=16.0<16.4.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-002.html asterisk>=13.0<13.27.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-003.html asterisk>=15.0<15.7.3 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-003.html asterisk>=16.0<16.4.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-003.html apache-roller<5.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-0234 slurm-wlm<18.08.8 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-12838 kafka>=0.11.0.0<2.1.1 acl-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-17196 redis<5.0.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10192 redis<5.0.4 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10193 gitea<1.7.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-1010314 wavpack<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010315 wavpack<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010317 wavpack<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010319 squid<4.8 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-12525 squid<4.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12527 squid<4.8 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-12529 glpi<9.4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-1010310 python27<2.7.17 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20852 python34<3.4.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20852 python35<3.5.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20852 python36<3.6.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20852 python37<3.7.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20852 sox-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-13590 sox-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-1010004 evince<3.28.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1010006 vlc<3.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13602 libmspack<0.10alpha buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1010305 thunderbird<60.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-23/ ruby{22,23,24,25,26}-mini-magick<4.9.4 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-13574 rust<1.30.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-1010299 jhead-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1010301 jhead-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010302 glpi-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-1010307 cfitsio<3.43 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1010060 libssh2<1.9.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-13115 libebml<1.3.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13615 SDL<1.2.15nb31 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13616 SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13616 gpac<0.8.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13618 libreoffice<6.2.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-9848 libreoffice<6.2.5 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9849 jenkins-lts<2.176.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-07-17/ jenkins<2.186 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-07-17/ nfdump<1.6.17 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1010057 py{27,34,35,36,37,38}-flask<1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010083 SDL2<2.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13626 wireshark<2.4.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13619 wireshark>=2.6<2.6.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13619 wireshark>=3.0<3.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13619 patch-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2019-13636 sleuthkit<4.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010065 abcm2ps<8.13.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010069 gitea<1.8.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-1010261 salt<2019.8 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-1010259 vlc<3.0.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13962 mongodb<3.0.7 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2015-7882 scapy<2.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010142 pango<1.42.4nb5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-1010238 proftpd<1.3.7 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-12815 oracle-{jdk,jre}8<8.0.213 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixJAVA openjdk8<1.8.213 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixJAVA poppler<0.79.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9959 haproxy>=2.0<2.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14241 haproxy>=1.9<1.9.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14241 binutils>=2.21<2.32 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-1010204 tcpdump-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-1010220 cherokee-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1010218 nasm<2.15 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-14248 binutils-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14250 libdwarf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14249 mpg321-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-14247 mgetty<1.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010189 mgetty<1.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010190 mysql-server>=5.6<5.6.45 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL mysql-server>=5.7<5.7.27 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL mysql-server>=8.0<8.0.17 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL zstd<1.3.8 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-11922 exim>=4.85<4.92.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-13917 mcpp-[0-9]* multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2019-14274 fig2dev-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14275 openldap-server<2.4.48 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2019-13057 openldap-server<2.4.48 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2019-13565 patch-[0-9]* shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-13638 upx-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14296 upx-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14295 xpdf<4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14293 xpdf<4.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-14294 xpdf<4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14292 xpdf<4.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14288 xpdf<4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14291 xpdf<4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14290 xpdf<4.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14289 exiv2<0.27.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14368 exiv2<0.27.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14369 exiv2<0.27.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14370 ioquake3-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1010043 ruby{22,23,24,25,26}-yard<0.9.20 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-1020001 u-boot<2019.10 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13103 jabberd<=2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages freetype2<2.6.1 buffer-overrun https://nvd.nist.gov/vuln/detail/CVE-2015-9290 cryptopp-[0-9]* side-channel https://nvd.nist.gov/vuln/detail/CVE-2019-14318 libopenmpt<0.4.3 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-14381 binutils<2.33 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14444 openssl<1.0.2t multiple-vulnerabilities https://www.openssl.org/news/secadv/20190730.txt openssl>=1.1.0<1.1.0l multiple-vulnerabilities https://www.openssl.org/news/secadv/20190730.txt openssl>=1.1.1<1.1.1d multiple-vulnerabilities https://www.openssl.org/news/secadv/20190730.txt ansible>=2.0<2.6.18 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10156 ansible>=2.7<2.7.18 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10156 ansible>=2.8<2.8.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10156 libopenmpt<0.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14382 libopenmpt<0.3.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20861 libopenmpt<0.4.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14380 libopenmpt<0.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14383 Sigil<0.9.16 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-14452 yarn<1.17.3 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-5448 php{56,70,71,72}-nextcloud<15.0.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-5449 vlc<3.0.7 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-5460 vlc<3.0.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-5459 u-boot<2019.10 multiple-vulnerabilities https://blog.semmle.com/uboot-rce-nfs-vulnerability/ yara<3.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5020 SDL2_image<2.0.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-5057 SDL2_image<2.0.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-5058 SDL2_image<2.0.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-5059 SDL2_image<2.0.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-5060 pixman<0.32.8 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-5297 moodle<3.7.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-10187 moodle<3.7.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-10188 moodle<3.7.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-10186 moodle<3.7.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-10189 schismtracker<20190805 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14465 nfdump<1.6.18 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14459 milkytracker<1.03.00 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14464 libopenmpt<0.3.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20860 gdb-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1010180 gnucobol-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14486 opencv<3.4.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14491 opencv>=4.0<4.1.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14491 poppler<0.79.0 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-14494 3proxy<0.8.13 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-14495 gnucobol-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14468 opencv<3.4.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14492 opencv>=4.0<4.1.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14492 opencv<3.4.7 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-14493 opencv>=4.0<4.1.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-14493 milkytracker<1.03.00 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14496 milkytracker<1.03.00 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14497 dnsmasq<2.76 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14513 py{27,34,35,36,37,38}-django>=1.11<1.11.23 multiple-vulnerabilities https://www.djangoproject.com/weblog/2019/aug/01/security-releases/ py{34,35,36,37,38}-django>=2.1<2.1.11 multiple-vulnerabilities https://www.djangoproject.com/weblog/2019/aug/01/security-releases/ py{34,35,36,37,38}-django>=2.2<2.2.4 multiple-vulnerabilities https://www.djangoproject.com/weblog/2019/aug/01/security-releases/ gnucobol-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14528 sleuthkit-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14531 sleuthkit-[0-9]* off-by-one https://nvd.nist.gov/vuln/detail/CVE-2019-14532 schismtracker<20190805 buffer-underflow https://nvd.nist.gov/vuln/detail/CVE-2019-14523 schismtracker<20190805 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14524 gnucobol-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14541 seamonkey-enigmail<2.1 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-14664 thunderbird-enigmail<2.1 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-14664 magento<1.9.4.2 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13 magento>=2.1<2.1.18 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13 magento>=2.2<2.2.9 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13 magento>=2.3<2.3.2 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13 magento<1.9.4.2 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23 magento>=2.1<2.1.18 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23 magento>=2.2<2.2.9 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23 magento>=2.3<2.3.2 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23 magento<1.9.4.2 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33 magento>=2.1<2.1.18 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33 magento>=2.2<2.2.9 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33 magento>=2.3<2.3.2 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33 brandybasic-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14662 brandybasic-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14663 brandybasic-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14665 subversion-base<1.12.1 denial-of-service https://security-tracker.debian.org/tracker/CVE-2019-0203 subversion-base<1.12.1 denial-of-service https://security-tracker.debian.org/tracker/CVE-2018-11782 elasticsearch<6.8.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-7614 elasticsearch>=7.0.0<7.2.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-7614 mariadb-server>=5.5<5.5.65 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL mongodb<3.4.22 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2019-2386 mongodb>=4<4.0.9 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2019-2386 u-boot<2019.07 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-13104 u-boot<2019.07 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-13105 u-boot<2019.07 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-13106 adplug<2.3.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14690 adplug<2.3.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14691 adplug<2.3.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14692 adplug<2.3.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14732 adplug<2.3.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14733 adplug<2.3.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14734 kconfig<5.61.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-14744 radare2<3.7.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-14745 postgresql94-server<9.4.24 arbitrary-sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-10208 postgresql95-server<9.5.19 arbitrary-sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-10208 postgresql96-server<9.6.15 arbitrary-sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-10208 postgresql10-server<10.10 arbitrary-sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-10208 postgresql11-server<11.5 arbitrary-sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-10208 postgresql11-server<11.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10209 php71-exif<7.1.31 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11041 php72-exif<7.2.21 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11041 php73-exif<7.3.8 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11041 php71-exif<7.1.31 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11042 php72-exif<7.2.21 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11042 php73-exif<7.3.8 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11042 ruby{22,23,24,25,26}-nokogiri<1.10.4 command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-5477 exiv2<0.27.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14982 ImageMagick6<6.9.10.42 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-14980 ImageMagick<7.0.8.42 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-14980 ImageMagick6<6.9.10.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14981 ImageMagick<7.0.8.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14981 ghostscript-gpl-[0-9]* sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-10216 ghostscript-agpl<9.50 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-10216 go111<1.11.13 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-14809 go112<1.12.8 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-14809 nginx<1.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9511 nginx>=1.17<1.17.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9511 nginx<1.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9513 nginx>=1.17<1.17.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9513 nginx<1.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9516 nginx>=1.17<1.17.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9516 nghttp2<1.39.2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9511 nghttp2<1.39.2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9513 go111<1.11.13 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9512 go111<1.11.13 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9514 go112<1.12.8 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9512 go112<1.12.8 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9514 h2o<2.2.6 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9512 h2o<2.2.6 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9514 h2o<2.2.6 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9515 libexosip<5.0.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2014-10375 tiff<4.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14973 mupdf<1.16.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14975 apache>=2.4<2.4.41 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9517 apache>=2.4<2.4.41 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10081 apache>=2.4<2.4.41 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10082 apache>=2.4<2.4.41 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-10092 apache>=2.4<2.4.41 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10097 apache>=2.4<2.4.41 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-10098 gradle<5.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-15052 firefox<68.0.2 sensitive-information-disclosure https://www.mozilla.org/en-US/security/advisories/mfsa2019-24/ cliqz<1.28.2 sensitive-information-disclosure https://www.mozilla.org/en-US/security/advisories/mfsa2019-24/ squid>=4<4.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12854 wpa_supplicant<2.9 side-channel https://nvd.nist.gov/vuln/detail/CVE-2019-13377 patch-[0-9]* shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-20969 webmin>=1.882<1.930 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15107 libreoffice<6.2.6 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-9850 libreoffice<6.2.6 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-9851 libreoffice<6.2.6 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-9852 nodejs<8.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9511 nodejs>=10<10.16.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9511 nodejs>=12<12.8.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9511 nodejs<8.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9512 nodejs>=10<10.16.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9512 nodejs>=12<12.8.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9512 nodejs<8.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9513 nodejs>=10<10.16.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9513 nodejs>=12<12.8.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9513 nodejs<8.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9514 nodejs>=10<10.16.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9514 nodejs>=12<12.8.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9514 nodejs<8.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9515 nodejs>=10<10.16.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9515 nodejs>=12<12.8.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9515 nodejs<8.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9516 nodejs>=10<10.16.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9516 nodejs>=12<12.8.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9516 nodejs<8.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9517 nodejs>=10<10.16.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9517 nodejs>=12<12.8.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9517 nodejs<8.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9518 nodejs>=10<10.16.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9518 nodejs>=12<12.8.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9518 nodejs-6.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages cups-base<2.2.11 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-8675 cups-base<2.2.11 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-8696 zabbix-[0-9]* username-enumeration https://nvd.nist.gov/vuln/detail/CVE-2019-15132 giflib<5.1.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15133 ImageMagick<7.0.8.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15139 ImageMagick6<6.9.10.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15139 ImageMagick<7.0.8.43 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15140 ImageMagick6<6.9.10.43 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15140 ImageMagick<7.0.8.43 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15141 ImageMagick6<6.9.10.43 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15141 djvulibre-lib-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15142 djvulibre-lib-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15143 djvulibre-lib-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15144 djvulibre-lib-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15145 adplug<2.3.3 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-15151 ruby{22,23,24,25,26}-rest-client>=1.6.10<1.6.14 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15224 webmin<1.930 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15231 php{56,70,71,72,73}-roundcube-[0-9]* homograph-attack https://nvd.nist.gov/vuln/detail/CVE-2019-15237 faad2<2.8.8nb1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-15296 vlc<3.0.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14437 vlc<3.0.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14438 vlc<3.0.8 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-14498 vlc<3.0.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-14533 vlc<3.0.8 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-14534 vlc<3.0.8 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-14535 vlc<3.0.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14776 vlc<3.0.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-14777 vlc<3.0.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-14778 vlc<3.0.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14970 sphinxsearch-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-14511 mantis<2.21.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-15074 py{27,34,35,36,37,38}-nltk<3.4.5 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-14751 ampache<4.0.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-12386 ampache<4.0.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-12385 php{56,71,72,73}-tiki6-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15314 py{27,34,35,36,37,38}-httpie<1.0.3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-10751 libextractor<1.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-15531 trafficserver-[0-9]* remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9511 trafficserver>=6.0.0<7.1.7 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9512 trafficserver>=8.0.0<8.0.4 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9512 trafficserver-[0-9]* remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9513 trafficserver>=6.0.0<7.1.7 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9514 trafficserver>=8.0.0<8.0.4 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9514 trafficserver>=6.0.0<7.1.7 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9515 trafficserver>=8.0.0<8.0.4 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9515 trafficserver-[0-9]* remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9516 trafficserver-[0-9]* remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9517 trafficserver>=6.0.0<7.1.8 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9518 trafficserver>=8.0.0<8.0.5 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9518 trafficserver>=6.0.0<7.1.7 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-10079 trafficserver>=8.0.0<8.0.4 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-10079 qemu<4.1.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14378 webkit-gtk<2.24.4 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2019-0004.html irssi>=1.2.0<1.2.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-15717 inspircd>=3.0.0<3.1.0 use-after-free https://docs.inspircd.org/security/2019-01/ inspircd<2.0.28 null-pointer-dereference https://docs.inspircd.org/security/2019-02/ inspircd>=3.0.0<3.3.0 null-pointer-dereference https://docs.inspircd.org/security/2019-02/ grafana<6.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15043 php{56,70,71,72,73}-contao35-3.* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages jasper<2.0.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14232 webmin-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-15641 webmin<1.930 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15642 xymon<4.3.29 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13451 xymon<4.3.29 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13452 xymon<4.3.29 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13273 xymon<4.3.29 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13455 xymon<4.3.29 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13274 xymon<4.3.29 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13486 xymon<4.3.29 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13484 xymon<4.3.29 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13485 jenkins-lts<2.176.3 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-08-28/ jenkins<2.191 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-08-28/ nmap<7.80 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18594 gnuchess-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-15767 dovecot<2.3.7.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-11500 dovecot-pigeonhole<0.5.7.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-11500 teamspeak-client<3.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15502 memcached<1.5.17 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-15026 gcc7-[0-9]* insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2019-15847 gcc8-[0-9]* insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2019-15847 freetype2<2.6.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2015-9381 freetype2<2.6.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2015-9382 freetype2<2.6.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2015-9383 samba>=4.9<4.10.8 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-10197 ghostscript-gpl-[0-9]* sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-14811 ghostscript-agpl<9.50 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-14811 ghostscript-gpl-[0-9]* sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-14817 ghostscript-agpl<9.50 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-14817 xpdf>=2.0<3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15860 varnish<6.0.4 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15892 expat<2.2.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-15903 poppler<0.66.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-21009 seamonkey<2.49.5 multiple-vulnerabilities http://www.seamonkey-project.org/releases/seamonkey2.49.5/ firefox<69.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/ cliqz<1.29.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/ firefox68<68.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/ firefox60<60.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/ tor-browser<8.5.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/ asterisk>=15.0<15.7.4 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-004.html asterisk>=16.0<16.5.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-004.html asterisk>=13.0<13.28.0 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-005.html asterisk>=16.0<16.5.0 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-005.html ghostscript-gpl-[0-9]* sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-14813 ghostscript-agpl<9.50 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-14813 openjpeg<2.3.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-21010 exim<4.92.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15846 qemu<5.0.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-15890 opencv<3.4.8 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-15939 ffmpeg4<4.2.1 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-15942 opensc<0.20.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-15945 opensc<0.20.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-15946 bitcoin<0.20.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-15947 php56-http<2.6.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-7398 php{70,71,72,73}-http>=3.0.0<3.1.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-7398 python27<2.7.17 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-16056 python35-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-16056 python36<3.6.10 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-16056 python37<3.7.5 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-16056 xpdf<5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16088 libreoffice<6.3.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-9854 libreoffice<6.3.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-9855 kilo-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16096 imapfilter-[0-9]* ssl-certificate-spoofing https://nvd.nist.gov/vuln/detail/CVE-2016-10937 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16115 bird>=1.6.4 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16159 bird6>=1.6.4 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16159 bird>=2.0.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16159 bird6>=2.0.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16159 oniguruma<6.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16163 cflow-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-16165 cflow-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-16166 sqlite3>=3.8.5<3.30.0 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-16168 ghostscript-gpl-[0-9]* sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-14812 ghostscript-agpl<9.50 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-14812 openssl<1.0.2t multiple-vulnerabilities https://www.openssl.org/news/secadv/20190910.txt openssl>=1.1.0<1.1.0l multiple-vulnerabilities https://www.openssl.org/news/secadv/20190910.txt openssl>=1.1.1<1.1.1d multiple-vulnerabilities https://www.openssl.org/news/secadv/20190910.txt wpa_supplicant<2.10 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16275 curl>=7.52.0<7.66.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-5481 curl>=7.19.4<7.66.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5482 ruby{22,23,24,25,26,27,30}-padrino-contrib<0.2.0nb1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16145 py{27,34,35,36,37,38}-lmbd-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-16224 py{27,34,35,36,37,38}-lmbd-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-16225 py{27,34,35,36,37,38}-lmbd-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-16226 py{27,34,35,36,37,38}-lmbd-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-16227 py{27,34,35,36,37,38}-lmbd-[0-9]* divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-16228 wordpress<5.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16217 wordpress<5.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16218 wordpress<5.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16219 wordpress<5.2.3 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-16220 wordpress<5.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16221 wordpress<5.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16222 wordpress<5.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16223 opencv>=4.0<4.1.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-16249 opendmarc-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-16378 thunderbird<60.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-29/ ibus<1.5.21 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-14822 php{56,70,71,72,73}-phpmyadmin<4.9.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-12922 php{56,70,71,72,73}-piwigo<2.10.0 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-13363 php{56,70,71,72,73}-piwigo<2.10.0 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-13364 adobe-flash-player<32.0.0.255 arbitrary-code-execution https://helpx.adobe.com/security/products/flash-player/apsb19-46.html picoc-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16277 asterisk>=14<15 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages wireshark<2.6.11 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-16319 wireshark>=3.0<3.0.4 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-16319 gpac<0.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-21015 gpac<0.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-21016 gpac<0.8.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-21017 gradle<6.0 weak-hash https://nvd.nist.gov/vuln/detail/CVE-2019-16370 openconnect<8.05 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16239 gnucobol-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16395 gnucobol-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-16396 mosquitto>=1.6.0<1.6.5 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-11778 mosquitto>=1.5.0<1.5.9 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11779 mosquitto>=1.6.0<1.6.6 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11779 grafana<6.2.0 information-leak https://nvd.nist.gov/vuln/detail/CVE-2019-15635 ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16705 ImageMagick<7.0.8.36 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16708 ImageMagick6<6.9.10.36 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16708 ImageMagick<7.0.8.36 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16709 ImageMagick6<6.9.10.36 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16709 ImageMagick<7.0.8.36 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16710 ImageMagick6<6.9.10.36 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16710 ImageMagick<7.0.8.40 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16711 ImageMagick6<6.9.10.40 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16711 ImageMagick<7.0.8.43 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16712 ImageMagick6<6.9.10.43 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16712 ImageMagick<7.0.8.43 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16713 hunspell<1.7.0nb2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-16707 radare2<3.9.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-16718 cacti<1.2.7 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-16723 go112<1.12.10 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-16276 thunderbird<68.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-30/ firefox<69.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-31/ cliqz<1.29.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-31/ thunderbird<68.1.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-32/ jenkins-lts<2.176.4 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-09-25/ jenkins<2.197 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-09-25/ unbound<1.9.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16866 qemu<4.2.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-12068 e2fsprogs<1.45.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-5094 libgcrypt<1.8.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-13627 glpi<9.4.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-14666 ruby{22,24,25,26}-zip<1.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16892 mediawiki-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-16738 mbedtls<2.19.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2019-16910 libreoffice<6.3.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-9853 exim>=4.92<4.92.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-16928 py{27,34,35,36,37,38}-flower-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16925 py{27,34,35,36,37,38}-flower-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16926 xpdf<4.02 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-16927 xpdf-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-17064 python27<2.7.17 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16935 python36<3.6.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16935 python37<3.7.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16935 rust<1.26.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-16760 putty<0.73 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-17068 putty<0.73 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-17069 pycharm-bin<2019.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14958 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10103 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10105 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14461 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14462 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14463 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14464 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14465 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14466 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14467 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14468 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14469 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14470 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14879 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14880 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14881 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14882 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16227 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16228 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16229 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16230 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16300 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16301 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16451 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16452 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-15166 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-15167 libpcap<1.9.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-15161 libpcap<1.9.1 username-enumeration https://nvd.nist.gov/vuln/detail/CVE-2019-15162 libpcap<1.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15163 libpcap<1.9.1 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-15164 libpcap<1.9.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-15165 libopenmpt<0.4.9 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17113 freerdp-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-17177 py{27,34,35,36,37}-Pillow<6.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16865 libsoup<2.68.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-17266 p5-libapreq2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12412 libtomcrypt<1.18.2nb2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-17362 gif2png<3.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-17371 zabbix-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-17382 exiv2<0.27.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-17402 mantis<2.22.1 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15715 ruby{22,24,25,26}-netaddr<2.0.4 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2019-17383 ruby{22,24,25,26}-redmine<3.4.11 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-17427 binutils<2.34 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-17450 binutils<2.34 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17451 libntlm<1.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17455 matio-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-17533 py{27,34,35,36,37,38}-graphite-web-[0-9]* server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-18638 ImageMagick<7.0.8.54 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17540 ImageMagick<7.0.8.55 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-17541 ImageMagick6<6.9.10.55 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-17541 ImageMagick<7.0.8.62 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-17547 ffmpeg3<3.4.7 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-17539 ffmpeg4<4.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-17539 ffmpeg2<2.8.16 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17542 ffmpeg3<3.4.7 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17542 ffmpeg4<4.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17542 lz4<1.9.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17543 aspell<0.60.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-17544 gdal-lib<3.0.2 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-17545 tiff<4.1.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17546 sudo<1.8.28 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-14287 nostromo<1.9.6nb2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-16278 nostromo<1.9.6nb2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16279 ncurses<6.1nb7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-17594 ncursesw<6.1nb7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-17594 ncurses<6.1nb7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-17595 ncursesw<6.1nb7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-17595 ruby{22,24,25,26}-haml<5.0.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-1002201 rabbitmq<3.7.18 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-11281 py{27,36,37,38}-reportlab<3.5.27 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-17626 oracle-{jdk,jre}8<8.0.232 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixJAVA openjdk8<1.8.232 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixJAVA openjdk11<1.11.0.5 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixJAVA mysql-server>=5.6<5.6.46 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL mysql-server>=5.7<5.7.28 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL mysql-server>=8.0<8.0.18 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL bind>=9.14<9.14.7 security-bypass https://kb.isc.org/docs/cve-2019-6475 bind>=9.14<9.14.7 denial-of-service https://kb.isc.org/docs/cve-2019-6476 wordpress<5.2.4 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-17669 wordpress<5.2.4 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-17670 wordpress<5.2.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-17671 wordpress<5.2.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-17672 wordpress<5.2.4 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2019-17673 wordpress<5.2.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-17674 wordpress<5.2.4 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-17675 ansible<2.8.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-14846 doas<6.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-15900 doas<6.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-15901 libxslt<1.1.34 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-18197 proftpd<1.3.6b remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-18217 t1lib-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages firefox68<68.2.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-33/ tor-browser<9.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-33/ firefox<70.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/ cliqz<1.30.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/ thunderbird<68.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-35/ xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-296.html xenkernel411<4.11.2nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-296.html xenkernel48-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-298.html xenkernel411<4.11.2nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-298.html xenkernel48-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-299.html xenkernel411<4.11.2nb2 privilege-escalation https://xenbits.xen.org/xsa/advisory-299.html xenkernel48-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-302.html xenkernel411<4.11.2nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-302.html ikiwiki<3.20101112 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2010-1673 ikiwiki<3.20110122 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2011-0428 ikiwiki<3.20110608 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2011-1408 chicken<4.8.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-6122 chicken<4.8.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2012-6123 chicken<4.8.0 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2012-6124 chicken<4.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-6125 chicken<4.9.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2013-2024 chicken<4.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-2075 webkit-gtk<2.26.0 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2019-0005.html elasticsearch<6.8.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-7619 file-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-18218 freetds<1.1.20 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13508 go112<1.12.11 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-17596 haproxy<2.0.6 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-18277 isc-dhcpd<4.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6470 libarchive<3.4.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-18408 libidn2<2.2.0 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-12290 libidn2<2.1.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-18224 libssh2-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17498 libvncserver-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-15681 magento<1.9.4.1 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.1-2.2.8-and-2.1.17-security-update magento>=2.1<2.1.17 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.1-2.2.8-and-2.1.17-security-update magento>=2.2<2.2.8 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.1-2.2.8-and-2.1.17-security-update magento>=2.3<2.3.1 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.1-2.2.8-and-2.1.17-security-update mp3gain-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-18359 openafs<1.6.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-18601 openafs>=1.7<1.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-18601 openafs<1.6.24 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-18602 openafs>=1.7<1.8.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-18602 openafs<1.6.24 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-18603 openafs>=1.7<1.8.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-18603 php71-fpm<7.1.33 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-11043 php72-fpm<7.2.24 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-11043 php73-fpm<7.3.11 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-11043 py{27,34,35,36,37,38}-notebook<5.5.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-21030 python27<2.7.18 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-18348 python36<3.6.11 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-18348 python37<3.7.8 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-18348 python38<3.8.3 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-18348 qt5-qtbase<5.12.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-18281 ruby{22,23,24,25,26}-loofah<2.3.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-15587 thrift<0.13.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-0205 thrift<0.13.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-0210 tightvnc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-8287 tightvnc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15678 tightvnc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15679 tightvnc-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15680 unoconv<0.9 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-17400 mediawiki<1.18.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2012-0046 mediawiki<1.20.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-1951 magento<1.9.4.3 multiple-vulnerabilities https://magento.com/security/patches/supee-11219 MesaLib<19.2.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-5068 clamav<0.101.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12625 libsass-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-18797 libsass<3.6.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-18798 libsass<3.6.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-18799 samba>=4.0<4.10.10 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-10218 samba>=4.0<4.10.10 weak-authentication https://nvd.nist.gov/vuln/detail/CVE-2019-14833 samba>=4.0<4.10.10 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14847 mantis<1.2.15 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-1930 mantis<1.2.15 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-1931 mantis<1.2.14 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-1932 mantis<1.2.14 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-1934 zoo-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2005-2349 snoopy<2.0.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2002-2444 py{24,25,26,27,31}-keyring<0.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2012-5577 libytnef-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2009-3887 mapserver<5.6.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2010-1678 py{26,27,34,35,36}-mercurial<1.6.4 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2010-4237 bitlbee<3.0.3 unspecified https://nvd.nist.gov/vuln/detail/CVE-2012-1187 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2010-0206 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2010-0207 transmission<1.92 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2010-0748 transmission<1.92 unspecified https://nvd.nist.gov/vuln/detail/CVE-2010-0749 icoutils<0.31.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-5331 icoutils<0.31.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-5332 icoutils<0.31.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-5333 nsd<3.2.13 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-2979 miniupnpd<1.8.20130607 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2013-2600 evince<3.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-3718 minidlna<1.1.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2013-2738 minidlna<1.1.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2013-2739 archivemail<0.7.0 temporary-file-race https://nvd.nist.gov/vuln/detail/CVE-2006-4245 clamav<0.100.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2007-0899 gdm-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-1000002 konversation<1.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2009-5050 mutt<1.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2005-2351 php{56,70,71,72,73}-gettext<1.0.12 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2015-8980 py{25,26,27,31,32}-pip<1.5 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2013-5123 py{26,27,32,33}-scipy<0.12.1 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2013-4251 ruby{193,200}-nokogiri<1.5.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-6460 ruby{193,200}-nokogiri<1.5.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-6461 slim<1.3.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2013-4412 smokeping<2.6.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-4168 sudo<1.7.4 unspecified https://nvd.nist.gov/vuln/detail/CVE-2005-4890 xlockmore-[0-9]* unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2006-0061 xlockmore<5.24 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2006-0062 openttd<1.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-0049 tahoe-lafs<1.9.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2012-0051 djvulibre-lib-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-18804 viewvc-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2007-5743 clamav<0.91.2 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2007-6745 gri<2.12.18 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2008-7291 gource-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2010-2449 shibboleth-sp<2.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2010-2450 mantis<1.2.13 incorrect-access-controls https://nvd.nist.gov/vuln/detail/CVE-2013-1811 fribidi<1.0.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-18397 webkit-gtk<2.26.2 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2019-0006.html magento>=2.2<2.2.10 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update magento>=2.3<2.3.3 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update mantis<1.2.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2009-2802 tnef<1.4.18 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-18849 ImageMagick<7.0.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-18853 libjpeg-turbo<2.0.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-2201 py{27,36,37,38}-psutil-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2019-18874 py{26,27,32,33}-twisted<14.0.1 weak-ssl-authentication https://nvd.nist.gov/vuln/detail/CVE-2014-7143 ghostscript-agpl<9.50nb2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-14869 ettercap<0.7.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2010-3844 offlineimap<6.3.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2010-4532 offlineimap<6.3.4 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2010-4533 poppler<0.16.3 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2010-4654 poppler<0.16.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2010-4653 consolekit<0.4.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2010-4664 intel-microcode-netbsd<20191115 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2019-11135 intel-microcode-netbsd<20191115 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11139 cyrus-imapd>=2.5<2.5.14 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-18928 cyrus-imapd>=3.0<3.0.12 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-18928 oniguruma>=6.0<6.9.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19012 jhead-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19035 xfce4-thunar<1.3.1 format-string https://nvd.nist.gov/vuln/detail/CVE-2011-1588 rsyslog<5.7.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2011-1488 rsyslog<5.7.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2011-1489 rsyslog<5.7.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2011-1490 php{56,70,71,72,73}-drupal>=7<7.5 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2011-2726 chrony<1.29.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-0021 perdition<2.2 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2013-4584 unixodbc<2.2.15 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2011-1145 sniffit-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-5439 unbound<1.9.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-18934 foomatic-rip<4.0.0 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2011-2923 foomatic-rip<4.0.10 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2011-2924 php{56,71,72,73}-tiki6<8.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2011-4454 php{56,71,72,73}-tiki6<8.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2011-4455 ansible<2.6.19 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10206 ansible<2.9.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10217 ansible<2.6.20 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-14856 asterisk>=13.0<13.29.2 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-006.html asterisk>=16.0<16.6.2 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-006.html asterisk>=17.0<17.0.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-006.html asterisk>=13.0<13.29.2 remote-code-execution https://downloads.asterisk.org/pub/security/AST-2019-007.html asterisk>=16.0<16.6.2 remote-code-execution https://downloads.asterisk.org/pub/security/AST-2019-007.html asterisk>=17.0<17.0.1 remote-code-execution https://downloads.asterisk.org/pub/security/AST-2019-007.html asterisk>=13.0<13.29.2 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-008.html bind>=9.11<9.11.13 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6477 bind>=9.14<9.14.8 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6477 gnome-font-viewer-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-19308 haproxy<2.0.10 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-19330 jetty>=9.4.23.20191118<9.4.24.20191120 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-17632 libarchive<3.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-19221 oniguruma<6.9.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-19203 oniguruma<6.9.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-19204 oniguruma<6.9.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-19246 phpmyadmin<4.9.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-18622 powerdns<4.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10203 powerdns>=4.1<4.1.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10203 proftpd<1.3.6c verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-19270 proftpd<1.3.6 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-19271 proftpd<1.3.6 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19272 py{27,36,37,38}-ecdsa<0.13.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14853 py{36,37,38}-typed-ast<1.3.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-19274 py{36,37,38}-typed-ast<1.3.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-19275 rabbitmq<3.7.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11287 rabbitmq<3.7.20 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-11291 ruby24-base<2.4.8 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-15845 ruby25-base<2.5.7 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-15845 ruby26-base<2.6.5 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-15845 ruby24-base<2.4.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16201 ruby25-base<2.5.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16201 ruby26-base<2.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16201 ruby24-base<2.4.8 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2019-16254 ruby25-base<2.5.7 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2019-16254 ruby26-base<2.6.5 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2019-16254 ruby24-base<2.4.8 code-injection https://nvd.nist.gov/vuln/detail/CVE-2019-16255 ruby25-base<2.5.7 code-injection https://nvd.nist.gov/vuln/detail/CVE-2019-16255 ruby26-base<2.6.5 code-injection https://nvd.nist.gov/vuln/detail/CVE-2019-16255 ruby{22,24,25,26}-redmine<3.3.10 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-18890 sqlite3<3.31.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19242 sqlite3<3.31.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-19244 squid<4.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12523 squid<4.9 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12526 squid<4.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-18676 squid<4.9 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-18677 squid<4.9 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-18678 squid<4.9 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-18679 9base-[0-9]* insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2014-1935 chicken<4.9.0.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-6310 claws-mail-vcalendar<2.0.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2012-5527 evolution-data-server<3.2.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2011-3355 gnupg2<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-1606 gnupg<1.4.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-1607 gnupg2<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-1607 ikiwiki<3.20150329 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2015-2793 lilo>=23.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2011-1934 mediawiki<1.20.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-1816 mediawiki<1.20.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2013-1817 moodle<2.2.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2012-1155 moodle<2.2.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2012-1156 moodle<2.2.2 unspecified https://nvd.nist.gov/vuln/detail/CVE-2012-1168 nss<3.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-5285 patch<2.7.4 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2015-1396 php{53,54}-owncloud<4.5.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-0203 phpldapadmin<0.9.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2011-4082 py{24,25,26,27,31}-keyring<0.10 unspecified https://nvd.nist.gov/vuln/detail/CVE-2012-5578 py{26,27,32,33,34}-rply<0.7.4 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2014-1938 py27-trytond<2.4.2 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2012-2238 py27-xml-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-0877 python27<2.7.13 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-1000110 python34<3.4.6 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-1000110 python35<3.5.3 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-1000110 python36<3.6.0 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-1000110 quagga-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-5521 ruby{22,24,25,26}-net-ldap<0.16.2 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2014-0083 tahoe-lafs<1.8.3 arbitrary-file-deletion https://nvd.nist.gov/vuln/detail/CVE-2011-3617 thttpd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-5640 vsftpd<2.3.5 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2011-2523 wide-dhcpv6-[0-9]* shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2011-2717 xscreensaver<5.14 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2011-2187 yaws<1.92 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2011-4350 libvpx<1.8.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9232 libvpx<1.8.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9325 libvpx<1.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9371 libvpx<1.8.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-9433 libpurple-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2012-1257 py{34,35,36,37,38}-django>=2.1<2.1.15 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-19118 py{34,35,36,37,38}-django>=2.2<2.2.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-19118 clamav<0.102.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15961 firefox<71.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-36/ cliqz<1.32.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-36/ firefox68<68.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-37/ tor-browser<9.0.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-37/ php{56,71,72,73}-davical<1.1.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-18345 php{56,71,72,73}-davical<1.1.9 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-18346 php{56,71,72,73}-davical<1.1.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-18347 dia<0.97.3nb21 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-19451 fig2dev-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19555 freeradius>=3.0.0<3.0.20 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-13456 opensc<0.20.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-19479 opensc<0.20.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-19480 opensc<0.20.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-19481 proftpd<1.3.6c denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19269 rabbitmq-c<0.10.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-18609 zabbix-[0-9]* weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2013-7484 xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-304.html xenkernel411<4.11.2nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-304.html xenkernel48-[0-9]* side-channel https://xenbits.xen.org/xsa/advisory-305.html xenkernel411<4.11.2nb1 side-channel https://xenbits.xen.org/xsa/advisory-305.html xenkernel48-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-306.html xenkernel411<4.11.2nb3 privilege-escalation https://xenbits.xen.org/xsa/advisory-306.html wireshark<2.6.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19553 wireshark>=3.0.0<3.0.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19553 radare2-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19590 py{27,36,37,38}-validators<0.12.6 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-19588 minidlna<1.1.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2013-2745 ap{22,24}-fcgid-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-1000104 sqlite3<3.31.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19317 phpmyadmin<4.9.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-19617 ruby{22,24,25,26}-puma<3.12.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16770 openssl<1.0.2u integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1551 openssl>=1.1.0<1.1.1e integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1551 opencv>=4.0<4.1.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-19624 openslp-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5544 htmldoc-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19630 libsixel<1.8.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19635 libsixel<1.8.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19636 libsixel<1.8.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19637 libsixel<1.8.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19638 radare2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19647 yara-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19648 ruby{22,24,25,26}-base-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2011-3624 sqlite3<3.31.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-19603 sqlite3<3.31.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19645 sqlite3<3.31.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-19646 samba>=4.0<4.10.11 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14861 samba>=4.0<4.10.11 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-14870 php-7.1.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages libssh<0.8.8 remote-command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-14889 libssh>=0.9<0.9.3 remote-command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-14889 git-base<2.23.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2019-19604 git-base>=2.24<2.24.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2019-19604 yabasic<2.86.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19720 yabasic<2.86.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19796 libxslt<1.1.34 type-confusion https://nvd.nist.gov/vuln/detail/CVE-2019-5815 xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-307.html xenkernel411<4.11.3nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-307.html xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-308.html xenkernel411<4.11.3nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-308.html xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-309.html xenkernel411<4.11.3nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-309.html xenkernel48-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-310.html xenkernel411<4.11.3nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-310.html xenkernel48-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-311.html xenkernel411<4.11.3nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-311.html fig2dev-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-19746 cacti<1.2.8 input-validation https://nvd.nist.gov/vuln/detail/CVE-2019-17358 spamassassin<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12420 npm<6.13.3 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-16775 npm<6.13.3 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-16776 npm<6.13.4 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-16777 libsixel<1.8.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19777 libsixel<1.8.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19778 atasm-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19785 atasm-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19786 atasm-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19787 dovecot2<2.3.9.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-19722 samurai<1.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19795 bash<5.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-18276 cyrus-imapd<2.5.15 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-19783 cyrus-imapd>=3.0<3.0.13 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-19783 cyrus-sasl<2.1.27nb1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-19906 fig2dev-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-19797 git-base<2.23.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1348 git-base>=2.24<2.24.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1348 git-base<2.23.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-1349 git-base>=2.24<2.24.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-1349 git-base<2.23.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-1350 git-base>=2.24<2.24.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-1350 git-base<2.23.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1351 git-base>=2.24<2.24.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1351 libgit2<0.99 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1351 git-base<2.23.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1352 git-base>=2.24<2.24.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1352 libgit2<0.99 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1352 git-base<2.23.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-1353 git-base>=2.24<2.24.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-1353 libgit2<0.99 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-1353 git-base<2.23.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1354 git-base>=2.24<2.24.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1354 libgit2<0.99 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1354 git-base<2.23.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-1387 git-base>=2.24<2.24.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-1387 go-dns<1.1.25 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2019-19794 knot<4.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19331 libspiro-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19847 mediawiki-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-19709 nethack-lib<3.6.4 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-19905 py{27,34,35,36,37,38}-django>=1.11<1.11.27 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2019-19844 py{34,35,36,37,38}-django>=2.1<2.1.15 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2019-19844 py{34,35,36,37,38}-django>=2.2<2.2.9 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2019-19844 ruby{22,24,25,26}-rack16<1.6.12 session-hijack https://nvd.nist.gov/vuln/detail/CVE-2019-16782 ruby{22,24,25,26}-rack<2.0.8 session-hijack https://nvd.nist.gov/vuln/detail/CVE-2019-16782 sqlite3<3.31.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19880 sudo<1.8.30beta2 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2019-19232 sudo<1.8.30beta2 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2019-19234 php{56,71,72,73}-typo3<8.7.30 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-19848 php{56,71,72,73}-typo3<8.7.30 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-19849 php{56,71,72,73}-typo3<8.7.30 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-19850 yarn<1.21.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-10773 thunderbird<68.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-38/ nss<3.47.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-11745 nss<3.44 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-17007 py{27,36,37,38}-ecdsa<0.13.3 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-14859 spamassassin<3.4.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-11805 ImageMagick6<6.8.8.9 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2014-8561 duplicity<0.6.21 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2014-3495 erlang-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2016-1000107 kde-workspace4<4.10.5 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2013-4133 mcollective-[0-9]* insecure-defaults https://nvd.nist.gov/vuln/detail/CVE-2014-0175 mediawiki<1.21.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-4303 orca-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2013-4245 p5-DBD-PgPP<0.06 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2014-7257 p5-Data-UUID-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2013-4184 p5-Module-Signature<0.74 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2015-3406 pen<0.22.1 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2014-2387 ruby{22,24,25,26}-puppet>=6<6.4.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2018-11751 smokeping<2.6.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-4158 xerces-c-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-1311 yaws<2.0.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2016-1000108 php56-typo3<8.0 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages lout-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19917 lout-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19918 py{27,36,37,38}-waitress<1.4.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-16785 py{27,36,37,38}-waitress<1.4.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-16786 libgnome-keyring<3.10.0 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2012-6111 gnutls<3.2.0 oracle-attack https://nvd.nist.gov/vuln/detail/CVE-2015-8313 libreoffice<6.4.4 remote-file-view https://nvd.nist.gov/vuln/detail/CVE-2012-5639 php{56,70,71,72,73,74}-drupal>=8.7.4<8.7.5 access-bypass https://www.drupal.org/SA-CORE-2019-008 php{56,70,71,72,73,74}-drupal>=8<8.7.11 denial-of-service https://www.drupal.org/SA-CORE-2019-009 php{56,70,71,72,73,74}-drupal>=8<8.7.11 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2019-010 php{56,70,71,72,73,74}-drupal>=8<8.7.11 access-bypass https://www.drupal.org/SA-CORE-2019-011 php{56,70,71,72,73,74}-drupal>=7<7.69 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2019-012 php{56,70,71,72,73,74}-drupal>=8<8.7.11 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2019-012 php>=7.2<7.2.26 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-11044 php>=7.3<7.3.13 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-11044 php>=7.4<7.4.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-11044 php>=7.2<7.2.26 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-11045 php>=7.3<7.3.13 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-11045 php>=7.4<7.4.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-11045 php>=7.3<7.3.13 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-11049 php>=7.4<7.4.1 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-11049 php72-bcmath<7.2.26 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11046 php73-bcmath<7.3.13 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11046 php74-bcmath<7.4.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11046 php72-exif<7.2.26 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11047 php73-exif<7.3.13 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11047 php74-exif<7.4.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11047 php72-exif<7.2.26 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11050 php73-exif<7.3.13 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11050 php74-exif<7.4.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11050 sqlite3<3.31.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-19926 apache-tomcat>=7.0.0<7.0.99 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-12418 apache-tomcat>=8.5.0<8.5.49 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-12418 apache-tomcat>=9.0.0<9.0.29 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-12418 apache-tomcat>=7.0.0<7.0.99 session-fixation https://nvd.nist.gov/vuln/detail/CVE-2019-17563 apache-tomcat>=8.5.0<8.5.49 session-fixation https://nvd.nist.gov/vuln/detail/CVE-2019-17563 apache-tomcat>=9.0.0<9.0.29 session-fixation https://nvd.nist.gov/vuln/detail/CVE-2019-17563 apache-tomcat-6.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages apache-tomcat-8.0.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages GraphicsMagick<1.3.32 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-19950 GraphicsMagick<1.3.32 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19951 GraphicsMagick<1.3.34 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19953 ImageMagick<7.0.8.43 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19948 ImageMagick6<6.9.10.43 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19948 ImageMagick<7.0.8.43 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19949 ImageMagick6<6.9.10.43 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19949 ImageMagick<7.0.9.7 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-19952 libxml2<2.9.10 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-19956 sqlite3<3.31.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-19923 sqlite3<3.31.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-19924 sqlite3<3.31.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-19925 tigervnc<1.10.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15691 tigervnc<1.10.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15692 tigervnc<1.10.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15693 tigervnc<1.10.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15694 tigervnc<1.10.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15695 wordpress<5.3.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16780 wordpress<5.3.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16781 wordpress<5.3.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-20041 wordpress<5.3.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-20042 wordpress<5.3.1 incorrect-access-controls https://nvd.nist.gov/vuln/detail/CVE-2019-20043 libesmtp-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19977 py{27,36,37,38}-waitress<1.4.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-16789 ezxml-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-20005 ezxml-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20006 ezxml-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20007 libsixel<1.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20022 libsixel<1.8.5 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-20023 libsixel<1.8.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20024 matio-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20017 matio-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20018 matio-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20019 matio-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20020 upx-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20021 thttpd-[0-9]* buffer-underflow https://nvd.nist.gov/vuln/detail/CVE-2007-0158 upx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20051 upx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20053 libsixel<1.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20056 libsixel<1.8.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20094 podofo<0.9.7 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20093 vim<8.1.2136 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-20079 libsixel<1.8.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20140 qemu<1.5.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2013-2016 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-20159 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20160 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20161 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20162 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20163 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20164 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20165 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20166 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20167 gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-20168 gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-20169 gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-20170 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-20171 pure-ftpd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20176 ezxml-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20198 ezxml-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20199 ezxml-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20200 ezxml-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20201 ezxml-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2019-20202 tiff<3.7.0 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2004-0804 cups-base<2.3.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-2228 ansible>=2.9<2.9.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-14864 ansible>=2.8<2.8.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-14864 ansible>=2.7<2.7.15 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-14864 libsixel<1.8.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20205 gpac-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20208 sqlite3<3.31.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-20218 opencv>=4.0<4.2.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5063 opencv>=4.0<4.2.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5064 py{27,36,37,38}-Pillow<6.2.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5310 py{27,36,37,38}-Pillow<6.2.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5311 py{27,36,37,38}-Pillow<6.2.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5312 py{27,36,37,38}-Pillow<6.2.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5313 tigervnc<1.3.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-0011 qemu<2.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2013-4532 sqlite3<3.31.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-19959 nasm-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20334 fontforge-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5496 fontforge-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-5395 py{27,36,37,38}-Pillow<6.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19911 firefox<72.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-01/ cliqz<1.32.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-01/ firefox68<68.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-02/ tor-browser<9.0.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-02/ firefox<72.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-03/ cliqz<1.32.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-03/ firefox68<68.4.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-03/ tor-browser<9.0.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-03/ gnutls<3.6 signature-forgery https://mail.gnome.org/archives/desktop-devel-list/2020-January/msg00002.html gnupg-[0-9]* signature-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-14855 gnupg2<2.2.18 signature-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-14855 thunderbird<68.4.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-04/ #KeePass-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-20184 ansible<1.5.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2014-2686 bftpd<5.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-6162 bftpd<5.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-6835 curl<7.68.0 remote-file-view https://nvd.nist.gov/vuln/detail/CVE-2019-15601 dnsmasq<2.81 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14834 e2fsprogs<1.45.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-5188 ganglia-webfrontend-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-20378 ganglia-webfrontend-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-20379 gcpio<2.13 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-14866 glib2>=2.60<2.63.6 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-6750 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-6630 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-6631 cacti<1.2.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-7106 delegate-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2015-7556 firefox36<3.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2011-2670 fwknop<2.0.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2012-4434 hiredis<0.14.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-7105 isc-dhcpd<4.2.2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2011-2748 isc-dhcpd<4.2.2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2011-2749 jhead-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-6624 jhead-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-6625 kafka<2.0.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-12399 libmysofa<0.9.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-20016 libmysofa<0.8 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-20063 libmysofa<1.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-6860 libraw<0.17.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2015-8366 libraw<0.17.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2015-8367 ming-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-6628 ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-6629 moodle<2.2.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2012-0797 moodle<3.7.3 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-14879 mysql-client<5.6.47 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL mysql-client>=5.7<5.7.29 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL mysql-client>=8.0<8.0.19 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL mysql-server<5.6.47 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL mysql-server>=5.7<5.7.29 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL mysql-server>=8.0<8.0.19 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL openjdk8<1.8.232 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2020.html#AppendixJAVA openjdk11<1.11.0.6 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2020.html#AppendixJAVA nasm-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-20352 nginx<1.16.1nb2 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-20372 nginx>=1.17<1.17.7 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-20372 ntp-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-5209 openjpeg<2.3.1nb3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-6851 pcre<8.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-2325 pcre<8.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-2326 php{56,70,71}-concrete5<5.4.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2011-3183 php{56,71,72,73}-tiki6<6.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2011-4336 phpmyadmin<4.9.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-5504 poppler<0.21.4 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2012-2142 qemu<5.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-7039 salt<2019.2.3 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2019-17361 slurm-wlm<18.08.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-19727 slurm-wlm<18.08.9 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-19728 spamdyke<4.2.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2012-0070 wireshark>=3.2.0<3.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7044 wireshark>=3.0.0<3.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7045 wordpress<5.3.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16773 wordpress<5.3.1 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2019-16788 p5-Template-Toolkit<3.004 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-19781 mariadb-server>=5.5<5.5.66 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-2974 mariadb-client>=5.5<5.5.67 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-2574 cacti<1.2.9 remote-command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-7237 cacti<1.2.8 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-17357 samba>=4.9<4.11.5 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-19344 samba>=4.0<4.11.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14907 samba>=4.0<4.11.5 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2019-14902 libxml2<2.9.10nb1 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-20388 libxml2<2.9.10nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7595 webkit-gtk<2.26.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2020-0001.html vault>=0.11.0<1.3.2 operation-on-expired-resource https://nvd.nist.gov/vuln/detail/CVE-2020-7220 py{27,36,37,38}-waitress<1.4.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-16792 webkit-gtk<2.14.0 multiple-vulnerabilities https://www.webkitgtk.org/security/WSA-2016-0006.html freeciv-server<2.3.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-6083 qemu<2.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5239 qemu<2.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5745 qemu<2.4.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5278 libressl<2.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5334 libressl<2.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5333 slurm-wlm<18.08.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-6438 jenkins-lts<2.204.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2020-01-29/ jenkins<2.219 multiple-vulnerabilities https://jenkins.io/security/advisory/2020-01-29/ aspell>=0.60<0.60.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-20433 consul<1.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7219 consul<1.6.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-7955 exiv2<0.27.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20421 magento<1.9.4.4 multiple-vulnerabilities https://helpx.adobe.com/security/products/magento/apsb20-02.html mbedtls<2.16.4 side-channel https://nvd.nist.gov/vuln/detail/CVE-2019-18222 nethack-lib<3.6.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5209 nethack-lib<3.6.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5210 nethack-lib<3.6.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5211 nethack-lib<3.6.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5212 nethack-lib<3.6.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5213 nethack-lib<3.6.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5214 openjpeg<2.3.1nb3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-8112 py{27,36,37,38}-feedgen<0.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-5227 python27<2.7.18nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8492 python36<3.6.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8492 python37<3.7.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8492 python38<3.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8492 spamassassin<3.4.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-1930 spamassassin<3.4.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-1931 sudo<1.8.26 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-18634 u-boot<2020.04 double-free https://nvd.nist.gov/vuln/detail/CVE-2020-8432 opensmtpd<6.6.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-7247 php{53,54,55}-owncloud<5.0.15 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2014-2050 php{53,54,55}-owncloud>=6<6.0.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2014-2050 php{56,71,72,73,74}-tiki6-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2011-4558 vlc<2.1.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-9625 vlc<2.1.6 integer-underflow https://nvd.nist.gov/vuln/detail/CVE-2014-9626 vlc<2.1.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-9627 vlc<2.1.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-9628 vlc<2.1.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-9629 vlc<2.1.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-9630 lldpd<0.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-8011 lldpd<0.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-8012 opensc-[0-9]* arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2013-1866 p5-File-Temp-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2011-4116 perl-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2011-4116 p5-Module-Metadata<1.000015 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2013-1437 pwgen-[0-9]* weak-password-generator https://nvd.nist.gov/vuln/detail/CVE-2013-4441 py{26,27,33,34}-tornado<3.2.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-9720 qt5-qtbase-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-9541 librsvg<2.40.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20446 librsvg>=2.41<2.46.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20446 qemu<5.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-1711 py{27,34,35,36,37,38}-django>=1.11<1.11.28 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-7471 py{34,35,36,37,38}-django>=2.2<2.2.10 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-7471 py{27,36,37,38}-waitress>=1.4.2<1.4.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-5236 pppd>=2.4.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-8597 qt5-qtbase<5.14.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-0569 qt5-qtbase<5.14.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-0570 mariadb-server>=10.4.7<10.4.12 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-7221 ImageMagick<6.9.3.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-7523 ImageMagick<7.0.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-7523 ImageMagick<6.9.3.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-7524 ImageMagick<7.0.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-7524 clamav<0.102.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-3123 evolution-data-server<3.8.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2013-4166 ipmitool<1.8.19 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-5208 libvncserver<0.9.9 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2010-5304 mcabber<1.0.4 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2016-9928 nghttp2<1.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-1544 nodejs<10.19.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2019-15604 nodejs>=12<12.15.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2019-15604 nodejs>=13<13.8.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2019-15604 nodejs<10.19.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-15605 nodejs>=12<12.15.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-15605 nodejs>=13<13.8.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-15605 nodejs<10.19.0 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-15606 nodejs>=12<12.15.0 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-15606 nodejs>=13<13.8.0 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-15606 npm-[0-9]* modification-of-assumed-immutable-data https://nvd.nist.gov/vuln/detail/CVE-2020-8116 phppgadmin-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-10784 #python27-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9674 # fix was improving docs #python36-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9674 # fix was improving docs #python37-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9674 # fix was improving docs qemu<5.0.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-8608 squid<4.10 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-12528 squid<4.10 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-8449 squid<4.10 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-8450 squid<4.10 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-8517 zabbix-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2013-3628 php{56,72,73,74}-nextcloud<15.0.3 session-fixation https://nvd.nist.gov/vuln/detail/CVE-2019-15612 php{56,72,73,74}-nextcloud<17.0.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2019-15613 php{56,72,73,74}-nextcloud<17.0.0 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-15616 php{56,72,73,74}-nextcloud<17.0.1 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2019-15617 php{56,72,73,74}-nextcloud<15.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-15618 php{56,72,73,74}-nextcloud<16.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-15619 php{56,72,73,74}-nextcloud<16.0.2 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2019-15621 php{56,72,73,74}-nextcloud<16.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-15623 php{56,72,73,74}-nextcloud<15.0.8 input-validation https://nvd.nist.gov/vuln/detail/CVE-2019-15624 php{56,72,73,74}-nextcloud<14.0.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-8117 php{56,72,73,74}-nextcloud<16.0.2 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8118 php{56,72,73,74}-nextcloud<17.0.1 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8119 php{56,72,73,74}-nextcloud<15.0.0 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-8121 php{56,72,73,74}-nextcloud<15.0.0 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-8122 nodejs-8.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages go112<1.12.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7919 go113<1.13.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7919 moodle<3.7.3 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-14880 moodle>=3.7<3.7.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-14881 moodle<3.7.3 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-14882 moodle<3.7.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-14883 moodle<3.7.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-14884 moodle>=3.8<3.8.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-1691 php>=7.2<7.2.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7059 php>=7.3<7.3.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7059 php>=7.4<7.4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7059 php>=7.2<7.2.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7060 php>=7.3<7.3.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7060 php>=7.4<7.4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7060 ansible<2.9.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-14904 ansible<2.9.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-14905 libexif<0.6.21nb2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-9278 php56-orangehrm-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-1353 php{56,72,73,74}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-8089 gd<2.3.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-14553 dovecot2<2.3.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7046 dovecot2<2.3.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7957 weechat<2.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8955 adobe-flash-player<32.0.0.255 type-confusion https://helpx.adobe.com/security/products/flash-player/apsb20-06.html echoping-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2013-4448 lvm2-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-8991 pcre2<10.34 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-20454 firefox<73.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/ cliqz<1.33.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/ tor-browser<9.0.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-06/ firefox68<68.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-06/ thunderbird<68.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/ postgresql96-server<9.6.17 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-1720 postgresql10-server<10.12 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-1720 postgresql11-server<11.7 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-1720 postgresql12-server<12.2 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-1720 postgresql94-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages webkit-gtk<2.26.4 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2020-0002.html moodle<3.7.2 information-exposure https://nvd.nist.gov/vuln/detail/CVE-2020-1692 horde-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-8518 zabbix<2.1.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-3738 php{56,71,72,73,74}-tiki6-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-6022 kdeplasma-addons4-[0-9]* insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2013-2213 kdeplasma-addons4<4.10.5 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2013-2120 libarchive<3.4.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-9308 tiff<4.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-8128 cacti<1.2.10 remote-command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-8813 go-crypto<0.0.20200221 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9283 proftpd<1.3.6c out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-9272 proftpd<1.3.6c remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-9273 ruby{22,24,25,26}-puppet>=6<6.13.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7942 py{27,36,37,38}-yaml>=5.1<5.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-20477 py{27,36,37,38}-ruamel-yaml-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-20478 sqlite3<3.32.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9327 ansible<1.5.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-4658 ansible<1.5.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-4659 ansible<1.5.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-4660 ansible<1.6.7 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2014-4966 ansible<1.6.7 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2014-4967 curl<7.49.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2016-4606 jasper<1.900.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-8751 libaudiofile-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-7747 netsurf<2.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2012-0844 openjpeg<2.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-3182 php{53,54,55}-owncloud<5.0.15 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2014-2052 php{53,54,55}-owncloud>=6<6.0.2 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2014-2052 php{54,55,56}-owncloud<8.0.4 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2015-4715 php>=5.6<5.6.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2014-3622 python27<2.7.8 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2014-4650 rrdtool<1.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-6262 ruby{193,200}-nokogiri<1.5.4 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2012-6685 varnish<3.0.4 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2013-4090 apache-tomcat>=7.0.98<7.0.100 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-17569 apache-tomcat>=8.5.48<8.5.51 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-17569 apache-tomcat>=9.0.28<9.0.31 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-17569 apache-tomcat>=7.0.0<7.0.100 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-1935 apache-tomcat>=8.5.0<8.5.51 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-1935 apache-tomcat>=9.0.28<9.0.31 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-1935 pure-ftpd-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-9365 screen>=4.2.0<4.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-9366 sympa>=6.2.38<6.2.54 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9369 yarn<1.22.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-8131 zsh<5.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-20044 opensmtpd<6.6.4 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2020-8793 opensmtpd<6.6.4 remote-command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-8794 pam-radius-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2015-9542 pure-ftpd-[0-9]* uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2020-9274 gd<2.2.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-6363 apache-tomcat>=7.0.0<7.0.100 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-1938 apache-tomcat>=8.5.0<8.5.51 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-1938 apache-tomcat>=9.0.28<9.0.31 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-1938 php>=7.3<7.3.15 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7061 php>=7.4<7.4.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7061 php>=7.2<7.2.28 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-7062 php>=7.3<7.3.15 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-7062 php>=7.4<7.4.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-7062 php>=7.2<7.2.28 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-7063 php>=7.3<7.3.15 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-7063 php>=7.4<7.4.3 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-7063 ruby{22,24,25,26}-puma<4.3.2 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2020-5247 wireshark<2.6.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9428 wireshark>=3.0.0<3.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9428 wireshark>=3.2.0<3.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9428 wireshark>=3.2.0<3.2.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-9429 wireshark<2.6.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9430 wireshark>=3.0.0<3.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9430 wireshark>=3.2.0<3.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9430 wireshark<2.6.15 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-9431 wireshark>=3.0.0<3.0.9 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-9431 wireshark>=3.2.0<3.2.2 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-9431 qt5-qtwebsockets-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-21035 ruby{22,24,25,26}-puma<4.3.3 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2020-5249 webkit-gtk<2.28.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-10018 ansible-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-1734 py{27,34,35,36,37,38}-django>=1.11<1.11.29 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-9402 py{34,35,36,37,38}-django>=2.2<2.2.11 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-9402 py{34,35,36,37,38}-django>=3.0<3.0.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-9402 qemu<4.2.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-20382 py{27,34,35,36,37,38}-urllib3>=1.25.2<1.25.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7212 sleuthkit-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10232 sleuthkit-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-10233 ansible<2.9.7 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-1737 firefox<74.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-08/ cliqz<1.34.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-08/ firefox68<68.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-09/ tor-browser<9.0.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-09/ thunderbird<68.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-10/ ImageMagick6<6.9.11.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-10251 ImageMagick<7.0.10.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-10251 ansible<2.9.7 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2020-1733 ansible<2.9.7 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-1735 ansible<2.9.12 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-1736 ansible<2.9.7 code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-1738 ansible<2.9.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-1739 ansible<2.9.7 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2020-1740 ansible<2.9.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-1753 bitcoin<0.17.1 log-injection https://nvd.nist.gov/vuln/detail/CVE-2018-20586 icu<67.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10531 nethack-lib<3.6.0 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-5253 nethack-lib>=3.6.1<3.6.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-5254 gthumb<3.8.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20326 nagios-nrpe<4.0.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-6581 nagios-nrpe<4.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-6582 npm<6.14.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7598 npm-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7608 ruby{22,24,25,26,27}-puppet<6.9.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-7943 py{27,34,35,36,37}-twisted<16.3.1 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-1000111 py{27,36,37,38}-twisted<20.3.0rc1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-10108 py{27,36,37,38}-twisted<20.3.0rc1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-10109 python27<2.7.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-1753 qemu<4.1.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-15034 tcpdump-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-19325 yarn<1.19.0 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-15608 tor<0.4.2.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10592 tor<0.4.2.7 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-10593 GraphicsMagick<1.3.32 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2019-12921 libvirt<6.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20485 u-boot<2018.03 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-10648 mantis<2.21.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-15539 squid<4.9 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-18860 freeradius>=3.0<3.0.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-17185 php{56,72,73,74}-nextcloud<17.0.2 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8138 php{56,72,73,74}-nextcloud<18.0.1 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-8139 phpmyadmin<4.9.5 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-10802 phpmyadmin<4.9.5 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-10803 phpmyadmin<4.9.5 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-10804 hdf5-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10809 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10810 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-10811 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10812 vault>=0.9.0<1.3.4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-10660 vault>=0.11<1.3.4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-10661 weechat>=0.4.0<2.7.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9759 weechat>=0.3.4<2.7.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-9760 trafficserver<7.1.9 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-17559 trafficserver>=8.0.0<8.0.6 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-17559 trafficserver<7.1.9 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-17565 trafficserver>=8.0.0<8.0.6 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-17565 trafficserver<7.1.9 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-1944 trafficserver>=8.0.0<8.0.6 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-1944 py{27,36,37,38}-zim-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10870 horde-[0-9]* arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2020-8866 horde-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-8865 memcached>=1.6.0<1.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10931 ansible<2.9.7 code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-10684 py{27,36,37,38}-yaml<5.3.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-1747 GraphicsMagick<1.3.35 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10938 okular<20.04.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-9359 gpac<0.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20629 gpac<0.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20630 gpac<0.8.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20631 gpac<0.8.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20632 gpac<0.8.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-20628 mbedtls<2.6.15 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-10941 py{27,36,37,38}-bleach<3.11 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-6802 py{27,36,37,38}-bleach<3.12 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-6816 patch-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20633 php{56,72,73,74}-piwigo<2.10.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-9467 jenkins<2.204.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-2160 jenkins<2.204.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2161 jenkins<2.204.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2162 jenkins<2.204.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2163 gst-rtsp-server<1.17.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-6095 netbeans-ide<11.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-17560 netbeans-ide<11.3 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2019-17561 pam-krb5<4.9 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10595 php72-exif<7.2.29 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2020-7064 php73-exif<7.3.16 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2020-7064 php74-exif<7.4.4 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2020-7064 php>=7.3<7.3.16 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-7065 php>=7.4<7.4.4 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-7065 php>=7.2<7.2.29 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-7066 php>=7.3<7.3.16 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-7066 php>=7.4<7.4.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-7066 #phpmyadmin-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-11441 Disputed, see https://github.com/phpmyadmin/phpmyadmin/issues/16056 elasticsearch<6.8.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-7009 elasticsearch>=7.0.0<7.6.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-7009 apache>=2.4.0<2.4.42 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2020-1934 apache>=2.4.0<2.4.42 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2020-1927 php{56,71,72,73,74}-tiki6-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-8966 ast-ksh-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-14868 haproxy<2.1.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-11100 viewvc>=1.2<1.2.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-5283 viewvc<1.1.28 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-5283 firefox<74.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/ cliqz<1.34.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/ firefox68<68.6.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/ tor-browser<9.0.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/ mediawiki<1.34.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-10960 gnutls>=3.6.3<3.6.13 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2020-11501 gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-11558 qemu<5.0.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11102 p5-Convert-ASN1<0.28 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2013-7488 codeblocks-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10814 sqlite3<3.32.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11655 sqlite3<3.32.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-11656 varnish>=5.0<6.0.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-20637 varnish>=6.0<6.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11653 libssh<0.9.4 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-1730 firefox<75.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/ cliqz<1.35.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/ firefox68<68.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-13/ tor-browser<9.0.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-13/ wireshark<2.6.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11647 wireshark>=3.0.0<3.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11647 wireshark>=3.2.0<3.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11647 wolfssl<4.4.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2020-11713 libsixel-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11721 git-base<2.25.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-5260 git-base>=2.26<2.26.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-5260 xenkernel411<4.11.3nb2 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-313.html xenkernel48-[0-9]* multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-313.html xenkernel411<4.11.3nb2 denial-of-service https://xenbits.xen.org/xsa/advisory-318.html xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-318.html xenkernel411<4.11.3nb2 denial-of-service https://xenbits.xen.org/xsa/advisory-316.html xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-316.html webkit-gtk<2.28.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-11793 openexr<2.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11758 openexr<2.4.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11759 openexr<2.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11760 openexr<2.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11761 openexr<2.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11762 openexr<2.4.1 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2020-11763 openexr<2.4.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-11764 openexr<2.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11765 squid-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12519 squid-[0-9]* cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2019-12520 squid-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12521 squid-[0-9]* bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2019-12522 squid-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12524 mbedtls<2.16.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-10932 oracle-{jdk,jre}8<8.0.242 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixJAVA openjdk7<1.7.252 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixJAVA openjdk8<1.8.242 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixJAVA openjdk11<1.11.0.7 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixJAVA evolution<3.35.91 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2020-11879 mysql-server<5.6.48 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL mysql-server>=5.7<5.7.30 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL mysql-server>=8<8.0.20 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL mysql-client<5.6.48 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL mysql-client>=5.7<5.7.30 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL mysql-client>=8.0<8.0.19 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL mysql-cluster<7.4.28 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL ming-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11894 ming-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11895 rclone-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2018-12907 py{27,36,37,38}-markdown2-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-11888 re2c>=1.2<2.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11958 openssl>=1.1.1d<1.1.1g denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-1967 teeworlds<0.7.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20787 teeworlds>=0.7<0.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12066 git-base<2.25.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-11008 git-base>=2.26<2.26.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-11008 openconnect<8.09 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-12105 ndpi-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11940 squid<4.11 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-11945 ndpi-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11939 libvncserver-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20788 grafana<6.7.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-12245 thunderbird<68.7.0 use-after-free https://www.mozilla.org/en-US/security/advisories/mfsa2020-14/ mailman<2.1.30 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-12137 qemu<5.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-1983 webkit-gtk<2.28.2 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2020-0005.html grafana<6.7.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-12052 jbig2dec<0.18 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-12268 libgit2<0.99.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-12278 libgit2<0.99.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-12279 opendmarc-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-20790 opendmarc-[0-9]* spoofing https://nvd.nist.gov/vuln/detail/CVE-2020-12272 openvpn<2.4.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11810 qemu<5.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11869 php>=7.2<7.2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7067 php>=7.3<7.3.17 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7067 php>=7.4<7.4.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7067 ffmpeg4<4.2.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-12284 libvirt<6.1.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-12430 opensc<0.20.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-20792 openldap-server<2.4.50 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12243 ruby{22,24,25,26,27}-json<2.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10663 qt5-qtbase<5.14.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-12267 re2c<3.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-21232 ansible<2.9.7 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-10691 salt<2019.2.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-11651 salt<2019.2.4 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2020-11652 wordpress<5.4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-11025 wordpress<5.4.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-11026 wordpress<5.4.1 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-11027 wordpress<5.4.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-11028 wordpress<5.4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-11029 wordpress<5.4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-11030 cups-base<2.3.3 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-8842 cups-base<2.3.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-3898 php{56,72,73,74}-roundcube<1.4.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-12625 php{56,72,73,74}-roundcube<1.4.4 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-12626 samba>=4.0<4.12.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-10700 php{56,72,73,74}-roundcube<1.4.4 file-inclusion https://nvd.nist.gov/vuln/detail/CVE-2020-12640 php{56,72,73,74}-roundcube<1.4.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-12641 ruby25-base<2.5.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-10933 ruby26-base<2.6.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-10933 ruby27-base<2.7.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-10933 qemu>=5.0.0<5.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10717 firefox<76.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-16/ cliqz<1.36.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-16/ firefox68<68.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-17/ tor-browser<9.0.10 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-17/ thunderbird<68.8.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-18/ ruby24-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages glpi<9.4.6 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2020-11034 glpi<9.4.6 cross-site-request-forgeries https://nvd.nist.gov/vuln/detail/CVE-2020-11035 glpi>=9.1<9.4.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-11033 glpi<9.4.6 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-11032 glpi<9.4.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-11036 GraphicsMagick<1.3.36 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-12672 samba>=4.0<4.11.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10704 samba>=4.12<4.12.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10704 mailman<2.1.31 code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-12108 mongodb<3.6.18 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-7921 mongodb>=4.0.0<4.2.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-7921 ntp-[0-9]* timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-8956 freerdp>1.0.0<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11046 freerdp>1.0.0<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11048 freerdp>1.1.0<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11042 freerdp>1.2.0<2.0.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2020-11044 freerdp>1.0.0<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11045 freerdp>1.1.0<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11047 freerdp>1.1.0<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11049 #py{27,36,37,38}-pip<21.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20225 tcpreplay<4.3.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-12740 imlib2<1.7.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-12761 json-c<0.15 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-12762 libexif<0.6.22 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-12767 ansible<2.9.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-10685 exim-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-12783 php{56,72,73,74}-nextcloud<18.0.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8154 php{56,72,73,74}-nextcloud<18.0.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-8155 openconnect<8.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-12823 libcroco-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-12825 glpi<9.4.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-5248 glpi<9.4.6 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-11060 freerdp>=1.1<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11058 glpi>=0.68.1<9.4.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-11062 ansible<2.9.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-1746 clamav<0.102.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-3327 clamav>=0.101<0.102.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-3341 apache-ant>=1.1<1.9.15 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-1945 apache-ant>=1.10<1.10.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-1945 libexif<0.6.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-0093 transmission<3.00 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10756 freerdp>1.0.0<2.0.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-11521 ansible-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-10744 freerdp>1.0.0<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11522 freerdp>1.0.0<2.0.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11523 freerdp>1.0.0<2.0.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-11524 freerdp>1.0.0<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11525 freerdp>1.1.0<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11526 vlc<3.0.9 off-by-one https://nvd.nist.gov/vuln/detail/CVE-2019-19721 yaws-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-12872 cherokee-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-20798 cherokee-[0-9]* remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20799 cherokee-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-20800 dovecot<2.3.10.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10957 dovecot<2.3.10.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10958 dovecot<2.3.10.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10967 libreoffice<6.4.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-12801 prboom-plus<2.6.2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20797 unbound<1.10.1 traffic-amplification https://nvd.nist.gov/vuln/detail/CVE-2020-12662 unbound<1.10.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12663 knot<5.1.1 traffic-amplification https://nvd.nist.gov/vuln/detail/CVE-2020-12667 bind>=9.11<9.11.19 traffic-amplification https://nvd.nist.gov/vuln/detail/CVE-2020-8616 bind>=9.14<9.14.12 traffic-amplification https://nvd.nist.gov/vuln/detail/CVE-2020-8616 bind>=9.11<9.11.19 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8617 bind>=9.14<9.14.12 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8617 couchdb>=3.0.0<3.0.1 remote-privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-1955 powerdns-recursor<4.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10030 powerdns-recursor<4.3.1 traffic-amplification https://nvd.nist.gov/vuln/detail/CVE-2020-10995 powerdns-recursor<4.3.1 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-12244 wireshark<2.6.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13164 wireshark>=3.0<3.0.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13164 wireshark>=3.2<3.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13164 apache-tomcat>=7.0.0<7.0.104 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-9484 apache-tomcat>=8.5.0<8.5.55 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-9484 apache-tomcat>=9.0.0<9.0.35 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-9484 py{27,36,37,38}-httplib2<0.18.0 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-11078 zabbix<3.0.31 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-11800 qmail-run<20200519 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2005-1513 adplug<2.3.2 double-free https://nvd.nist.gov/vuln/detail/CVE-2018-17825 amarok<3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-13152 cacti<1.2.11 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-13230 cacti<1.2.11 cross-site-request-forgeries https://nvd.nist.gov/vuln/detail/CVE-2020-13231 freerdp<2.1.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-13396 freerdp<2.1.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-13397 freerdp<2.1.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-13398 gitea<1.12.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13246 libexif<0.6.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-13112 libexif<0.6.22 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-13113 libexif<0.6.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13114 mariadb-connector-c<3.1.8 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-13249 moodle<3.8.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-10738 php>=7.2<7.2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11048 php>=7.3<7.3.18 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11048 php>=7.4<7.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11048 py{27,36,37,38}-meinheld<1.0.2 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-7658 ruby{24,25,26,27}-puma<4.3.4 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-11076 ruby{24,25,26,27}-puma<4.3.5 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-11077 slurm-wlm<19.05.7 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-12693 qmail<1.03nb49 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2005-1514 qmail<1.03nb49 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2005-1515 grafana<7.0.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13430 sqlite3<3.32.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13434 sqlite3<3.32.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13435 ruby{22,24,25,26,27}-em-http-request-[0-9]* improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-13482 qore<0.9.4.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-13615 qemu<5.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13253 sqlite<3.32.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-13630 sqlite<3.32.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-13631 sqlite<3.32.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-13632 sympa<6.2.56 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-10936 vim<8.1.0881 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-20807 qemu<4.2.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-13361 qemu<4.2.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-13362 glib-networking<2.64.3 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-13645 balsa<2.6.1 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-13645 php{56,70,71,72,73,74}-drupal>=8.7.4<8.7.5 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-6342 freerdp<2.1.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2020-11017 freerdp<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11018 freerdp<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11019 freerdp<2.1.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11038 freerdp<2.1.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11039 freerdp<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11040 freerdp<2.1.0 array-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11041 freerdp<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11043 freerdp<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11085 freerdp<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11086 freerdp<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11087 freerdp<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11088 freerdp<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11089 firefox<77.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-20/ cliqz<1.38.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-20/ firefox68<68.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-21/ tor-browser<9.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-21/ thunderbird<68.9.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-22/ fossil<2.11.1 command-injection https://fossil-scm.org/forum/forumpost/0e1a0540fd qt5-qtbase>=5.12.2<5.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13962 php{56,72,73,74}-roundcube<1.4.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13964 php{56,72,73,74}-roundcube<1.4.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13965 vlc<3.0.11 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-13428 nagios-base<4.4.6 url-injection https://nvd.nist.gov/vuln/detail/CVE-2020-13977 qemu>=4.2<5.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10761 vault<1.4.2 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-12757 vault<1.4.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-13223 libexif<0.6.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-0182 libexif<0.6.23 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-0198 consul>=1.6.0<1.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12758 consul>=1.4.0<1.6.6 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-12797 consul>=1.4.0<1.6.6 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-13170 consul>=1.2.0<1.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13250 adobe-flash-player<32.0.0.387 arbitrary-code-execution https://helpx.adobe.com/security/products/flash-player/apsb20-30.html wordpress<5.4.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-4046 wordpress<5.4.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-4047 wordpress<5.4.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2020-4048 wordpress<5.4.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-4049 wordpress<5.4.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-4050 upx<3.96 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20805 sane-backends<1.0.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12867 py{27,36,37,38}-rsa<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13757 grafana<6.0.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-18623 libvirt>=3.10.0<6.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10703 mediawiki<1.35 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-10959 qemu<4.2.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-13659 qemu<5.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-13754 znc>=1.8.0<1.8.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-13775 ruby{22,24,25,26,27}-websocket-extensions<0.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7663 py{34,35,36,37,38}-django>=2.2<2.2.13 data-leak https://nvd.nist.gov/vuln/detail/CVE-2020-13254 py{34,35,36,37,38}-django>=3.0<3.0.7 data-leak https://nvd.nist.gov/vuln/detail/CVE-2020-13254 py{34,35,36,37,38}-django>=2.2<2.2.13 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13596 py{34,35,36,37,38}-django>=3.0<3.0.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13596 nghttp2<1.41.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11080 grafana>=3.0.1<7.0.2 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2020-13379 libjpeg-turbo<2.0.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-13790 elasticsearch<6.8.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-7014 elasticsearch>=7.0.0<7.6.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-7014 gnutls>=3.6.4<3.6.14 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2020-13777 qemu<5.0.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-13765 qemu<5.0.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-13791 qemu<5.1.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2020-13800 ntp<4.2.8p14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13817 ntp>=4.3<4.3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13817 qemu<5.0.0 bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2020-10702 libupnp<1.14.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13848 perl<5.30.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10543 perl<5.30.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-12723 perl<5.30.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10878 sqlite3<3.32.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-13871 pam-tacplus-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-13881 ffmpeg2<2.8.17 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-13904 ffmpeg3<3.4.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-13904 ffmpeg4<4.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-13904 ImageMagick<7.0.10.20 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-13902 dbus>=1.3.0<1.12.18 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-12049 libreoffice<6.4.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-12802 libreoffice<6.4.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-12803 xawtv<3.107 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2020-13696 nodejs>=12.0.0<12.18.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8172 nodejs>=14.0.0<14.4.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8172 sane-backends<1.0.30 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-12861 sane-backends<1.0.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-12862 sane-backends<1.0.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-12863 sane-backends<1.0.30 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2020-12864 sane-backends<1.0.30 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-12865 sane-backends<1.0.30 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12866 bison<3.5.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14150 caddy<0.10.13 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-21246 jpeg<9d unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-14151 jpeg<9d denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14152 jpeg<9d out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-14153 mutt<1.14.3 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-14093 mutt<1.14.3 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14154 npm<6.14.2 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2017-18869 pcre<8.43 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-20838 pcre<8.44 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14155 pound<2.8 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2018-21245 redis<6.0.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14147 ffmpeg4<4.3.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14212 libvncserver<0.9.13 information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-21247 libvncserver<0.9.13 information-leak https://nvd.nist.gov/vuln/detail/CVE-2019-20839 libvncserver<0.9.13 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-20840 libvncserver<0.9.13 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-14396 libvncserver<0.9.13 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-14397 libvncserver<0.9.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14398 libvncserver<0.9.13 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-14399 libvncserver<0.9.13 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-14400 libvncserver<0.9.13 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14401 libvncserver<0.9.13 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-14402 libvncserver<0.9.13 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-14403 libvncserver<0.9.13 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-14404 libvncserver<0.9.13 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-14405 cacti-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-14295 bind>=9.16<9.16.4 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8618 bind>=9.11.14<9.11.20 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8619 bind>=9.14.9<9.16.4 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8619 adns<1.5.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9103 adns<1.5.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9104 adns<1.5.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-9105 adns<1.5.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9106 adns<1.5.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9107 adns<1.5.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9108 adns<1.5.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9109 python35-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14422 python36<3.6.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14422 python37<3.7.8nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14422 python38<3.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14422 ruby{22,24,25,26,27}-rails42-[0-9]* information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-8164 ruby{22,24,25,26,27}-rails51-[0-9]* information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-8164 ruby{22,24,25,26,27}-rails52<5.2.4.3 information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-8164 ruby{22,24,25,26,27}-rails60<6.0.3.1 information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-8164 ruby{22,24,25,26,27}-actionpack42-[0-9]* information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-8164 ruby{22,24,25,26,27}-actionpack51-[0-9]* information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-8164 ruby{22,24,25,26,27}-actionpack52<5.2.4.3 information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-8164 ruby{22,24,25,26,27}-actionpack60<6.0.3.1 information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-8164 ruby{22,24,25,26,27}-rails42-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8162 ruby{22,24,25,26,27}-rails51-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8162 ruby{22,24,25,26,27}-rails52<5.2.4.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8162 ruby{22,24,25,26,27}-rails60<6.0.3.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8162 ruby{22,24,25,26,27}-actionpack42-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8162 ruby{22,24,25,26,27}-actionpack51-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8162 ruby{22,24,25,26,27}-actionpack52<5.2.4.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8162 ruby{22,24,25,26,27}-actionpack60<6.0.3.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8162 ruby{22,24,25,26,27}-rails42-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8167 ruby{22,24,25,26,27}-rails51-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8167 ruby{22,24,25,26,27}-rails52<5.2.4.3 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8167 ruby{22,24,25,26,27}-rails60<6.0.3.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8167 ruby{22,24,25,26,27}-actionview42-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8167 ruby{22,24,25,26,27}-actionview51-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8167 ruby{22,24,25,26,27}-actionview52<5.2.4.3 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8167 ruby{22,24,25,26,27}-actionview60<6.0.3.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8167 ruby{22,24,25,26,27}-rails42-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-8165 ruby{22,24,25,26,27}-rails51-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-8165 ruby{22,24,25,26,27}-rails52<5.2.4.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-8165 ruby{22,24,25,26,27}-rails60<6.0.3.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-8165 ruby{22,24,25,26,27}-rack<2.2.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8184 ruby{22,24,25,26,27}-rack14-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8184 ruby{22,24,25,26,27}-rack16-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8184 go{19,110,113,114}-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14040 go-bin-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14040 alpine<2.23 weak-ssl-authentication https://nvd.nist.gov/vuln/detail/CVE-2020-14929 squirrelmail-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-14933 squirrelmail-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-14932 mutt<1.14.4 weak-ssl-authentication https://nvd.nist.gov/vuln/detail/CVE-2020-14954 neomutt<20200619 weak-ssl-authentication https://nvd.nist.gov/vuln/detail/CVE-2020-14954 php{56,70,71,72}-concrete5<8.5.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-14961 freerdp<2.1.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11095 freerdp<2.1.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11096 freerdp<2.1.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11099 freerdp<2.1.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11098 freerdp<2.1.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11097 chocolate-doom<3.0.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14983 freerdp<2.1.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-4030 freerdp<2.1.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-4032 freerdp<2.1.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-4031 freerdp<2.1.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-4033 mailman<2.1.33 code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15011 trafficserver<7.1.11 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-9494 mediawiki<1.34.2 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2020-15005 ntp<4.2.8p15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15025 ntp>4.3<4.3.101 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15025 wolfssl<4.4.0 information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-11735 net-snmp<5.8.1pre1 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-20892 trojita<0.8 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-15047 py{27,36,37,38}-Pillow<7.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-10994 py{27,36,37,38}-Pillow<6.2.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10379 py{27,36,37,38}-Pillow<6.2.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-10378 py{27,36,37,38}-Pillow<7.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11538 py{27,36,37,38}-Pillow<6.2.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-10177 openexr<2.5.2 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2020-15304 openexr<2.5.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-15306 openexr<2.5.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-15305 apache-tomcat>=9.0.0<9.0.36 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11996 apache-tomcat>=8.5.0<8.5.56 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11996 magento<1.9.4.5 multiple-vulnerabilities https://helpx.adobe.com/security/products/magento/apsb20-22.html sqlite3<3.32.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-15358 libraw<0.20.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-15365 firefox<78.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-24/ cliqz<1.38.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-24/ firefox68<68.10 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-25/ tor-browser<9.5.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-25/ thunderbird<68.10.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-26/ guacamole-server<1.2.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-9497 guacamole-server<1.2.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-9498 hylafax-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-15396 hylafax-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-15397 libraw<0.19.5nb1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-15503 libvncserver<0.9.12 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-18922 libmediainfo<20.03nb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-15395 ndpi-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-15471 ndpi-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-15472 ndpi-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-15473 ndpi-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-15474 ndpi-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-15475 ndpi-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-15476 openjpeg<2.4.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-15389 openssh<8.5 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-14145 putty>=0.68<0.74 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-14002 powerdns-recursor<4.3.2 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14196 qemu<5.0.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-15469 ruby{25,26,27}-rack<2.2.0 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-8161 ruby{25,26,27}-rack16-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-8161 ruby{25,26,27}-actionpack52<5.2.4.3 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8166 ruby{25,26,27}-actionpack60<6.0.3.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8166 ruby{25,26,27}-actionpack60<6.0.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8185 squid<4.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14058 squid<4.12 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-15049 wireshark>=3.2.0<3.2.5 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2020-15466 milkytracker<1.03.00 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-15569 php{56,72,73,74}-roundcube<1.4.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15562 samba<4.12.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-10730 samba<4.12.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10745 samba<4.12.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-10760 samba<4.12.4 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14303 webkit-gtk<2.28.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2020-0006.html xenkernel411<4.11.3nb3 denial-of-service https://xenbits.xen.org/xsa/advisory-317.html xenkernel413<4.13.1nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-317.html xenkernel411<4.11.3nb3 denial-of-service https://xenbits.xen.org/xsa/advisory-319.html xenkernel413<4.13.1nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-319.html xenkernel411<4.11.3nb3 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-321.html xenkernel413<4.13.1nb1 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-321.html xenkernel411<4.11.3nb3 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-328.html xenkernel413<4.13.1nb1 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-328.html xenkernel48-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools48-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages npm<6.14.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-15095 apache-tomcat>=8.5.0<8.5.12 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-11994 apache-tomcat>=7.0.0<7.0.76 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-11994 qemu<5.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-10756 jetty>=9.4.27.20200227<9.4.30.20200611 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-17638 python27<2.7.18nb3 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-20907 python35-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-20907 python36<3.6.12 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-20907 python37<3.7.9 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-20907 python38<3.8.5 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-20907 mysql-server<5.6.48 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL mysql-server>=5.7<5.7.30 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL mysql-server>=8.0<8.0.20 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL mysql-client<5.6.48 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL mysql-client>=5.7<5.7.30 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL mysql-client>=8.0<8.0.20 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL oracle-{jdk,jre}8<8.0.252 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixJAVA openjdk7<1.7.262 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixJAVA openjdk8<1.8.252 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixJAVA openjdk11<1.11.0.8 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixJAVA apache-tomcat>=8.5<8.5.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13934 apache-tomcat>=9.0<9.0.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13934 apache-tomcat>=8.5<8.5.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13935 apache-tomcat>=9.0<9.0.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13935 openldap<2.4.50 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2020-15719 synergy<1.12.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15117 jenkins<2.245 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2220 jenkins-lts<2.235.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2220 jenkins<2.245 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2221 jenkins-lts<2.235.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2221 jenkins<2.245 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2222 jenkins-lts<2.235.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2222 jenkins<2.245 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2223 jenkins-lts<2.235.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2223 ruby{25,26,27}-kramdown<2.3.0 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2020-14001 glpi<9.5.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15108 zabbix>=4.0<4.0.22rc1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15803 go113<1.13.13 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-14039 go114<1.14.5 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-14039 go113<1.13.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15586 go114<1.14.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15586 evolution-data-server<3.36.4 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-14928 radare2<4.5.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15121 clamav<0.102.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-3481 clamav<0.102.4 arbitrary-file-deletion https://nvd.nist.gov/vuln/detail/CVE-2020-3350 qemu<6.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15859 qemu<5.1.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-15863 lua54<5.4.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-15888 lua54<5.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-15889 LuaJIT2-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-15890 magento<1.9.4.6 multiple-vulnerabilities https://helpx.adobe.com/security/products/magento/apsb20-41.html magento<2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python27-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages claws-mail<3.17.6 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-15917 lua54<5.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15945 nodejs>=10<10.21.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-8174 nodejs>=12<12.18.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-8174 nodejs>=14<14.18.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-8174 openssh-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15778 grafana<6.7.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-11110 libetpan-[0-9]* man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-15953 py{27,36,37,38}-uvicorn<0.11.7 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2020-7694 py{27,36,37,38}-uvicorn<0.11.7 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2020-7695 firefox<78.0.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-28/ cliqz<1.38.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-28/ thunderbird<78.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-29/ firefox<79.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-30/ cliqz-[0-9]* multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-30/ firefox68<68.11 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/ tor-browser<9.5.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/ firefox78<78.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-32/ mozjs78<78.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-32/ thunderbird<78.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-33/ webkit-gtk<2.28.4 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2020-0007.html opendmarc>=1.3.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-12460 cherokee>=0.4.27<1.2.104 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-12845 freerdp<2.2.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-15103 ghostscript-agpl<9.53.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-15900 libX11<1.6.10 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-14344 fehqlibs<0.9.15 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2005-1513 claws-mail-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16094 freeDiameter-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-6098 php{56,72,73,74}-typo3<10.4.6 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2020-15098 php{56,72,73,74}-typo3<10.4.6 information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-15098 php{56,72,73,74}-concrete5<8.5.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-11476 magento<2.3.5.2 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2020-9690 magento<2.3.5.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-9692 magento<2.3.5.2 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-9689 magento<2.3.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-9691 grub2<2.0.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14308 grub2<2.0.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14309 grub2<2.0.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14310 grub2<2.0.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14311 grub2<2.0.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-15705 grub2<2.0.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-15706 grub2<2.0.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-15707 grub2<2.0.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10713 balsa<2.6.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-16118 libssh-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-16135 evolution-data-server<3.35.91 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-16117 ruby{25,26,27}-faye-websocket<0.11.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-15133 php{56,71,72,73,74}-tiki6-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-8966 radare2-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-16269 ark<20.04.1nb3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-16116 php{56,71,72,73,74}-tiki6-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-16131 modular-xorg-server<1.20.9 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-14347 lilypond-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-17353 go113<1.13.15 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2020-16845 go114<1.14.7 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2020-16845 apache<2.4.46 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-11984 apache<2.4.46 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9490 apache<2.4.46 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-11993 apache<2.4.24 spoofing https://nvd.nist.gov/vuln/detail/CVE-2020-11985 thunderbird<68.11 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-35/ qemu<5.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16092 radare2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-17487 jenkins-lts<2.235.4 multiple-vulnerabilities https://www.jenkins.io/security/advisory/2020-08-12/ jenkins<2.252 multiple-vulnerabilities https://www.jenkins.io/security/advisory/2020-08-12/ dovecot<2.3.11.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12100 dovecot<2.3.11.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12673 dovecot<2.3.11.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12674 mantis<2.24.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-16266 py{27,36,37,38}-asyncpg<0.21.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-17446 php{56,72,73,74}-roundcube<1.4.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-16145 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16287 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16288 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16289 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16290 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16291 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16292 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16293 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16294 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16295 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16296 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16297 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16298 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16299 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16300 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16301 ghostscript-agpl<9.51 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-16302 ghostscript-agpl<9.51 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-16303 ghostscript-agpl<9.51 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-16304 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16305 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16306 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16307 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16308 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16309 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16310 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-17538 qt5-qtbase<5.15.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-17507 wireshark>=3.2.0<3.2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-17498 lua54<5.4.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24342 nim-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15692 nim-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-15693 nim-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-15694 snmptt<1.4.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-24361 jenkins-lts<2.235.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-17638 jenkins<2.243 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-17638 lua54<5.4.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-24369 lua54<5.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24370 lua54<5.4.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-24371 LuaJIT2-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-24372 elasticsearch<6.8.12 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-7019 elasticsearch>=7.0.0<7.9.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-7019 curl>=7.29.0<7.72.0 expired-pointer-dereference https://curl.haxx.se/docs/CVE-2020-8231.html fossil<2.12.1 remote-code-execution https://fossil-scm.org/forum/forumpost/9e114feec0 net-snmp<5.9 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-15861 net-snmp<5.9 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-15862 wolfssl<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12457 wolfssl<4.5.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-15309 wolfssl<4.5.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-24585 apache-solr<8.6.0 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-13941 mongodb>=4.5.0<4.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7923 mongodb>=4.4.0<4.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7923 mongodb>=4.2.0<4.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7923 mongodb>=4.0.0<4.0.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7923 bind>=9.15.6<9.16.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8620 bind>=9.17<9.17.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8620 bind>=9.14<9.16.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8621 bind>=9.17<9.17.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8621 bind>=9.0<9.11.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8622 bind>=9.12<9.16.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8622 bind>=9.17<9.17.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8622 bind>=9.10<9.11.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8623 bind>=9.12<9.16.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8623 bind>=9.17<9.17.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8623 bind>=9.9.12<9.11.22 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-8624 bind>=9.12.1<9.16.6 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-8624 bind>=9.17<9.17.4 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-8624 postgresql10-server<10.14 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14349 postgresql11-server<11.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14349 postgresql12-server<12.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14349 postgresql95-server<9.5.23 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14350 postgresql96-server<9.6.19 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14350 postgresql10-server<10.14 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14350 postgresql11-server<11.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14350 postgresql12-server<12.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14350 chrony<3.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14367 firefox<80.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-36/ cliqz-[0-9]* multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-36/ firefox68<68.12 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-37/ tor-browser<9.5.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-37/ firefox78<78.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-38/ mozjs78<78.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-38/ bison<3.7.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-24240 nasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-24241 nasm-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-24242 squid<4.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24606 wolfssl<4.5.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-24613 vault<1.2.5 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-16251 vault<1.2.5 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-16250 grafana<6.4.4 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2019-19499 php{56,70,71,72}-basercms<4.3.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15159 php{56,70,71,72}-basercms<4.3.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15155 php{56,70,71,72}-basercms<4.3.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15154 py{27,34,35,36,37,38}-flask-cors<3.0.9 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-25032 fossil<2.10.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-24614 fossil>=2.12<2.12.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-24614 rabbitmq<3.8.7 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-5419 qemu<5.0.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14415 qemu<5.0.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-12829 bind>=9.14<9.16 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages py{37,38}-django>=2.2<2.2.16 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-24583 py{37,38}-django>=3.0<3.0.10 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-24583 py{37,38}-django>=2.2<2.2.16 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-24584 py{37,38}-django>=3.0<3.0.10 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-24584 qemu<5.2.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-14364 apache-cassandra<2.2.18 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-13946 apache-cassandra>=3<3.11.8 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-13946 ark<20.04.1nb3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-24654 go114<1.14.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-24553 go115<1.15.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-24553 mbedtls<2.24.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2020-16150 miller>=5.9.0<5.9.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-15167 rebar3<3.14.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-13802 squid<4.13 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2020-15810 squid<4.13 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2020-15811 gnupg2>=2.2.21<2.2.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25125 bison<3.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24979 bison<3.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24980 ghostscript-agpl<9.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14373 gnutls<3.6.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24659 libxml2<2.9.11 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24977 nasm<2.15.05 double-free https://nvd.nist.gov/vuln/detail/CVE-2020-24978 php{56,72,73,74}-concrete5<8.5.3 code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-24986 py{27,36,37,38}-pip<19.2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-20916 ruby{25,26,27}-bundler1-[0-9]* insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2019-3881 ruby{25,26,27}-bundler<2.1.0 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2019-3881 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24996 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24999 netbeans-ide-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2020-11986 openssl<1.1.1 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2020-1968 yaws<2.0.8 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-24916 yaws<2.0.8 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2020-24379 libproxy<0.4.15nb1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25219 php>=7.2<7.2.33 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-7068 php>=7.3<7.3.22 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-7068 php>=7.4<7.4.10 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-7068 bitcoin>=0.16.0<0.16.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17145 bitcoin>=0.20.0<0.20.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14198 yarn-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15168 zeromq<4.3.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15166 p5-DBI<1.632 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2013-7490 p5-DBI<1.628 stack-corruption https://nvd.nist.gov/vuln/detail/CVE-2013-7491 p5-DBI<1.632 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2014-10401 ansible<2.10.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-14332 ansible<2.11.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-14330 libX11<1.6.12 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14363 python35-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages wordpress<5.4.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25286 modular-xorg-server<1.20.9 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-14345 brotli<1.0.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-8927 modular-xorg-server<1.20.9 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14346 modular-xorg-server<1.20.9 buffer-underflow https://nvd.nist.gov/vuln/detail/CVE-2020-14361 modular-xorg-server<1.20.9 integer-underflow https://nvd.nist.gov/vuln/detail/CVE-2020-14362 p5-DBI<1.643nb3 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2014-10402 p5-DBI<1.643 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-14392 p5-DBI<1.643 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-14393 libraw<0.20.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-24890 libraw<0.20.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-24889 gnuplot<5.2.8nb10 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-25412 gnuplot<5.2.8nb10 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-25559 p5-DBI<1.643 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20919 php{56,72,73,74}-soycms-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15183 zoneminder<1.34.21 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25729 yed<3.20.1 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2020-25215 php{56,72,73,74}-soycms<3.0.2.328 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-15188 php{56,72,73,74}-soycms-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15189 nodejs>=12<12.18.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8201 nodejs>=14<14.11.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8201 nodejs>=14<14.11.0 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8251 nodejs<10.22.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-8252 nodejs>=12<12.18.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-8252 nodejs>=14<14.9.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-8252 php{56,70,71,72}-tt-rss-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25787 php{56,70,71,72}-tt-rss-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25789 php{56,70,71,72}-tt-rss-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25788 bsdiff-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14315 ansible<2.9.13 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-14365 glpi<9.5.0 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2020-11031 xenkernel411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25595 xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25595 xenkernel411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25596 xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25596 xenkernel411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25597 xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25597 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25598 xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25598 xenkernel411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25599 xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25599 xenkernel411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25600 xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25600 xenkernel411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25601 xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25601 xenkernel411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25602 xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25602 xenkernel411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25603 xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25603 xenkernel411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25604 xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25604 python27<2.7.18nb3 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-26116 python35<3.5.10 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-26116 python36<3.6.12 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-26116 python37<3.7.9 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-26116 python38<3.8.5 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-26116 qemu<5.0.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-25084 qemu<5.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25085 qemu<5.0.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2020-25625 ruby-oauth-[0-9]* improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2016-11086 tigervnc<1.11.0 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2020-26117 mediawiki<1.34.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25812 mediawiki<1.34.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25813 mediawiki<1.34.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25814 mediawiki<1.34.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25815 mediawiki<1.34.4 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2020-25827 mediawiki<1.34.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25828 mediawiki<1.34.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25869 mediawiki<1.34.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-26120 mediawiki<1.34.4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-26121 py{27,36,37,38}-rpyc>=4.1.0<4.1.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-16328 py{27,36,37,38}-djangorestframework<3.12.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25626 grafana<8.3.1 signature-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-15216 vault>=1.5.0<1.5.4 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25816 vault>=1.4.0<1.4.7 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25816 mantis<2.24.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25288 mantis<2.24.3 remote-security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25781 mantis<2.24.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25830 py{27,36,37,38}-urllib3<1.25.9 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-26137 go-jwt-go<4.0.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-26160 libproxy<0.4.16 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26154 oniguruma<6.9.6rc1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26159 apache-ant-[0-9]* insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-11979 powerdns<4.3.1 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2020-17482 powerdns<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24697 powerdns<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24698 powerdns<4.4.0 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2020-24696 thunderbird<78.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-41/ firefox<81 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-42/ cliqz-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages firefox78<78.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-43/ mozjs78<78.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-43/ tor-browser<10 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-43/ thunderbird<78.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-44/ erlang>=22.3<22.3.4.6 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2020-25623 erlang>=23<23.1 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2020-25623 qemu-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-25741 mupdf<1.18.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26519 php>=7.2<7.2.34 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7069 php>=7.3<7.3.23 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7069 php>=7.4<7.4.11 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7069 php>=7.2<7.2.34 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7070 php>=7.3<7.3.23 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7070 php>=7.4<7.4.11 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7070 thunderbird<68.12 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-40/ php{56,72,73,74}-nextcloud>=19<19.0.1 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8223 php{56,72,73,74}-nextcloud>=18<18.0.7 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8223 php{56,72,73,74}-nextcloud<17.0.8 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8223 opensc<0.21.0rc1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26570 opensc<0.21.0rc1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26572 opensc<0.21.0rc1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26571 wireshark>=2.6<2.6.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25862 wireshark>=3.0<3.0.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25862 wireshark>=3.2<3.2.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25862 wireshark>=2.6<2.6.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25863 wireshark>=3.0<3.0.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25863 wireshark>=3.2<3.2.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25863 wireshark<3.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26575 spice-server<0.14.2.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14355 spice-gtk<0.14.2.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14355 qemu<5.1.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-25742 qemu<5.1.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-25743 glpi<9.5.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15176 glpi<9.5.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-15175 glpi<9.5.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-15217 glpi<9.5.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15226 glpi<9.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15177 sympa-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-26880 wireshark>=3.2<3.2.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25866 wireshark>=3.0<3.0.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25866 php{56,70,71,72,73,74}-phpmyadmin<4.9.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-26934 php{56,70,71,72,73,74}-phpmyadmin<4.9.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-26935 apache-tomcat>=9.0<9.0.38 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-13943 apache-tomcat>=8.5<8.5.58 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-13943 webmin<1.950 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-12670 webmin<1.950 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-8820 webmin<1.950 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-8821 adobe-flash-player<32.0.0.445 arbitrary-code-execution https://helpx.adobe.com/security/products/flash-player/apsb20-58.html ruby{25,26,27}-nexpose<6.6.49 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-7383 gitea<1.13.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-14144 libass<0.15.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26682 magento<2.4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-24408 powerdns-recursor<4.3.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25829 py{27,36,37,38,39}-libtaxii<1.1.118 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-27197 qemu<5.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24352 matrix-synapse<1.21.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-26891 freetype2<2.10.4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15999 suse{,32}_freetype2-[0-9]* remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15999 tcpreplay<4.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24265 tcpreplay<4.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24266 nss<3.58 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25648 nss<3.46 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17006 nss<3.36.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18508 pam-tacplus-[0-9]* insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2020-27743 firefox<82 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-45/ firefox78<78.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-46/ mozjs78<78.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-46/ tor-browser<10.0.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-46/ thunderbird<78.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-47/ grafana<7.1.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-24303 samba<4.12.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14323 php{56,72,73,74}-basercms<4.4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15273 php{56,72,73,74}-basercms<4.4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15276 php{56,72,73,74}-basercms<4.4.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-15277 tmux<3.1c buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27347 openjdk8<1.8.262 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixJAVA openjdk11<1.11.0.9 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixJAVA mysql-server<5.6.50 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixMSQL mysql-server>=5.7<5.7.32 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixMSQL mysql-server>=8.0<8.0.22 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixMSQL mysql-cluster<7.4.30 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixMSQL ImageMagick<7.0.10.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27560 ImageMagick6<6.9.11.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27560 asterisk>=13.0<13.37.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-001.html asterisk>=16.0<16.14.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-001.html asterisk>=17.0<17.8.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-001.html asterisk>=13.0<13.37.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-002.html asterisk>=16.0<16.14.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-002.html asterisk>=17.0<17.8.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-002.html cacti<1.2.14 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25706 consul<1.7.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25201 jetty<9.4.32.20200930 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-27216 libmaxminddb<1.4.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-28241 mit-krb5<1.18.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28196 packagekit<1.2.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-16121 packagekit<1.2.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-16122 php{56,72,73,74}-nextcloud<19.0.2 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2020-8133 php{56,72,73,74}-nextcloud<19.0.2 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2020-8150 php{56,72,73,74}-nextcloud<20.0.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8152 php{56,72,73,74}-nextcloud<19.0.0 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2020-8173 php{56,72,73,74}-nextcloud<19.0.1 password-exposure https://nvd.nist.gov/vuln/detail/CVE-2020-8183 php{56,72,73,74}-nextcloud<19.0.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8236 php{56,72,73,74}-nextcloud<20.0.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8259 postgresql95-server<9.5.24 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2020-25694 postgresql96-server<9.6.20 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2020-25694 postgresql10-server<10.15 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2020-25694 postgresql11-server<11.10 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2020-25694 postgresql12-server<12.5 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2020-25694 postgresql13-server<13.1 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2020-25694 postgresql95-server<9.5.24 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-25695 postgresql96-server<9.6.20 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-25695 postgresql10-server<10.15 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-25695 postgresql11-server<11.10 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-25695 postgresql12-server<12.5 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-25695 postgresql13-server<13.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-25695 py{27,36,37,38,39}-moin<1.9.11 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15275 py{27,36,37,38,39}-moin<1.9.11 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-25074 py{27,36,37,38,39}-rsa<4.7 side-channel https://nvd.nist.gov/vuln/detail/CVE-2020-25658 python27<2.7.18nb4 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-27619 python36<3.6.13 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-27619 python37<3.7.10 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-27619 python38<3.8.7rc1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-27619 python39<3.9.1rc1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-27619 qemu<4.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27616 qemu<4.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27617 raptor-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-18926 raptor2<2.0.16 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-18926 salt<2019.2.7 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-16846 salt<2019.2.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-17490 salt<2019.2.7 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25592 tcpdump<4.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8036 tcpdump<4.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8037 wireshark>=3.2.0<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28030 wordpress<5.5.2 php-object-injection https://nvd.nist.gov/vuln/detail/CVE-2020-28032 wordpress<5.5.2 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-28033 wordpress<5.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-28034 wordpress<5.5.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-28035 wordpress<5.5.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-28036 wordpress<5.5.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-28037 wordpress<5.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-28038 wordpress<5.5.2 arbitrary-file-deletion https://nvd.nist.gov/vuln/detail/CVE-2020-28039 wordpress<5.5.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-28040 xenkernel411<4.11.4nb4 side-channel https://nvd.nist.gov/vuln/detail/CVE-2020-28368 xenkernel413<4.13.2nb1 side-channel https://nvd.nist.gov/vuln/detail/CVE-2020-28368 diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-26217 clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-26217 intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-26217 intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-26217 phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-26217 pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-26217 rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-26217 aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-26217 firefox<82.0.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-49/ firefox78<78.4.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-49/ mozjs78<78.4.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-49/ tor-browser<10.0.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-49/ thunderbird<78.4.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-49/ firefox<83 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/ firefox78<78.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-51/ mozjs78<78.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-51/ tor-browser<10.0.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-51/ thunderbird<78.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-52/ go114<1.14.12 code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-28366 go115<1.15.5 code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-28366 go114<1.14.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28362 go115<1.15.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28362 go114<1.14.12 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-28367 go115<1.15.5 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-28367 py{27,33,34,35,36,37,38}-werkzeug<0.11.6 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2020-28724 influxdb<1.7.6 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-20933 py{27,34,35,36,37,38}-notebook<6.1.5 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2020-26215 rclone<1.53.3 weak-password-generator https://nvd.nist.gov/vuln/detail/CVE-2020-28924 mutt<2.0.2 password-exposure https://nvd.nist.gov/vuln/detail/CVE-2020-28896 php{56,72,73,74}-pear<1.10.12nb2 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2020-28948 php{56,72,73,74}-pear<1.10.12nb2 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2020-28949 nodejs>=15<15.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8277 nodejs>=14<14.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8277 nodejs>=12<12.19.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8277 moodle<3.5.15 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25698 moodle>=3.7<3.7.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25698 moodle>=3.8<3.8.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25698 moodle>=3.9<3.9.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25698 moodle<3.5.15 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25700 moodle>=3.7<3.7.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25700 moodle>=3.8<3.8.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25700 moodle>=3.9<3.9.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25700 moodle<3.5.15 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25701 moodle>=3.7<3.7.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25701 moodle>=3.8<3.8.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25701 moodle>=3.9<3.9.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25701 moodle<3.5.15 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25699 moodle>=3.7<3.7.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25699 moodle>=3.8<3.8.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25699 moodle>=3.9<3.9.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25699 moodle<3.5.15 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25703 moodle>=3.7<3.7.9 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25703 moodle>=3.8<3.8.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25703 moodle>=3.9<3.9.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25703 moodle>=3.9<3.9.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25702 libsixel-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-19668 ImageMagick6<6.9.11.7 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-19667 ImageMagick<7.0.10.7 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-19667 php{56,70,71,72,73,74}-drupal>=7<7.74 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-13671 php{56,70,71,72,73,74}-drupal>=8.8<8.8.11 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-13671 php{56,70,71,72,73,74}-drupal>=8.9<8.9.9 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-13671 xpdf-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-25725 webkit-gtk<2.30.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2020-0008.html webkit-gtk<2.30.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2020-0009.html blosc-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-29367 consul<1.6.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-28053 gitea<1.12.6 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-28991 jetty<9.4.35.20201120 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-27218 libslirp<4.4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-29129 qemu<5.2.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-29129 libslirp<4.4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-29130 qemu<5.2.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-29130 libvncserver<0.9.13 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25708 matrix-synapse<1.20.0 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26890 minidlna<1.3.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-28926 mongodb<3.6.9 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-20802 mongodb>=4.0<4.0.3 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-20802 mongodb<3.6.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20803 mongodb>=4.0<4.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20803 mongodb<3.6.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20804 mongodb>=4.0<4.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20804 mongodb<3.6.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20805 mongodb>=4.0<4.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20805 mongodb<3.6.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-2392 mongodb>=4<4.2.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-2392 mongodb<3.6.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-2393 mongodb>=4<4.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-2393 mongodb>=4.0<4.0.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20923 mongodb>=4.2<4.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20924 mongodb<3.6.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20925 mongodb>=4<4.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20925 mongodb>=4<4.2.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7925 mongodb>=4.4<4.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7926 mongodb<3.6.20 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7928 mongodb>=4<4.2.9 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7928 glpi<9.5.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-27662 glpi<9.5.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-27663 postgresql95-server<9.5.24 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-25696 postgresql96-server<9.6.20 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-25696 postgresql10-server<10.15 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-25696 postgresql11-server<11.10 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-25696 postgresql12-server<12.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-25696 postgresql13-server<13.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-25696 qemu<5.2.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-25624 slurm-wlm<19.05.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27745 slurm-wlm<19.05.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-27746 php{56,72,73,74}-typo3<10.4.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-26227 php{56,72,73,74}-typo3<10.4.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-26228 php{56,72,73,74}-typo3<10.4.10 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2020-26229 x11vnc-[0-9]* improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-29074 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29040 ImageMagick6<6.9.11.40 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-29599 ImageMagick<7.0.10.40 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-29599 awstats<7.8 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-29600 moodle<3.8.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25628 moodle>=3.9<3.9.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25628 moodle<3.8.5 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-25629 moodle>=3.9<3.9.2 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-25629 moodle<3.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25630 moodle>=3.9<3.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25630 moodle<3.8.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25631 moodle>=3.9<3.9.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25631 openldap-server<2.4.55 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-25692 pngcheck-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27818 nsd<4.3.4 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2020-28935 unbound<1.13.0 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2020-28935 openssl<1.1.1i null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-1971 thunderbird<78.5.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-53/ ImageMagick<7.0.9.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-25663 ImageMagick6<6.9.10.68 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-25664 ImageMagick<7.0.8.68 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-25664 ImageMagick6<6.9.10.68 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-25665 ImageMagick<7.0.8.68 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-25665 ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25666 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25666 ImageMagick6<6.9.10.69 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-25667 ImageMagick<7.0.9.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-25667 ImageMagick6<6.9.10.68 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-25674 ImageMagick<7.0.8.68 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-25674 ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25675 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25675 ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25676 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25676 ImageMagick6<6.9.10.68 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27750 ImageMagick<7.0.8.68 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27750 ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27751 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27751 ImageMagick6<6.9.11.47 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-27752 ImageMagick<7.0.9.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-27752 ImageMagick6<6.9.10.69 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-27753 ImageMagick<7.0.9.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-27753 ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27754 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27754 ImageMagick6<6.9.10.69 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-27755 ImageMagick<7.0.9.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-27755 ImageMagick6<6.9.10.69 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27756 ImageMagick<7.0.9.0 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27756 ImageMagick6<6.9.10.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27757 ImageMagick<7.0.8.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27757 ImageMagick6<6.9.10.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27758 ImageMagick<7.0.8.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27758 binutils<2.35 double-free https://nvd.nist.gov/vuln/detail/CVE-2020-16590 binutils<2.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16591 binutils<2.35 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-16592 binutils<2.35 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-16593 binutils<2.35.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-16598 binutils<2.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16599 jasper<2.0.23 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-27828 matrix-synapse<1.23.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-26257 moodle<3.9.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25627 mupdf<1.17.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-16600 openexr<2.4.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-16587 openexr<2.4.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-16588 openexr<2.4.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-16589 password-store-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-28086 phpldapadmin<1.2.6.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-35132 py{27,36,37,38,39}-py-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29651 qemu<5.2.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-27821 sympa<6.2.60 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-29668 npm<7.1.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-7788 php{56,71,72,73,74}-tiki6-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-29254 awstats-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-35176 wireshark<3.2.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26418 wireshark>=3.4<3.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26418 wireshark>=3.4<3.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26419 wireshark<3.2.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26420 wireshark>=3.4<3.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26420 wireshark<3.2.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26421 wireshark>=3.4<3.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26421 ImageMagick6<6.9.10.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27759 ImageMagick<7.0.8.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27759 ImageMagick6<6.9.10.68 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27760 ImageMagick<7.0.8.68 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27760 ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27761 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27761 ImageMagick6<6.9.10.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27762 ImageMagick<7.0.8.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27762 ImageMagick6<6.9.10.68 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27763 ImageMagick<7.0.8.68 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27763 ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27764 ImageMagick<7.0.8.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27764 ImageMagick6<6.9.10.69 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27765 ImageMagick<7.0.9.0 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27765 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27766 ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27767 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27767 ImageMagick6<6.9.10.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27770 ImageMagick<7.0.8.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27770 ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27771 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27771 ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27772 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27772 ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27773 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27773 ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27774 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27774 ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27775 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27775 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27776 php-7.2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages apache-tomcat<8.5.60 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-17527 apache-tomcat>=9.0<9.0.40 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-17527 audacity-[0-9]* insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-11867 libvirt<6.6.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14339 libxls<1.5.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-2910 poppler-utils<0.76.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27778 py{27,36,37,38,39}-lxml<4.6.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-27783 qemu<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25723 qemu<5.2.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2020-28916 samba<4.12.9 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-14318 samba<4.12.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14383 curl<7.71.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-8169 curl<7.71.0 local-file-write https://nvd.nist.gov/vuln/detail/CVE-2020-8177 curl<7.74.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-8284 curl<7.74.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8285 curl<7.74.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-8286 go114-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-29509 go115-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-29509 go114-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-29510 go115-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-29510 go114-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-29511 go115-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-29511 firefox<84 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-54/ firefox78<78.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-55/ mozjs78<78.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-55/ tor-browser<10.0.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-55/ thunderbird<78.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-56/ go-hugo<0.79.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-26284 kitty<0.19.13 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-35605 webmin-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2020-35606 nagios-base-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-35269 opensmtpd<6.8.0p1 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-35679 opensmtpd<6.8.0p1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35680 gdk-pixbuf2<2.42.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29385 gobby<0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35450 libvorbis<1.3.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20412 pure-ftpd-[0-9]* remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35359 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35376 openjpeg<2.4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-27841 openjpeg<2.4.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-27842 openjpeg<2.4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-27843 openjpeg<2.4.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-27844 openjpeg<2.4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-27845 php{56,71,72,73,74}-orangehrm<4.6.0.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-29437 binutils<2.36 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35448 binutils<2.34 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35493 binutils<2.34 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-35494 binutils<2.34 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-35495 binutils<2.34 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-35496 binutils<2.34 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-35507 dovecot<2.3.13 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-24386 dovecot<2.3.13 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-25275 dropbear<2019.77 username-enumeration https://nvd.nist.gov/vuln/detail/CVE-2019-12953 ffmpeg4<4.4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-35964 ffmpeg4<4.4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-35965 gdm<3.38.2.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-27837 go-text-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28851 go-text-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28852 icinga-base>=2<2.12.3 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-29663 mantis<2.24.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-28413 mantis<2.24.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-35849 mediawiki<1.35.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-35474 mediawiki<1.35.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-35475 mediawiki<1.35.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-35477 mediawiki<1.35.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-35478 mediawiki<1.35.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-35479 mediawiki<1.35.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-35480 modular-xorg-server<1.20.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25712 opendkim-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2020-35766 p11-kit<0.23.22 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-29361 p11-kit<0.23.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-29362 p11-kit<0.23.22 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-29363 postsrsd<1.10 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35573 py{27,36,37,38,39}-autobahn<20.12.3 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2020-35678 py{27,36,37,38,39}-notebook<5.7.8 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2020-26275 qemu<4.2.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-20808 qemu<5.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11947 php{56,72,73,74}-roundcube<1.4.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-35730 ruby{25,26,27}-nokogiri<1.11.0 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2020-26247 vault<1.6.1 username-enumeration https://nvd.nist.gov/vuln/detail/CVE-2020-35177 vault<1.6.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-35453 wavpack<5.4.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-35738 wireshark>=3.4<3.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26422 xentools411<4.11.4nb2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-29479 xentools413<4.13.2nb2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-29479 xentools411<4.11.4nb2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-29480 xentools413<4.13.2nb2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-29480 xentools411<4.11.4nb2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-29481 xentools413<4.13.2nb2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-29481 xentools411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29482 xentools413<4.13.2nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29482 xentools411<4.11.4nb2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-29483 xentools413<4.13.2nb2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-29483 xentools411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29485 xentools413<4.13.2nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29485 xentools411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29486 xentools413<4.13.2nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29486 xenkernel411<4.11.4nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29566 xenkernel413<4.13.2nb4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29566 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29568 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29568 xenkernel411<4.11.4nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29570 xenkernel413<4.13.2nb4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29570 xenkernel411<4.11.4nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29571 xenkernel413<4.13.2nb4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29571 xentools411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29484 xentools413<4.13.2nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29484 xentools411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29487 xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29487 nodejs>=10<10.23.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-8265 nodejs>=12<12.20.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-8265 nodejs>=14<14.15.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-8265 nodejs>=10<10.23.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-8287 nodejs>=12<12.20.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-8287 nodejs>=14<14.15.4 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-8287 py{27,36,37,38,39}-cairosvg<2.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21236 ruby{25,26,27}-actionpack60>=6.0.0<6.0.3.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-8264 wolfssl<4.6.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-36177 php{56,72,73,74,80}-concrete5<8.5.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-3111 vlc<3.0.12 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26664 cacti<1.2.17 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-35701 py{27,36,37,38,39}-cryptography<3.2 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2020-25659 jenkins<2.263.2 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2021-21602 jenkins<2.263.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21603 jenkins<2.263.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21604 jenkins<2.263.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21605 jenkins<2.263.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21606 jenkins<2.263.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21607 jenkins<2.263.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21608 jenkins<2.263.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-21609 jenkins<2.263.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21610 jenkins<2.263.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21611 R<4.0.3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-27637 py{27,36,37,38,39}-Pillow<8.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35653 py{27,36,37,38,39}-Pillow<8.1.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-35654 py{27,36,37,38,39}-Pillow<8.1.0 buffer-overrun https://nvd.nist.gov/vuln/detail/CVE-2020-35655 py{27,36,37,38,39}-m2crypto-[0-9]* timing-attack https://nvd.nist.gov/vuln/detail/CVE-2020-25657 ruby{25,26,27}-redcarpet<3.5.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-26298 sudo<1.9.5 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2021-23239 sudo<1.9.5 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-23240 apache-tomcat<7.0.107 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-24122 apache-tomcat>=8.5<8.5.60 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-24122 apache-tomcat>=9.0<9.0.40 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-24122 elasticsearch>=7.7.0<7.10.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22132 erlang>=23.2<23.2.2 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-35733 php{56,72,73,74}-owncloud<10.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-16255 mysql-client<5.6.51 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2021.html#AppendixMSQL mysql-client>=5.7<5.7.33 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2021.html#AppendixMSQL mysql-client>=8.0<8.0.23 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2021.html#AppendixMSQL mysql-server<5.6.51 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2021.html#AppendixMSQL mysql-server>=5.7<5.7.33 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2021.html#AppendixMSQL mysql-server>=8.0<8.0.23 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2021.html#AppendixMSQL dnsmasq<2.83 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25681 dnsmasq<2.83 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25682 dnsmasq<2.83 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25683 dnsmasq<2.83 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-25684 dnsmasq<2.83 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-25685 dnsmasq<2.83 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-25686 dnsmasq<2.83 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25687 mutt<2.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3181 SDL2<2.0.14 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14409 SDL2<2.0.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-14410 guacamole-server<1.3.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-11997 modular-xorg-server<1.20.10 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-14360 php{56,72,73,74}-pear<1.10.12nb2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-36193 py{27,36,37,38,39}-bottle<0.12.19 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2020-28473 py{27,36,37,38,39}-tornado-[0-9]* cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2020-28476 python27<2.7.18nb4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3177 python36<3.6.13 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3177 python37<3.7.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3177 python38<3.8.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3177 python39<3.9.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3177 firefox<84.0.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-01/ firefox78<78.6.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-01/ mozjs78<78.6.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-01/ tor-browser<10.0.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-01/ thunderbird<78.6.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-02/ firefox<85 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-03/ firefox78<78.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-04/ mozjs78<78.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-04/ tor-browser<10.0.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-04/ moodle<3.10.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-20183 moodle<3.10.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20184 moodle<3.10.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20185 moodle<3.10.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-20186 moodle<3.10.1 code-injection https://nvd.nist.gov/vuln/detail/CVE-2021-20187 openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36221 openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36222 openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36223 openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36224 openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36225 openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36226 openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36227 openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36228 openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36229 openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36230 asterisk>=13.0<13.38.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-003.html asterisk>=16.0<16.15.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-003.html asterisk>=13.0<13.38.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-004.html asterisk>=16.0<16.15.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-004.html bitcoin-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-3195 go114<1.14.14 integer-underflow https://nvd.nist.gov/vuln/detail/CVE-2021-3114 go115<1.15.7 integer-underflow https://nvd.nist.gov/vuln/detail/CVE-2021-3114 go114<1.14.14 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-3115 go115<1.15.7 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-3115 gst-plugins1-bad<1.16.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-3185 jasper<2.0.25 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3272 jenkins<2.263.2 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-21615 libgcrypt<1.9.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3345 mantis<2.24.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-29603 mantis<2.24.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-29604 mantis<2.24.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-29605 ImageMagick<7.0.10.62 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20176 ImageMagick6<6.99.11.62 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20176 apache-cassandra<2.2.20 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-17516 apache-cassandra>=3<3.11.24 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-17516 bitcoin<0.19.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-3401 gitea<1.13.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3382 gnome-autoar<0.3.0 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2020-36241 mit-krb5-appl-[0-9]* arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-25017 mit-krb5-appl-[0-9]* authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-25018 nim<1.2.6 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-15690 opendoas>=6.6<6.8.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-25016 openjpeg<2.4.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27814 php{56,72,73,74}-nextcloud<20.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8293 php{56,72,73,74}-nextcloud<20.0.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-8294 php{56,72,73,74}-nextcloud<20.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8295 py{36,37,38,39}-django>=2.2<2.2.18 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-3281 py{36,37,38,39}-django>=3.1<3.1.6 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-3281 py{27,36,37,38,39}-jinja2<2.11.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28493 qemu<5.0.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-17380 qemu<5.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-29443 vault<1.6.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25594 vault<1.6.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3024 ruby{25,26,27}-mechanize<2.7.7 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-21289 sudo<1.9.5p2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-3156 wolfssl<4.7.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-3336 xenkernel413<4.13.2nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3308 ruby{25,26,27}-activerecord52<5.2.4.5 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-22880 ruby{25,26,27}-activerecord60<6.0.3.5 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-22880 ruby{25,26,27}-actionpack60<6.0.3.5 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-22881 asterisk<13.38.2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35776 asterisk>=16<16.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35776 asterisk<13.82.2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26712 asterisk>=16<16.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26712 asterisk>=16<16.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26713 asterisk>=16<16.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26717 asterisk<13.38.2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26906 asterisk>=16<16.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26906 ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27768 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27768 autotrace-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19004 autotrace-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2019-19005 bind<9.11.28 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-8625 bind>=9.12<9.16.12 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-8625 botan<2.17.3 side-channel https://nvd.nist.gov/vuln/detail/CVE-2021-24115 dbus<1.12.20 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-35512 elasticsearch<6.8.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-7021 ezxml-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-26220 ezxml-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-26221 ezxml-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-26222 fluent-bit-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-27186 fontforge<20200314 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-25690 glib2<2.66.7 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-27218 glib2<2.66.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-27219 gsoap<2.8.111 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13574 gsoap<2.8.111 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13575 gsoap<2.8.111 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-13576 gsoap<2.8.111 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13577 gsoap<2.8.111 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13578 isync<1.4.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-20247 jasper<2.0.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26926 jasper<2.0.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26927 libcaca-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3410 libebml<1.4.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3405 libmysofa<1.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-36148 libmysofa<1.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-36149 libmysofa<1.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-36150 libmysofa<1.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-36151 libmysofa<1.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36152 libxls<1.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27819 libzip<1.3.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-17582 mantis<2.25.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-35571 mumble<1.3.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-27229 mupdf<1.19.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-3407 openscad<2021.01 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-28599 openssl<1.0.2y protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2021-23839 openssl<1.1.1j integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-23840 openssl<1.1.1j denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-23841 opnldap-server<2.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27212 php>=7.3<7.3.26 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7071 php>=7.4<7.4.14 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7071 php{56,72,73,74}-owncloud<10.4 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-10252 php{56,72,73,74}-owncloud<10.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-10254 php{56,72,73,74}-owncloud<10.6 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-28644 php{56,72,73,74}-owncloud<10.6 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-28645 php{56,72,73,74}-owncloud<10.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36251 php{56,72,73,74}-owncloud<10.3.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-36252 php73-soap<7.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21702 php74-soap<7.4.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21702 postgresql95-server<9.5.25 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393 postgresql96-server<9.6.21 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393 postgresql10-server<10.16 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393 postgresql11-server<11.11 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393 postgresql12-server<12.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393 postgresql13-server<13.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393 postgresql95-server<9.5.25 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20229 postgresql96-server<9.6.21 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20229 postgresql10-server<10.16 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20229 postgresql11-server<11.11 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20229 postgresql12-server<12.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20229 postgresql13-server<13.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20229 py{27,36,37,38,39}-channels<3.0.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-35681 py{27,36,37,38,39}-cryptography<3.3.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36242 python27<2.7.18nb4 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2021-23336 python36<3.6.13 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2021-23336 python37<3.7.10 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2021-23336 python38<3.8.8 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2021-23336 python39<3.9.2 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2021-23336 py{27,36,37,38,39}-yaml<5.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-14343 py{27,36,37,38,39}-httplib2<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21240 thunderbird<78.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-05/ firefox<85.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-06/ firefox78<78.7.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-06/ mozjs78<78.7.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-06/ firefox<86 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-07/ firefox78<78.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-08/ mozjs78<78.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-08/ tor-browser<10.0.12 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-08/ thunderbird<78.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-09/ apache-tomcat>=8.5<8.5.63 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-25122 apache-tomcat>=9.0<9.0.43 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-25122 apache-tomcat>=7.0<7.0.108 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2021-25329 apache-tomcat>=8.5<8.5.63 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2021-25329 apache-tomcat>=9.0<9.0.43 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2021-25329 cgal-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-28601 cgal-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-28636 cgal-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35628 cgal-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35636 dropbear<2020.79 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-36254 grub2<2.06 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-14372 grub2<2.06 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-25632 grub2<2.06 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-25647 grub2<2.06 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27749 grub2<2.06 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-27779 grub2<2.06 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-20225 grub2<2.06 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20233 jetty<9.4.36.20210219 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27223 libytnef-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3403 libytnef-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3404 mantis<2.24.5 improper-session-handling https://nvd.nist.gov/vuln/detail/CVE-2009-20001 matrix-synapse<1.25.0 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2021-21273 matrix-synapse<1.25.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21274 mongodb<3.6.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-25004 mongodb>=4.0<4.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-25004 mongodb<3.6.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7929 mongodb>=4.0<4.0.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7929 nats-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28466 nodejs>=10<10.24.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22883 nodejs>=12<12.21.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22883 nodejs>=14<14.16.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22883 nodejs>=10<10.24.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-22884 nodejs>=12<12.21.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-22884 nodejs>=14<14.16.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-22884 openssh<8.5 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-28041 owncloudclient<2.7 code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-28646 webkit-gtk<2.30.5 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2021-0001.html glpi<9.5.4 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-21255 glpi<9.5.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21258 glpi<9.5.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21312 glpi<9.5.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21313 glpi<9.5.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21314 php{56,72,73,74,80}-nextcloud<20.0.0 password-exposure https://nvd.nist.gov/vuln/detail/CVE-2020-8296 php{56,72,73,74,80}-nextcloud<20.0.6 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2021-22877 php{56,72,73,74,80}-nextcloud<20.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-22878 py{27,36,37,38,39}-Pillow<8.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27921 py{27,36,37,38,39}-Pillow<8.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27922 py{27,36,37,38,39}-Pillow<8.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27923 py{27,36,37,38,39}-aiohttp<3.7.4 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2021-21330 py{27,36,37,38,39}-markdown2<2.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26813 qemu<6.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20203 redis<6.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21309 php{56,72,73,74,80}-roundcube<1.4.11 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-26925 salt<3002.5 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-28243 salt<3002.5 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-28972 salt<3002.5 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-35662 salt<3002.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-25281 salt<3002.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-25282 salt<3002.5 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-25283 salt<3002.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-25284 salt<3002.5 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-3144 salt<3002.5 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-3148 salt<3002.5 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-3197 screen<4.8.0nb4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26937 steghide-[0-9]* weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2021-27211 stunnel<5.57 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-20230 u-boot<2021.04 unspecified https://nvd.nist.gov/vuln/detail/CVE-2021-27097 u-boot<2021.04 unspecified https://nvd.nist.gov/vuln/detail/CVE-2021-27138 wireshark<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22173 wireshark<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22174 wpa_supplicant<2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27803 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27379 xterm<366 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27135 zabbix<4.0.28 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-27927 zstd<1.4.1 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2021-24031 zstd<1.4.9 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2021-24032 ap24-subversion<1.14.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-17525 cairo<1.16.0nb4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-35492 gitea<1.13.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-28378 gnome-autoar<0.3.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-28650 grafana<7.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27358 grub2<2.0.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-3418 libmediainfo<20.03nb1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26797 mariadb-server<10.4.18 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-27928 moodle<3.7.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-14828 moodle<3.7.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-14829 moodle<3.7.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-14830 moodle<3.7.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-14831 moodle<3.10.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-20279 moodle<3.10.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-20280 moodle<3.10.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20281 moodle<3.10.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-20282 moodle<3.10.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-20283 nats-server<2.2.0 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2021-3127 php{56,72,73,74,80}-concrete5<8.5.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-28145 py{27,36,37,38,39}-Pillow<8.1.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-25289 py{27,36,37,38,39}-Pillow<8.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-25290 py{27,36,37,38,39}-Pillow<8.1.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-25291 py{27,36,37,38,39}-Pillow<8.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-25292 py{27,36,37,38,39}-Pillow<8.1.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-25293 py{27,36,37,38,39}-pygments<2.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27291 py{27,36,37,38,39}-urllib3<1.26.4 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2021-28363 qemu<5.2.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-3416 ruby{25,26,27,30}-kramdown<2.3.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-28834 squid4<4.14 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-25097 tor<0.4.5.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28089 tor<0.4.5.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28090 wireshark<3.4.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-22191 ImageMagick<7.0.10.62 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20241 ImageMagick6<6.9.11.62 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20241 ImageMagick<7.0.10.62 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20243 ImageMagick<7.0.10.62 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20244 ImageMagick<7.0.10.62 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20245 ImageMagick6<6.9.11.62 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20245 ImageMagick<7.0.10.62 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20246 ImageMagick6<6.9.11.62 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20246 elasticsearch>=7.6.0<7.11.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22134 git-base<2.30.1 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2021-21300 glib2<2.66.8 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2021-28153 gnutls<3.7.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-20231 gnutls<3.7.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-20232 webkit-gtk<2.30.6 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2021-0002.html spamassassin<3.4.5 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2020-1946 webkit-gtk<2.32.0 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2021-0003.html ImageMagick<7.0.10.46 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27829 binutils-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2021-20197 binutils-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-20284 go115<1.15.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27918 go116<1.16.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27918 go116<1.16.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27919 gsoap-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-21783 gtar-base<1.34 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20193 ircII<20210314 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-29376 jasper<2.0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3443 jasper<2.0.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3467 leptonica<1.80.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36277 leptonica<1.80.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-36278 leptonica<1.80.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-36279 leptonica<1.80.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-36280 leptonica<1.80.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-36281 libass<0.15.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-24994 libjpeg-turbo<2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20205 libmicrohttpd<0.9.71 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3466 matrix-synapse<1.27.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21332 matrix-synapse<1.27.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21333 firefox<87 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-10/ firefox78<78.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-11/ mozjs78<78.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-11/ tor-browser<10.0.14 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-11/ thunderbird<78.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-12/ openexr<3.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3474 openexr<3.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3475 openexr<3.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3476 openexr<3.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3477 openexr<3.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3478 openexr<3.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3479 openssl<1.1.1k remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3449 openssl<1.1.1k improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-3450 php{56,73,74,80}-basercms<4.4.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-20681 php{56,73,74,80}-basercms<4.4.5 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-20682 php{56,73,74,80}-basercms<4.4.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-20683 glpi<9.5.4 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-21324 glpi<9.5.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21325 glpi<9.5.4 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-21326 glpi<9.5.4 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-21327 privoxy<3.0.29 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-35502 privoxy<3.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20210 privoxy<3.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20211 privoxy<3.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20212 privoxy<3.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20213 privoxy<3.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20214 privoxy<3.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20215 privoxy<3.0.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20216 privoxy<3.0.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20217 privoxy<3.0.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20272 privoxy<3.0.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20273 privoxy<3.0.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20274 privoxy<3.0.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20275 privoxy<3.0.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20276 py{27,36,37,38,39}-lxml<4.6.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-28957 py{27,36,37,38,39}-pygments<2.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20270 p5-Data-Validate-IP<0.30 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-29662 qemu-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20255 qemu>=2.10.0<6.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3392 qemu<6.0.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-3409 redis<6.2.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3470 rpm<4.16.1.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-20271 curl<7.76.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22876 curl<7.76.0 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2021-22890 jetty<9.4.39 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28165 jetty<9.4.39 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-28163 jetty<9.4.39 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-28164 openexr<3.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20296 php{56,72,73,74,80}-piwigo<11.4.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2021-27973 postgresql95-server<9.5.25 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393 postgresql96-server<9.6.21 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393 postgresql10-server<10.16 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393 postgresql11-server<11.11 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393 postgresql12-server<12.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393 postgresql13-server<13.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393 py{27,36,37,38,39}-django-registration<3.1.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-21416 ruby{25,26,27,30}-redmine41<4.1.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-29274 shibboleth-sp<3.2.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-28963 squid4-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-28116 tiff<4.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35521 tiff<4.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35522 tiff<4.2.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-35523 tiff<4.2.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-35524 upx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20285 wpa_supplicant<2.10 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-30004 zeromq<4.3.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-20234 zeromq<4.3.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-20235 php{56,72,73,74,80}-typo3<10.4.14 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2021-21338 php{56,72,73,74,80}-typo3<10.4.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-21339 php{56,72,73,74,80}-typo3<10.4.14 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21340 php{56,72,73,74,80}-typo3<10.4.14 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-21355 php{56,72,73,74,80}-typo3<10.4.14 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-21357 php{56,72,73,74,80}-typo3<10.4.14 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21358 php{56,72,73,74,80}-typo3<10.4.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21359 php{56,72,73,74,80}-typo3<10.4.14 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21370 ffmpeg3<3.4.8 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-24995 htmldoc-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-20308 libpano13-[0-9]* format-string https://nvd.nist.gov/vuln/detail/CVE-2021-20307 nettle<3.7.2 incorrect-signature-verification https://nvd.nist.gov/vuln/detail/CVE-2021-20305 ruby{25,26,27,30}-redmine41<4.1.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-30164 ruby{25,26,27,30}-redmine40<4.0.8 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-30164 ruby{25,26,27,30}-redmine41<4.1.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-30163 ruby{25,26,27,30}-redmine40<4.0.8 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-30163 mediawiki<1.35.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-30158 mediawiki<1.35.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-30157 mediawiki<1.35.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-30154 p5-Net-Netmask<2.0 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-29424 py{36,37,38,39}-django>=2.2<2.2.20 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-28658 py{36,37,38,39}-django>=3<3.0.14 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-28658 py{36,37,38,39}-django>=3.1<3.1.8 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-28658 ruby{25,26,27,30}-redmine41<4.1.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-36308 ruby{25,26,27,30}-redmine40<4.0.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-36308 ruby{25,26,27,30}-redmine41<4.1.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-36307 ruby{25,26,27,30}-redmine40<4.0.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-36307 ruby{25,26,27,30}-redmine41<4.1.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-36306 ruby{25,26,27,30}-redmine40<4.0.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-36306 ruby{25,26,27,30}-redmine<3.4.13 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-25026 ruby{25,26,27,30}-redmine40>=4<4.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-25026 syncthing<1.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21404 gnuchess-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-30184 jenkins<2.287 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21640 jenkins-lts<2.277.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21640 jenkins<2.287 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21639 jenkins-lts<2.277.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21639 file-roller<3.39.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-36314 ffmpeg4<4.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-30123 mosquitto>=2<2.0.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-28166 clamav<0.103.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-1405 clamav<0.103.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-1404 clamav<0.103.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-1252 exiv2<0.27.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3482 dnsmasq<2.85 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2021-3448 mediawiki<1.35.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-30159 mediawiki<1.35.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-30155 mediawiki<1.35.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-30152 mediawiki<1.35.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-30156 ezxml-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-30485 rust<1.53 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-28879 rust<1.53 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-28878 rust<1.51.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-28877 rust<1.50.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-28875 rust<1.49.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-36318 rust<1.52.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-28876 rust<1.49.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-36317 rust<1.2.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2015-20001 py{36,37,38,39}-djangocms-text-ckeditor-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26272 py{36,37,38,39}-djangocms-text-ckeditor-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26271 py{36,37,38,39}-djangocms-text-ckeditor-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21254 ampache<4.4.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-21399 binutils<2.36 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3487 ezxml-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-31229 ezxml-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-31347 ezxml-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-31348 fluidsynth<2.1.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-28421 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-28300 gradle<7.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-29427 gradle<7.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-29428 gradle<7.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-29429 libexif<0.6.23 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-27815 libsixel-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36120 matrix-synapse<1.28.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-21392 matrix-synapse<1.28.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21393 matrix-synapse<1.28.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21394 mongodb<3.6.21 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7924 mongodb>=4.0<4.2.11 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7924 openjpeg<2.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-29338 rust<1.19.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2017-20004 rust<1.29.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-25008 rust<1.50.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36323 rust<1.53.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-31162 wordpress<5.7.1 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2021-29447 wordpress<5.7.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-29450 gstreamer1<1.18.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3498 gstreamer1<1.18.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3497 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31262 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-31261 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31260 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31259 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31257 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31258 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-31256 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31255 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31254 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-30199 gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30020 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30022 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30014 gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30019 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-30015 exiv2<0.27.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-29458 exiv2<0.27.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-29457 py{36,37,38,39}-wagtail<2.12.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-29434 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-29279 php{56,72,73,74,80}-composer<2.0.13 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-29472 mysql-server>=5.7<5.7.34 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2021.html#AppendixMSQL mysql-server>=8.0<8.0.24 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2021.html#AppendixMSQL ampache<4.2.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15153 ansible<2.9.18 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20228 apache-maven<3.8.1 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2021-26291 authelia<4.28.0 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2021-29456 bind<9.11.31 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-25214 bind>=9.12<9.16.15 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-25214 bind<9.11.31 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-25215 bind>=9.12<9.16.15 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-25215 bind<9.11.31 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-25216 bind>=9.12<9.16.15 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-25216 binutils<2.35.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-20294 consul<1.9.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25864 exiv2<0.27.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-29463 exiv2<0.27.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-29464 exiv2<0.27.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-29470 exiv2<0.27.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-29473 ezxml-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-31598 fluidsynth<2.1.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-21417 giflib-util-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-23922 go-xz<0.5.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-29482 gpac<1.0.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-23928 gpac<1.0.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-23930 gpac<1.0.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-23931 gpac<1.0.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-23932 gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-35979 gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-35980 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35981 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35982 graphviz<2.46.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-18032 jhead<3.06.0.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3496 libupnp<1.14.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-29462 modular-xorg-server<1.20.11 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-3472 mongodb>=4.4<4.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20326 openjdk8<1.8.282 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2021.html#AppendixJAVA openjdk11<1.11.0.11 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2021.html#AppendixJAVA openvpn<2.5.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-15078 p5-Image-ExifTool<12.24 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-22204 php{56,72,73,74,80}-orangehrm-[0-9]* username-enumeration https://nvd.nist.gov/vuln/detail/CVE-2021-28399 py{27,36,37,38,39}-django-filter<2.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15225 py{27,36,37,38,39}-djangocms-text-ckeditor-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21391 rpm<4.17.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-20266 ruby{25,26,27,30}-bundler<2.2.10 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-36327 ruby{25,26,27,30}-redmine40<4.0.9 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-31863 ruby{25,26,27,30}-redmine41<4.1.3 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-31863 ruby{25,26,27,30}-redmine40<4.0.9 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-31864 ruby{25,26,27,30}-redmine41<4.1.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-31864 ruby{25,26,27,30}-redmine40<4.0.9 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-31865 ruby{25,26,27,30}-redmine41<4.1.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-31865 ruby{25,26,27,30}-redmine40<4.0.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-31866 ruby{25,26,27,30}-redmine41<4.1.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-31866 ruby{25,26,27,30}-rexml<3.2.5 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-28965 salt<3002.7 local-privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-31607 samurai-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-30218 samurai-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-30219 shibboleth-sp<3.2.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-31826 unbound<1.9.5 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2019-25031 unbound<1.9.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-25032 unbound<1.9.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-25033 unbound<1.9.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-25034 unbound<1.9.5 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-25035 unbound<1.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-25036 unbound<1.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-25037 unbound<1.9.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-25038 unbound<1.9.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-25039 unbound<1.9.5 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-25040 unbound<1.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-25041 unbound<1.9.5 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-25042 vault<1.6.4 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-27400 vault<1.6.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-29653 webmin-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-31760 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-31761 webmin-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-31762 wget-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-31879 wireshark<3.4.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22207 exim4<4.94.2 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2020-28007 exim4<4.94.2 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2020-28008 exim4<4.94.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-28009 exim4<4.94.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-28010 exim4<4.94.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-28011 exim4<4.94.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-28012 exim4<4.94.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-28013 exim4<4.94.2 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2020-28014 exim4<4.94.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-28015 exim4<4.94.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-28016 exim4<4.94.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-28017 exim4<4.94.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-28018 exim4<4.94.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28019 exim4<4.94.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-28020 exim4<4.94.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-28021 exim4<4.94.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-28022 exim4<4.94.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-28023 exim4<4.94.2 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2020-28024 exim4<4.94.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-28025 exim4<4.94.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-28026 exim4<4.94.2 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-27216 ImageMagick<7.0.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27769 ImageMagick6<6.9.10.69 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27769 ImageMagick<7.0.11.2 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20309 ImageMagick6<6.9.12.2 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20309 ImageMagick<7.0.11.2 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20310 ImageMagick<7.0.11.2 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20311 ImageMagick<7.0.11.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-20312 ImageMagick<7.0.11.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20313 ap24-modsecurity<3.0.4 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-25043 avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3502 bitcoin-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31876 cyrus-imapd<3.2.7 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-32056 php{56,73,74,80}-drupal>=7<7.70 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2020-13662 php{56,73,74,80}-drupal>=8<8.9.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-13664 php{56,73,74,80}-drupal>=8<8.9.1 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-13665 php{56,73,74,80}-drupal>=7<7.73 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13666 php{56,73,74,80}-drupal>=8<8.9.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13666 elasticsearch<6.8.15 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22135 elasticsearch<6.8.15 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22137 exiv2<0.27.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-29623 hivex<1.3.20 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3504 libaom<3.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-30473 libcares<1.17.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2020-14354 libexosip-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-32611 libxml2<2.9.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3537 mapserver<7.0.8 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-32062 matrix-synapse<1.33.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-29471 mutt>=1.11.0<2.0.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-32055 neomutt>=20191025<20210504 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-32055 nim<1.4.2 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-29495 openjpeg<2.4.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27823 openjpeg<2.4.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27824 openscad<2021.01 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-28600 php{56,73,74,80}-piwigo<11.5.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2021-32615 prosody<0.11.9 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-32917 prosody<0.11.9 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32918 prosody<0.11.9 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-32919 prosody<0.11.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32920 prosody<0.11.9 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2021-32921 py{36,37,38,39}-django>=2.2<2.2.21 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-31542 py{36,37,38,39}-django>=3<3.2.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-31542 py39-django>=2.2<2.2.22 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2021-32052 py39-django>=3<3.2.2 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2021-32052 py{27,36,37,38,39}-flask-caching-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-33026 py{27,36,37,38,39}-impacket-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-31800 py{27,36,37,38,39}-octoprint<1.6.0 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-32560 py{27,36,37,38,39}-octoprint<1.6.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32561 pycharm-bin<2020.3.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-30005 #python27-[0-9]* server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-29921 #python36-[0-9]* server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-29921 #python37-[0-9]* server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-29921 python38<3.8.12 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-29921 python39<3.9.5 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-29921 qemu<6.0.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-20181 qemu<6.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-20221 qemu<7.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3507 radare2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32613 raptor-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25713 raptor2<2.0.16 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25713 redis<6.2.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-29477 redis<6.2.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-29478 ruby{25,26,27,30}-puma<4.3.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-29509 sabnzbd<3.2.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-29488 samba<4.14.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27840 samba<4.14.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20277 samba<4.14.4 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-20254 slurm-wlm<20.02.7 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-31215 upx-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24119 xfce4-thunar<1.8.17 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32563 yara<4.0.4 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2021-3402 ansible<2.9.6 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2020-10729 ansible<2.9.18 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20178 ansible<2.9.18 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20191 binutils<2.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3549 dmg2img-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32614 dmg2img-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3548 ffmpeg4<4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20445 ffmpeg4<4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20446 ffmpeg4<4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20448 ffmpeg4<4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20450 ffmpeg4<4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20451 ffmpeg4<4.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20453 ffmpeg4<4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21041 ffmpeg4<4.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22015 ffmpeg4<4.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22016 ffmpeg4<4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22017 ffmpeg4<4.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22019 ffmpeg4<4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22020 ffmpeg4<4.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22021 ffmpeg4<4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22022 ffmpeg4<4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22023 ffmpeg4<4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22024 ffmpeg4<4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22025 ffmpeg4<4.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22026 ffmpeg4<4.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22027 ffmpeg4<4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22028 ffmpeg4<4.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22029 ffmpeg4<4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22030 ffmpeg4<4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22031 ffmpeg4<4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22032 ffmpeg4<4.4.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22033 ffmpeg4<4.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22034 ffmpeg4<4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24020 fig2dev-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3561 go115<1.15.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31525 go116<1.16.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31525 go115<1.15.12 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-33194 go116<1.16.4 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-33194 gupnp<1.0.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-33516 gupnp12<1.2.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-33516 isc-dhcpd<4.4.2p1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-25217 isc-dhclient<4.4.2p1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-25217 libX11<1.7.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-31535 libcaca-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30498 libcaca-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30499 libvirt<6.2.0 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-10701 libvirt<7.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3559 libytnef<2.8 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2009-3721 #modular-xorg-server-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-25697 Design limitation of X11 nss<3.55 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-12403 pam-u2f<1.1.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-31924 glpi<9.5.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-3486 pleaser<0.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-31153 pleaser<0.4 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-31154 pleaser<0.4 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-31155 podofo-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-30469 podofo-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30470 podofo-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30471 podofo-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30472 privoxy<3.0.29 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-20209 putty<0.75 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33500 qemu<6.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20196 qemu<6.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3527 ruby{25,26,27,30}-actionpack52<5.2.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22885 ruby{25,26,27,30}-actionpack60<6.0.3.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22885 ruby{25,26,27,30}-actionpack61<6.1.3.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22885 squid4<4.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28651 squid4<4.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28652 squid4<4.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28662 squid4<4.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31806 squid4<4.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31808 upx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-30500 upx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-30501 authelia<4.29.3 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-32637 ettercap<0.7.5 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2010-3843 gama<2.04 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18395 gdk-pixbuf2<2.42.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-20240 libvirt<6.3.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-14301 mariadb-server<10.4.15 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15180 mariadb-server>=10.5<10.5.6 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15180 openldap-server<2.4.56 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25710 qemu<6.0.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-35504 qemu<6.0.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-35505 qemu<6.0.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-35506 radsecproxy<1.9.0 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-32642 rsync<3.2.3nb1 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2020-14387 spice-server<0.14.92 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20201 squid4<4.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33620 zeromq<4.3.3 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-20236 zeromq<4.3.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-20237 dino<0.2.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-33896 libgcrypt<1.9.3 side-channel https://nvd.nist.gov/vuln/detail/CVE-2021-33560 nginx<1.13.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-20005 ntpsec-[0-9]* man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-22212 openexr<3.0.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-23169 openexr<3.0.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-23215 openexr<3.0.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-26260 openexr<3.0.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-26945 py{36,37,38,39}-django>=2.2<2.2.24 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-33203 py{36,37,38,39}-django>=3<3.2.4 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-33203 py{36,37,38,39}-django>=2.2<2.2.24 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-33571 py{36,37,38,39}-django>=3<3.2.4 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-33571 rabbitmq<3.8.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22116 wireshark<3.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22222 # rejected #ansible-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3532 # rejected #ansible-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3533 apache>=2.4.6<2.4.48 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-17567 apache>=2.4.41<2.4.48 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-13950 apache<2.4.48 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-35452 apache<2.4.48 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-26690 apache<2.4.48 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-26691 apache>=2.4.39<2.4.48 unspecified https://nvd.nist.gov/vuln/detail/CVE-2021-30641 curl<7.77.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22898 curl<7.77.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-22901 php{56,73,74,80}-drupal>=7<7.72 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-13663 php{56,73,74,80}-drupal>=8<8.9.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-13663 php{56,73,74,80}-drupal>=8<8.9.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13688 jetty<9.4.41 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-28169 lrzip<0.640 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-25467 lrzip<0.640 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27345 lrzip<0.640 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27347 opendmarc-[0-9]* remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34555 php{56,72,73,74,80}-nextcloud<20.0.10 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2021-22915 py{27,36,37,38,39}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-33829 ripgrep<13 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-3013 ruby{25,26,27,30}-actionpack60<6.0.3.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22902 ruby{25,26,27,30}-actionpack61<6.1.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22902 ruby{25,26,27,30}-actionpack61<6.1.3.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2021-22903 ruby{25,26,27,30}-actionpack52<5.2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22904 ruby{25,26,27,30}-actionpack60<6.0.3.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22904 ruby{25,26,27,30}-actionpack61<6.1.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22904 squid4<4.15 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-31807 xscreensaver<5.45nb4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-34557 py{27,36,37,38,39}-mpmath-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-29063 thunderbird<78.9.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-13/ thunderbird<78.10 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-14/ firefox78<78.10 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-15/ mozjs78<78.10 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-15/ tor-browser<10.0.16 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-15/ firefox<88 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-16/ thunderbird<78.8.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-17/ firefox<88.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-20/ thunderbird<78.10.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-22/ firefox<89 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-23/ firefox78<78.11 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-24/ mozjs78<78.11 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-24/ tor-browser<10.0.17 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-24/ thunderbird<78.11 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-26/ # rejected #ImageMagick-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-34183 ampache<4.4.3 code-injection https://nvd.nist.gov/vuln/detail/CVE-2021-32644 djvulibre-lib-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-32490 djvulibre-lib-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32491 djvulibre-lib-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-32492 djvulibre-lib-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32493 djvulibre-lib-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3500 jetty<9.4.41 improper-session-handling https://nvd.nist.gov/vuln/detail/CVE-2021-34428 moodle-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2021-21809 opengrok<1.6.9 unspecified https://nvd.nist.gov/vuln/detail/CVE-2021-2322 php{56,72,73,74,80}-roundcube<1.4.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-18670 php{56,72,73,74,80}-roundcube<1.4.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-18671 ruby{25,26,27,30}-bindata<2.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32823 dovecot<2.3.14.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28200 dovecot<2.3.14.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-29157 dovecot<2.3.14.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-33515 postsrsd<1.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-35525 rabbitmq<3.8.17 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32718 rabbitmq<3.8.18 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32719 libredwg<0.10.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21813 libredwg<0.10.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21814 libredwg<0.10.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-21815 libredwg<0.10.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21816 libredwg<0.10.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-21817 libredwg<0.10.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21818 libredwg<0.10.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21819 libredwg<0.10.1.2665 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21827 libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21830 libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21831 libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21832 libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21833 libredwg<0.10.1.2699 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-21834 libredwg<0.10.1.2699 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-21835 libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21836 libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21838 libredwg<0.10.1.2699 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-21839 libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21840 libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21841 libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21842 libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21843 libredwg<0.10.1.2699 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-21844 libredwg<0.10.1.371 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-23861 libredwg<0.12.3.4194 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-36080 SOGo<2.4.1 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2021-33054 SOGo>=3<5.1.1 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2021-33054 apache>=2.4.47<2.4.48 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-31618 avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3468 cflow-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-23856 djvulibre-lib<3.5.28 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-3630 php{56,73,74,80}-drupal>=8<8.9.6 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-13667 exiv2<0.27.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32617 fluent-bit<1.8.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-36088 htslib<1.11 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-36403 jenkins<2.300 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-21670 jenkins<2.300 session-fixation https://nvd.nist.gov/vuln/detail/CVE-2021-21671 keystone-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-36404 keystone-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-36405 kimageformats<5.83.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36083 libressl<3.2.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-25048 libressl<3.2.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-25049 mediawiki<1.36.1 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-35197 mediawiki<1.36.1 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-36129 ndpi-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36082 py{36,37,38,39}-django>=3<3.2.5 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2021-35042 py{27,36,37,38,39}-urllib3<1.26.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33503 tesseract-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-36081 tor<0.4.6.5 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-34548 tor<0.4.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34549 tor<0.4.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34550 unrar<5.6.1.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-20006 unrar<5.6.6 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-25018 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28692 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28692 xenkernel415<4.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28692 zeromq<4.3.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36400 py{27,36,37,38,39}-Flask-User-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23401 moodle<3.7.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-14827 libxml2<2.9.11 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3518 websvn<2.6.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32305 mpv<0.33.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-30145 openldap-server<2.4.56 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25709 libxml2<2.9.11 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3517 rpm<4.16.1.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-3421 prometheus<2.27.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-29622 python36<3.6.13 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3426 python37<3.7.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3426 python38<3.8.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3426 python39<3.9.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3426 libyang-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28906 libyang-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28904 libyang-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28903 libyang-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28902 libyang-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28905 libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36332 libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36331 libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36330 libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36329 libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36328 libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-25014 libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-25013 libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-25012 libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-25011 libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-25010 libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-25009 libxml2<2.9.11 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3516 nginx<1.20.1 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-23017 xdg-utils-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-27748 ffmpeg4<4.3 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-22036 ffmpeg4<4.3 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-22035 libjpeg-turbo<2.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-17541 ffmpeg4<4.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22040 ffmpeg4<4.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22044 ffmpeg4<4.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22041 ffmpeg4<4.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22039 ffmpeg4<4.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22043 ffmpeg4<4.4 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22038 ffmpeg4<4.4.1 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22037 ffmpeg4<4.4 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22042 py{27,36,37,38,39}-Pillow<8.2.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-28676 py{27,36,37,38,39}-Pillow<8.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28678 py{27,36,37,38,39}-Pillow<8.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28677 py{27,36,37,38,39}-Pillow<8.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28675 py{27,36,37,38,39}-Pillow<8.2.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-25287 py{27,36,37,38,39}-Pillow<8.2.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-25288 qemu<6.1.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-3546 qemu<6.1.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-3545 qemu<6.1.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-3544 qemu<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27661 qemu<4.6.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3595 qemu<4.6.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3594 qemu<4.6.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3593 qemu<4.6.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3592 qemu-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35503 libraw<0.20.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24870 ffmpeg4-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22056 ffmpeg4-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22054 ffmpeg4-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22051 ffmpeg4-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22049 ffmpeg4-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22048 ffmpeg4-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22046 qemu-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12067 lrzsz-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10195 redis<6.2.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32625 ffmpeg4<4.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-33815 vault<1.6.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32923 lasso<2.7.0 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-28091 moodle-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32244 putty<0.75 spoofing https://nvd.nist.gov/vuln/detail/CVE-2021-36367 php{56,72,73,74,80}-owncloud<10.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-29659 php{56,72,73,74,80}-nextcloud<21.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32657 php{56,72,73,74,80}-nextcloud<21.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32656 php{56,72,73,74,80}-nextcloud<21.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32655 php{56,72,73,74,80}-nextcloud<21.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32653 php{56,72,73,74,80}-nextcloud<21.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32654 gstreamer1<1.18.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3522 lz4<1.9.3nb1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3520 py{34,35,36,37,38,39}-websockets<9.1 password-exposure https://nvd.nist.gov/vuln/detail/CVE-2021-33880 jdom-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33813 quassel-[0-9]* improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-34825 mantis<2.25.2 code-injection https://nvd.nist.gov/vuln/detail/CVE-2021-33557 zziplib<0.13.72 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18442 openexr<3.0.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3598 avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36217 libxml2<2.9.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3541 postgresql96<9.6.22 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-32027 postgresql10<10.17 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-32027 postgresql11<11.12 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-32027 postgresql12<12.7 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-32027 postgresql13<13.3 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-32027 libaom<3.1.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-30474 xdg-utils<1.1.3 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2015-1877 fuse<2.9.8 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-33805 py{36,37,38,39}-wagtail<2.12.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32681 ruby-addressable<2.8.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32740 go<1.0.2 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2012-2666 fossil<2.15.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-36377 libaom<3.1.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30475 file<5.02 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2009-0947 php{56,72,73,74,80}-nextcloud<21.0.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32705 php{56,72,73,74,80}-nextcloud<21.0.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32703 php{56,72,73,74,80}-nextcloud<21.0.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32688 php{56,72,73,74,80}-nextcloud<21.0.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32680 php{56,72,73,74,80}-nextcloud<21.0.3 remote-security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-32678 php{56,72,73,74,80}-nextcloud<21.0.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32679 prometheus<2.50.1 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2021-3538 grafana<11 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2021-3538 apache-ant<1.9.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36373 apache-ant>=1.10<1.10.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36373 apache-ant<1.9.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36374 apache-ant>=1.10<1.10.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36374 apache-tomcat<8.5.65 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-30639 apache-tomcat>=9.0<9.0.45 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-30639 apache-tomcat<8.5.66 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-30640 apache-tomcat>=9.0<9.0.46 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-30640 apache-tomcat<8.5.67 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2021-33037 apache-tomcat>=9.0<9.0.47 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2021-33037 bat<0.18.2 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2021-36753 exiv2<0.27.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-19715 exiv2<0.27.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-19716 fail2ban<0.11.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32749 go115<1.15.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34558 go116<1.16.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34558 icinga2<2.12.5 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-32739 icinga2<2.12.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32743 icingaweb2<2.8.3 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-32746 icingaweb2<2.8.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32747 jasper<2.0.17 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-27845 jetty<9.4.43 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-34429 libiberty-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3530 mbedtls<2.26.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2021-24119 mupdf<1.18.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22885 mupdf<1.18.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22886 nodejs<12.22.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-22918 nodejs>=14<14.17.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-22918 php{56,72,73,74,80}-nextcloud<21.0.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32725 php{56,72,73,74,80}-nextcloud<21.0.3 session-fixation https://nvd.nist.gov/vuln/detail/CVE-2021-32726 php{56,72,73,74,80}-nextcloud<21.0.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32734 php{56,72,73,74,80}-nextcloud<21.0.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32741 py{27,36,37,38,39}-Pillow<8.3.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-34552 quickjs<20200705 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22876 ruby26-base<2.6.8 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-31810 ruby27-base<2.7.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-31810 ruby30-base<3.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-31810 eterm<0.9.6nb3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-33477 mrxvt<0.5.4nb14 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-33477 rxvt<2.7.10nb9 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-33477 rxvt-unicode<9.26 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-33477 wolfssl<4.8.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2021-24116 varnish>=5.0<6.6.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-36740 consul<1.10.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-36213 consul<1.10.1 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-32574 gthumb3<3.10.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36427 mbedtls<2.24.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36426 mbedtls<2.24.0 invalid-crl-checks https://nvd.nist.gov/vuln/detail/CVE-2020-36425 mbedtls<2.24.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2020-36424 mbedtls<2.23.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2020-36421 mbedtls<2.23.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-36423 mbedtls<2.23.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2020-36422 racket<8.2 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2021-32773 unicorn<1.0.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-36979 qpdf<10.3.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36978 matio-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36977 libarchive<3.6.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-36976 libsndfile<1.0.31nb1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3246 wireshark<3.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22235 unicorn-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-36431 libass>=0.15<0.15.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36430 matio-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36428 geckodriver<0.27.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15660 aspell-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-25051 gdal-lib<3.3.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-25050 gradle<7.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32751 curl>=7.27<7.78 input-validation https://curl.se/docs/CVE-2021-22922.html wolfssl>=4.6<4.8.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-37155 php{56,73,74,80}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-22150 php{56,73,74,80}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-22148 mupdf<1.18.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-19609 libheif<1.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-19498 matio<1.5.18 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-19497 gpac<0.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-19488 gpac<0.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-19481 libheif<1.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-19499 mupdf<1.19.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-37220 redis<6.2.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32761 mysql-server>=5.7<5.7.35 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2021.html#AppendixMSQL mysql-server>=8.0<8.0.26 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2021.html#AppendixMSQL mysql-cluster<8.0.26 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2021.html#AppendixMSQL openjdk8<1.8.292 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2021.html#AppendixJAVA openjdk11<1.11.0.12 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2021.html#AppendixJAVA mosquitto>=1.6<2.0.11 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-34431 mit-krb5<1.18.4 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-36222 ap{22,24}-auth-openidc<2.4.9 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2021-32786 ap{22,24}-auth-openidc<2.4.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32785 mongodb<4.2.10 inject-log-entries https://nvd.nist.gov/vuln/detail/CVE-2021-20333 elasticsearch<6.8.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22144 asterisk>=13.0<13.38.2 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-005.html asterisk>=16.0<16.16.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-005.html asterisk>=18.0<18.2.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-005.html asterisk>=16.0<16.16.2 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-006.html asterisk>=18.0<18.2.2 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-006.html asterisk>=16.0<16.19.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-007.html asterisk>=18.0<18.5.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-007.html asterisk>=13.0<13.38.3 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-008.html asterisk>=16.0<16.19.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-008.html asterisk>=18.0<18.5.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-008.html asterisk>=13.0<13.38.3 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-009.html asterisk>=16.0<16.19.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-009.html asterisk>=18.0<18.5.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-009.html webkit-gtk<2.32.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2021-0004.html ap24-auth-openidc<2.4.9 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2021-32791 ap24-auth-openidc<2.4.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32792 claws-mail<3.18.0 clickjacking https://nvd.nist.gov/vuln/detail/CVE-2021-37746 exiv2<0.27.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31291 exiv2<0.27.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31292 fetchmail<6.4.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36386 go115<1.15.13 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-33195 go116<1.16.5 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-33195 go115<1.15.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33196 go116<1.16.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33196 go115<1.15.13 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2021-33197 go116<1.16.5 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2021-33197 go115<1.15.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33198 go116<1.16.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33198 mosquitto<2.0.8 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34432 php{56,73,74,80}-pear<1.10.12nb5 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2021-32610 php{56,73,74,80}-concrete5-[0-9]* php-object-injection https://nvd.nist.gov/vuln/detail/CVE-2021-36766 powerdns>=4.5.0<4.5.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36754 prosody>=0.11.0<0.11.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-37601 py{27,36,37,38,39}-Glances<3.2.1 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2021-23418 radare2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3673 ruby26-base<2.6.8 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-31799 ruby27-base<2.7.4 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-31799 ruby30-base<3.0.2 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-31799 ruby26-base<2.6.8 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-32066 ruby27-base<2.7.4 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-32066 ruby30-base<3.0.2 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-32066 vlc<3.0.12 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-25801 vlc<3.0.12 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-25802 vlc<3.0.12 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-25803 vlc<3.0.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-25804 libfetch-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-36159 courier-mta<1.1.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-38084 gd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-38115 ffmpeg4<4.4.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-38114 gpac<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22352 gpac<1.0.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24829 ruby{25,26,27,30}-redmine42<4.2.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-37156 qemu<6.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3682 gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36584 ffmpeg4<4.3 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-3566 curl>=7.33<7.78 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22926 curl>=7.7<7.78 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2021-22925 curl>=7.27<7.78 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22923 curl>=7.10.4<7.78 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-22924 thunderbird<78.12 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-30/ tor-browser<10.5.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-29/ firefox78<78.12 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-29/ mozjs78<78.12 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-29/ firefox<90 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-28/ firefox<89.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-27/ lynx<2.8.9.1nb5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-38165 rust<1.53.0 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-29922 gcpio-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-38185 go115-[0-9]* access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-29923 go116-[0-9]* access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-29923 libcares<1.17.2 invalid-validation https://c-ares.haxx.se/adv_20210810.html alpine<=2.24 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-38370 exim4-[0-9]* man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-38371 exiv2<0.27.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32815 exiv2<0.27.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34334 exiv2<0.27.5 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2021-34335 exiv2<0.27.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-37615 exiv2<0.27.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-37616 exiv2<0.27.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-37618 exiv2<0.27.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-37619 exiv2<0.27.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-37620 exiv2<0.27.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-37621 exiv2<0.27.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-37622 exiv2<0.27.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-37623 ffmpeg4<4.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-21688 ffmpeg4<4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21697 fig2dev<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21675 fig2dev<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21676 fig2dev<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21678 fig2dev<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21680 fig2dev<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21681 fig2dev<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21682 fig2dev<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21683 fig2dev<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21684 go115<1.15.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36221 go116<1.16.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36221 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32437 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32438 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32439 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32440 libsixel<1.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21677 perl>=5.32.0<5.34.0nb3 code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-36770 php{56,72,73,74,80}-typo3<7.6.53 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32768 py{27,36,37,38,39}-notebook<6.4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32798 qt5-qtbase<5.14.1 code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-24741 qt5-qtbase<5.14.0 code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-24742 qt5-qtbase-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-38593 trojita-[0-9]* man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-38372 tor<0.4.6.7 denial-of-service https://lists.torproject.org/pipermail/tor-announce/2021-August/000228.html ffmpeg4<4.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-38291 libspf2<1.2.11 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-20314 nodejs<12.22.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-22931 nodejs>=14<14.17.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-22931 nodejs<12.22.5 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-22939 nodejs>=14<14.17.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-22939 nodejs<12.22.5 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-22940 nodejs>=14<14.17.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-22940 py{27,36,37,38,39}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32808 py{27,36,37,38,39}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32809 py{27,36,37,38,39}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-37695 vault<1.8.0 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2021-38553 vault<1.8.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-38554 wolfssl<4.8.1 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-38597 firefox<91 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-34/ tor-browser<10.5.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-34/ firefox78<78.13 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-35/ mozjs78<78.13 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-35/ thunderbird<78.13 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-36/ firefox<91.01 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-37/ xmill-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21810 haproxy>=2.2<2.2.16 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2021-39242 haproxy>=2.3<2.3.13 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2021-39242 haproxy>=2.4<2.4.3 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2021-39242 haproxy>=2.0<2.0.24 bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2021-39241 haproxy>=2.2<2.2.16 bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2021-39241 haproxy>=2.3<2.3.13 bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2021-39241 haproxy>=2.4<2.4.3 bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2021-39241 haproxy>=2.2<2.2.16 bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2021-39240 haproxy>=2.3<2.3.13 bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2021-39240 haproxy>=2.4<2.4.3 bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2021-39240 gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21861 gpac-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2021-21859 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21860 gpac-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21862 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21858 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21857 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21855 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21856 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21854 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21853 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21852 gpac-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21851 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21847 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21846 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21845 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21844 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21839 gpac-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21843 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21838 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21837 apache-roller<6.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33580 bind>=9.16<9.16.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-25218 xmill-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-21825 xmill-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21828 xmill-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21827 xmill-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21826 icinga2<2.12.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-37698 ruby{25,26,27}-nexpose<6.6.96 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-31868 apr>=1.7.0<1.7.0nb2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-35940 exiv2<0.27.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18899 exiv2<0.27.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18898 libgda-[0-9]* improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-39359 libgfbgraph-[0-9]* improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-39358 grilo<0.3.14 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-39365 mbedtls<2.25.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-36478 mbedtls<2.24.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2020-36477 mbedtls<2.24.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-36476 mbedtls<2.25.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36475 mit-krb5<1.18.5 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-37750 ffmpeg4<4.4.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-38171 # not reproducible? https://github.com/Exiv2/exiv2/issues/759 #exiv2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18774 # not reproducible? https://github.com/Exiv2/exiv2/issues/760 #exiv2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18773 exiv2<0.27.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-18771 plib-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-38714 sqlite3<3.36.0nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36690 knot<5.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40083 diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39153 diylc-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39152 diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39151 diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39148 diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39149 diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39147 diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39146 diylc-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39150 diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39145 diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39144 diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39141 diylc-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39140 diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39139 clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39153 clion-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39152 clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39151 clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39148 clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39149 clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39147 clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39146 clion-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39150 clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39145 clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39144 clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39141 clion-bin-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39140 clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39139 intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39153 intellij-ce-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39152 intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39151 intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39148 intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39149 intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39147 intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39146 intellij-ce-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39150 intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39145 intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39144 intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39141 intellij-ce-bin-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39140 intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39139 intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39153 intellij-ue-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39152 intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39151 intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39148 intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39149 intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39147 intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39146 intellij-ue-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39150 intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39145 intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39144 intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39141 intellij-ue-bin-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39140 intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39139 phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39153 phpstorm-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39152 phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39151 phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39148 phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39149 phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39147 phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39146 phpstorm-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39150 phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39145 phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39144 phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39141 phpstorm-bin-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39140 phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39139 pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39153 pycharm-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39152 pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39151 pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39148 pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39149 pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39147 pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39146 pycharm-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39150 pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39145 pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39144 pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39141 pycharm-bin-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39140 pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39139 rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39153 rubymine-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39152 rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39151 rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39148 rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39149 rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39147 rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39146 rubymine-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39150 rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39145 rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39144 rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39141 rubymine-bin-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39140 rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39139 aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39153 aipo-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39152 aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39151 aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39148 aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39149 aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39147 aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39146 aipo-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39150 aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39145 aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39144 aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39141 aipo-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39140 aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39139 openssl>=1.1<1.1.1l buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3711 openssl<1.1.1l denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3712 php{56,73,74,80}-basercms-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-39136 qemu<6.2.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-3713 openexr<3.0.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3605 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21850 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21849 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21848 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21842 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21841 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21840 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21836 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21835 tcpreplay<4.3.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-18976 nasm-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-18974 podofo<0.9.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-18972 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21834 podofo<0.9.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18971 squashfs<4.5 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-40153 cacti<1.2.13 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-23226 py{27,34,35,36,37,38,39}-mezzanine-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-19002 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28700 xenkernel415<4.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28700 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28699 xenkernel415<4.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28699 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28698 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28698 xenkernel415<4.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28698 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28697 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28697 xenkernel415<4.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28697 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28695 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28695 xenkernel415<4.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28695 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28696 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28696 xenkernel415<4.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28696 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28694 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28694 xenkernel415<4.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28694 fetchmail<6.4.22 side-channel https://nvd.nist.gov/vuln/detail/CVE-2021-39272 tor>=0.4.6<0.4.6.7 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-38385 tor<0.4.5.10 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-38385 mc<4.8.27 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-36370 cgal-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35634 cgal-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35633 cgal-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35635 git-base<2.30.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-40330 mosquitto-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-34434 matrix-synapse<1.41.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39164 matrix-synapse<1.41.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39163 libssh<0.9.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3634 xmill-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-21811 cyrus-imapd<2.4.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33582 cyrus-imapd>=3.0<3.0.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33582 ffmpeg2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18778 ffmpeg2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18776 ffmpeg2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18775 ffmpeg3-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18778 ffmpeg3-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18776 ffmpeg3-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18775 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18778 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18776 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18775 ffplay2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18778 ffplay2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18776 ffplay2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18775 ffplay3-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18778 ffplay3-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18776 ffplay3-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18775 ffplay4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18778 ffplay4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18776 ffplay4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18775 inetutils<2.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-40491 py{27,34,35,36,37,38,39}-Pillow<8.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-23437 ap{22,24}-auth-openidc<2.4.9.4 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2021-39191 pure-ftpd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40524 weechat<3.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40516 botan-[0-9]* weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2021-40529 consul<1.8.15 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-37219 consul<1.8.15 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-38698 cryptopp-[0-9]* weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2021-40530 fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33285 fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33286 fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33287 fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33289 fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-35266 fuse-ntfs-3g<2021.8.22 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-35267 fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-35268 fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-35269 fuse-ntfs-3g<2021.8.22 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-39251 fuse-ntfs-3g<2021.8.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-39252 fuse-ntfs-3g<2021.8.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-39253 fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39254 fuse-ntfs-3g<2021.8.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-39255 fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39256 fuse-ntfs-3g<2021.8.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39257 fuse-ntfs-3g<2021.8.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-39258 fuse-ntfs-3g<2021.8.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-39259 fuse-ntfs-3g<2021.8.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-39260 fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39261 fuse-ntfs-3g<2021.8.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-39262 fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39263 libgcrypt<1.9.4 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2021-40528 php{56,72,73,74,80}-owncloud<10.8.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-35947 php{56,72,73,74,80}-owncloud<10.8.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-35949 tiff<4.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-19131 vim<8.2.3402 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3770 php{56,72,73,74,80}-owncloud<10.8.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-35946 php{56,72,73,74,80}-owncloud<10.8.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-35948 php{56,72,73,74,80}-nextcloud<22.1.0 remote-security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-32802 php{56,72,73,74,80}-nextcloud<22.1.0 excessive-logging https://nvd.nist.gov/vuln/detail/CVE-2021-32801 php{56,72,73,74,80}-nextcloud<22.1.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-32800 gifsicle<1.93 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-19752 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-19751 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-19750 salt<3003.3 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-22004 salt<3003.3 local-privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-21996 tiff<4.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-19144 tiff<4.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-19143 wordpress>=5.0<5.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-39201 wordpress>=5.2<5.8.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39200 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-33366 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-33364 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33362 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32137 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32136 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-32135 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-32134 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-32132 squashfs-[0-9]* arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-41072 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-33365 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-33363 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-32138 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-32139 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-33361 libsixel<1.8.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21050 libsixel<1.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21049 libsixel<1.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21048 gd<2.3.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-40812 ImageMagick<7.1.0.7 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-39212 glpi>=9.2<9.5.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39211 glpi>=9.1<9.5.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-39213 glpi<9.5.6 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-39210 glpi<9.5.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-39209 vim<8.2.3428 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3796 vim<8.2.3409 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3778 elasticsearch<7.14.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-22147 fig2dev<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21535 fig2dev<3.2.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21534 fig2dev<3.2.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21533 fig2dev<3.2.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21532 fig2dev<3.2.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21531 fig2dev<3.2.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21530 fig2dev<3.2.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21529 libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21606 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21605 libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21602 libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21604 libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21603 libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21601 libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21600 libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21597 libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21599 libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21598 libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21596 libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21595 libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21594 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28701 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28701 xenkernel415<4.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28701 apache-tomcat>=8.5<8.5.64 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41079 apache-tomcat>=9.0<9.0.44 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41079 apache<2.4.49 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2021-40438 apache<2.4.49 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39275 mitmproxy<7.0.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2021-39214 apache<2.4.49 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-34798 apache>=2.4.30<2.4.49 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36160 libsixel<1.8.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21548 libsixel<1.8.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21547 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39598 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39597 swftools-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39595 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39596 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39594 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39593 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39592 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39591 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39585 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39588 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39590 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39583 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39589 swftools-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39579 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39587 swftools-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39582 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39584 swftools-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39577 swftools-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39574 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39575 swftools-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39569 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39562 swftools-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39564 swftools-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39561 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39563 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39553 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39559 swftools-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39558 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39557 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39555 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39556 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39554 ncurses<6.2nb4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39537 libredwg<0.10.1.3768 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39530 libredwg<0.10.1.3768 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-39528 libredwg<0.10.1.3768 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39527 libredwg<0.10.1.3768 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39525 libredwg<0.10.1.3768 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39522 libredwg<0.10.1.3768 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39523 libredwg<0.10.1.3773 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39521 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-38094 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-38093 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-38092 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-38091 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-38089 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-38090 libgig-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32294 faad2<2.10.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32278 faad2<2.10.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32277 fig2dev<3.2.7b denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32280 faad2<2.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32276 faad2<2.10.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32273 faad2<2.10.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32274 faad2<2.10.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32272 gpac-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32271 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32270 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32269 gpac-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32268 icu<67.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-21913 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20901 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20900 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20899 ffmpeg4-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-20902 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20897 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20898 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20896 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20895 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20894 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20893 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20891 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20892 #redis-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21468 Disputed, see https://github.com/redis/redis/issues/6633 #openssh-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-20012 Documented configuration setting tcpreplay<4.3.3 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-23273 gpac-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-23269 gpac-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-23266 gpac-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-23267 php{56,73,74,80}-concrete5<8.5.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-22953 php{56,73,74,80}-concrete5<8.5.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-22950 php{56,73,74,80}-concrete5<8.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22949 elvish<0.14.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-41088 php{56,73,74,80}-concrete5<8.5.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-40100 php{56,73,74,80}-concrete5<8.5.6 arbitrary-file-deletion https://nvd.nist.gov/vuln/detail/CVE-2021-40102 php{56,73,74,80}-concrete5<8.5.6 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-40099 php{56,73,74,80}-concrete5<8.5.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-40109 php{56,73,74,80}-concrete5<8.5.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-40108 php{56,73,74,80}-concrete5<8.5.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-40106 php{56,73,74,80}-concrete5<8.5.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-40105 php{56,73,74,80}-concrete5<8.5.6 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-40103 php{56,73,74,80}-concrete5<8.5.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-40104 php{56,73,74,80}-concrete5<8.5.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-40098 php{56,73,74,80}-concrete5<8.5.6 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-40097 py{27,34,35,36,37,38,39}-nltk-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3828 py{27,34,35,36,37,38,39}-inflect-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3820 ruby{25,26,27}-nokogiri<1.12.5 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2021-41098 ansible-base<2.12.0nb1 code-injection https://nvd.nist.gov/vuln/detail/CVE-2021-3583 curl>=7.73.0<7.79.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-22945 libressl-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-41581 #tor-browser-[0-9]* excessive-logging https://nvd.nist.gov/vuln/detail/CVE-2021-39246 The logging is by tor, not tor-browser tor-[0-9]* excessive-logging https://nvd.nist.gov/vuln/detail/CVE-2021-39246 openssh>=6.2<8.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-41617 apache>=2.4.49<2.4.50 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41524 apache>=2.4.49<2.4.50 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-41773 apache>=2.4.49<2.4.51 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-42013 ardour<6.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-22617 curl<7.79.0 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2021-22946 curl<7.79.0 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-22947 grafana<8.1.6 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-39226 hiredis<1.0.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32765 mediawiki<1.36.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-42040 mediawiki<1.36.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-42041 mediawiki<1.36.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-42043 nodejs<12.22.5 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-22930 nodejs>=14<14.17.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-22930 gajim<1.3.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41055 libreoffice<7.1.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-25633 mediawiki<1.36.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41798 mediawiki<1.36.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41799 mediawiki<1.36.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41800 php>=7.3<7.3.31 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21705 php>=7.4<7.4.21 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21705 php>=8.0<8.0.8 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21705 php{56,73,74,80}-concrete5<8.5.5 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-22958 php{56,73,74,80}-concrete5-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41461 php{56,73,74,80}-concrete5-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41462 php{56,73,74,80}-concrete5-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41465 postgresql96-server<9.6.22 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32028 postgresql10-server<10.17 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32028 postgresql11-server<11.12 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32028 postgresql12-server<12.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32028 postgresql13-server<13.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32028 postgresql11-server<11.12 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32029 postgresql12-server<12.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32029 postgresql13-server<13.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32029 py{36,37,38,39,310}-scrapy<2.5.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-41125 redis<6.2.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32626 redis<6.2.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32627 redis<6.2.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32628 redis<6.2.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-32672 redis<6.2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32675 redis<6.2.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32687 redis<6.2.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32762 redis<6.2.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-41099 vault<1.8.4 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-41802 vault<1.8.4 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-42135 tinyxml-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-42260 ruby{25,26,27,30}-redmine41<4.1.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-42326 ruby{25,26,27,30}-redmine42<4.2.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-42326 ruby{25,26,27,30}-puma<4.3.9 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2021-41136 ruby{25,26,27,30}-puma>=5<5.5.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2021-41136 heimdal<7.7.0nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3671 libreoffice>=7.0<7.0.6 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-25634 libreoffice>=7.1<7.1.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-25634 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22679 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22678 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22677 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22675 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22673 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22674 apache-tomcat>=9.0.40<9.0.54 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-42340 apache-tomcat>=8.5.60<8.5.71 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-42340 couchdb<3.1.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-38295 vim<8.2.3489 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3875 rt4<4.2.17 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-38562 freeswitch<1.10.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-36513 go116<1.16.9 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-38297 go117<1.17.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-38297 ruby{25,26,27,30}-actionpack60<6.0.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22942 ruby{25,26,27,30}-actionpack61<6.1.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22942 mysql-client>=8.0<8.0.27 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2021.html#AppendixMSQL mysql-cluster>=8.0<8.0.27 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2021.html#AppendixMSQL mysql-server>=5.7<5.7.36 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2021.html#AppendixMSQL mysql-server>=8.0<8.0.27 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2021.html#AppendixMSQL openjdk8<1.8.302 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2021-35550 openjdk11<1.11.0.13 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2021-35550 freerdp<2.4.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-41159 freerdp<2.4.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-41160 mailman<2.1.35 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-42096 mailman<2.1.35 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-42097 php56-fpm-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-21703 php71-fpm-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-21703 php72-fpm-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-21703 php73-fpm<7.3.31 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-21703 php74-fpm<7.4.25 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-21703 php80-fpm<8.0.12 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-21703 py{27,36,37,38,39}-babel<2.9.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-42771 qutebrowser<2.4.0 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2021-41146 vim<8.2.3487 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3872 php{56,71,72,73,74,80}-nextcloud>=20<20.0.13 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41179 php{56,71,72,73,74,80}-nextcloud>=21<21.0.5 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41179 php{56,71,72,73,74,80}-nextcloud>=22<22.2.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41179 php{56,71,72,73,74,80}-nextcloud>=20<20.0.13 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41178 php{56,71,72,73,74,80}-nextcloud>=21<21.0.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41178 php{56,71,72,73,74,80}-nextcloud>=22<22.2.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41178 php{56,71,72,73,74,80}-nextcloud>=20<20.0.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41177 php{56,71,72,73,74,80}-nextcloud>=21<21.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41177 php{56,71,72,73,74,80}-nextcloud>=22<22.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41177 websvn-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2011-2195 libmysofa<1.2.1 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3756 calibre<2.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2011-4126 calibre<2.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2011-4124 calibre<2.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2011-4125 vim<8.2.3564 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3903 firefox<92 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-38/ firefox78<78.14 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-39/ tor-browser<10.5.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-39/ mozjs78<78.14 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-39/ firefox91<91.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-40/ thunderbird<78.14 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-42/ firefox<93 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-43/ tor-browser<10.5.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-44/ firefox78<78.15 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-44/ mozjs78<78.15 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-44/ firefox91<91.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-45/ jenkins<2.303.2 multiple-vulnerabilities https://www.jenkins.io/security/advisory/2021-11-04/ bind>=9.16<9.16.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-25219 htmldoc<1.9.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40985 grafana>=8.0.0<8.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41174 libxls-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27836 libheif<1.7.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-23109 cryptopp-[0-9]* side-channel https://nvd.nist.gov/vuln/detail/CVE-2021-43398 vim<8.2.3581 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3928 vim<8.2.3582 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3927 go116<1.16.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41772 go117<1.17.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41772 go116<1.16.10 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-41771 go117<1.17.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-41771 speex<1.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-23903 belle-sip<5.0.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-43611 belle-sip<5.0.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-43610 mailman<2.1.36 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-43331 mailman<2.1.36 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2021-43332 cacti<1.2.18 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-14424 grafana>=8<8.2.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-41244 puppet<7.12.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27025 puppet<7.12.1 possible-data-leak https://nvd.nist.gov/vuln/detail/CVE-2021-27023 wireshark>=3.4<3.4.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-39920 wireshark<3.4.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-39928 wireshark<3.4.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-39929 wireshark<3.4.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-39926 wireshark<3.4.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-39925 wireshark<3.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39924 wireshark<3.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39923 wireshark<3.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39922 wireshark<3.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39921 py{27,36,37,38,39}-pip<21.1 data-manipulation https://nvd.nist.gov/vuln/detail/CVE-2021-3572 gocr-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-33481 gocr-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-33480 gocr-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33479 php{56,72,73,74,80}-roundcube<1.4.12 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2021-44026 php{56,72,73,74,80}-roundcube<1.4.12 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-44025 vim<8.2.3612 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3974 vim<8.2.3611 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3973 vim<8.2.3611 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3968 gmp<6.2.1nb1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43618 ImageMagick<7.1.0-14 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3962 quagga<1.2.4 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-44038 librecad-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-21900 librecad-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21899 librecad-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-21898 pgbouncer<1.16.1 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-3935 isync-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-44143 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-23906 json-schema<0.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3918 py{27,36,37,38,39}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41165 py{27,36,37,38,39}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41164 gerbv-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-40391 npm-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-43616 moodle<3.9.11 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-43559 moodle>=3.10<3.10.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-43559 moodle<3.9.11 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-43560 moodle>=3.10<3.10.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-43560 moodle<3.9.11 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-3943 moodle>=3.10<3.10.8 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-3943 moodle<3.9.11 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-43558 moodle>=3.10<3.10.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-43558 lua51-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-43519 lua52-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-43519 lua53<5.3.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-43519 lua54<5.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-43519 matrix-synapse<1.47.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-41281 libcares<1.17.2 dns-hijacking https://nvd.nist.gov/vuln/detail/CVE-2021-3672 wordpress<5.8 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-44223 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28704 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28704 xenkernel415<4.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28704 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28707 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28707 xenkernel415<4.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28707 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28705 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28705 xenkernel415<4.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28705 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28706 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28706 xenkernel415<4.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28706 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28709 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28709 xenkernel415<4.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28709 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28708 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28708 xenkernel415<4.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28708 php{56,73,74,80}-basercms<4.5.4 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-41279 php{56,73,74,80}-basercms<4.5.4 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-41243 flif<0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14232 libaom<3.2.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36129 libaom<2.1.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-36130 libaom<2.1.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36131 libaom<3.2.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36133 libaom<2.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36134 libaom<2.1.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-36135 mailman<2.1.38 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-44227 mosquitto<2.0.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41039 php{56,73,74,80}-concrete5<8.5.7 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-40101 vault<1.8.5 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-43998 vim<8.2.3625 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3984 vim<8.2.3669 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-4019 binutils<2.34 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-37322 php>=7.3<7.3.33 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-21707 php>=7.4<7.4.26 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-21707 php>=8.0<8.0.13 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-21707 grafana>=8.0<8.0.7 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-43798 grafana>=8.1<8.1.8 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-43798 grafana>=8.2<8.2.7 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-43798 grafana>=8.3<8.3.1 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-43798 php-7.3.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages drupal-8.[0-9]* eol https://www.drupal.org/psa-2021-11-30 thunderbird<91.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-47/ firefox<94 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-48/ firefox91<91.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-48/ firefox<94 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-49/ firefox91<91.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-49/ thunderbird<91.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-50/ firefox<95 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-52/ firefox91<91.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-52/ firefox91<91.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-53/ thunderbird<91.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-54/ ruby{25,26,27,30}-bundler<2.2.33 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-43809 php{56,73,74,80}-piwigo-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2021-40313 calibre<5.32.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44686 tmate-[0-9]* session-hijack https://nvd.nist.gov/vuln/detail/CVE-2021-44513 tmate-[0-9]* session-hijack https://nvd.nist.gov/vuln/detail/CVE-2021-44512 grafana<7.5.12 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-43813 grafana>=8.3<8.3.2 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-43813 vim<8.2.3741 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-4069 grafana<7.5.12 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-43815 grafana>=8.3<8.3.2 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-43815 nss<3.73 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-43527 py{36,37,38,39,310}-django>=2.2<2.2.25 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-44420 py{36,37,38,39,310}-django>=3.1<3.1.14 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-44420 py{36,37,38,39,310}-django>=3.2<3.2.10 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-44420 py{27,36,37,38,39,310}-lxml<4.6.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-43818 webkit-gtk<2.32.4 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2021-0005.html webkit-gtk<2.34.1 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2021-0006.html webkit-gtk<2.34.4 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2021-0007.html teeworlds-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43518 php{56,73,74,80}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-40882 epiphany<41.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-45088 epiphany<41.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-45086 epiphany<41.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-45087 epiphany<41.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-45085 vault>=1.4.0<1.9.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-45042 p5-CPAN-Checksums-[0-9]* incorrect-signature-verification https://nvd.nist.gov/vuln/detail/CVE-2020-16155 p5-App-cpanminus-[0-9]* incorrect-signature-verification https://nvd.nist.gov/vuln/detail/CVE-2020-16154 perl<5.35.7 incorrect-signature-verification https://nvd.nist.gov/vuln/detail/CVE-2020-16156 binutils<2.37nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45078 mediawiki<1.36.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-45038 mediawiki<1.36.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-44857 mediawiki<1.36.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-44858 py{27,34,35,36,37,38,39,310}-numpy<1.23.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41496 py{27,34,35,36,37,38,39,310}-numpy<1.22.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34141 py{27,34,35,36,37,38,39,310}-numpy<1.22.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41495 py{27,34,35,36,37,38,39,310}-numpy<1.21.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33430 vim<8.2.3847 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-4136 mediawiki<1.36.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-45038 mediawiki<1.36.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-44857 mediawiki<1.36.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-44858 vim<8.2.3847 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-4136 mbedtls>=2<2.28.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-44732 apache<2.4.52 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-44790 apache>=2.4.7<2.4.52 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-44224 modular-xorg-server<1.20.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-4011 modular-xorg-server<1.20.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-4010 modular-xorg-server<1.20.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-4009 modular-xorg-server<1.20.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-4008 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45292 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45289 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45288 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45291 binaryen<104 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45293 binaryen<104 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45290 mbedtls<3.1.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-45451 mbedtls<2.28.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-45450 assimp<5.1.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45948 dnsmasq-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45951 dnsmasq-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45952 dnsmasq-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45953 dnsmasq-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45954 dnsmasq-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45955 dnsmasq-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45956 dnsmasq-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45957 e2guardian-[0-9]* man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-44273 expat<2.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45960 gdallib-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45943 gegl<0.4.34 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-45463 gerbv<2.8.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-40393 gerbv<2.8.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40394 ghostscript-agpl<9.54 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-45944 ghostscript-agpl<9.55.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45949 giftrans-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45972 gnuplot-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44917 go116<1.16.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44716 go117<1.17.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44716 go116<1.16.12 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-44717 go117<1.17.5 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-44717 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44918 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44919 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44920 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44921 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44922 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44923 gpac-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-44924 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44925 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44926 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44927 gpac-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45258 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45259 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45260 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45262 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45263 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45266 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45267 gpac-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-45297 harfbuzz<2.9.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-45931 libredwg-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-45950 mongodb<4.2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20330 nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45256 nasm-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-45257 openexr<3.1.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45942 patch-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45261 py{27,36,37,38,39,310}-celery<5.2.2 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-23727 py{27,36,37,38,39,310}-nltk<3.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-43854 py{27,36,37,38,39,310}-ujson-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45958 qt5-qtsvg-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-45930 qt6-qtsvg<6.2.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-45930 ruby26-base<2.6.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41817 ruby27-base<2.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41817 ruby30-base<3.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41817 ruby26-base<2.6.9 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-41819 ruby27-base<2.7.5 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-41819 ruby30-base<3.0.3 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-41819 unicorn<2.0.0rc5 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2021-44078 vim<8.2.3884 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-4166 vim<8.2.3902 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-4173 vim<8.2.3923 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-4187 vim<8.2.3949 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-4192 vim<8.2.3950 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-4193 wireshark<3.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4181 wireshark<3.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4182 wireshark<3.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4183 wireshark<3.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4184 wireshark<3.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4185 wireshark<3.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4186 wireshark<3.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4190 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45829 py{27,36,37,38,39,310}-nltk<3.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3842 tcpslice<1.5 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-41043 php{56,72,73,74,80}-roundcube<1.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-46144 expat<2.4.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-46143 uriparser<0.9.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-46142 uriparser<0.9.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-46141 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46038 hdf5-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45832 hdf5-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45833 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-45831 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45830 lighttpd>=1.4.46<1.4.64 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-22707 vim<8.2.4009 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0128 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44591 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44590 wordpress<5.8.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-21664 wordpress<5.8.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-21662 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-46044 wordpress<5.8.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-21663 wordpress<5.8.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-21661 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46043 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46042 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46041 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46040 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46039 kubectl<1.26.0 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-25743 py{36,37,38,39,310}-django>=2.2<2.2.26 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-45452 py{36,37,38,39,310}-django>=3.2<3.2.11 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-45452 py{36,37,38,39,310}-django>=4<4.0.1 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-45452 py{36,37,38,39,310}-django>=2.2<2.2.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45115 py{36,37,38,39,310}-django>=3.2<3.2.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45115 py{36,37,38,39,310}-django>=4<2.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45115 py{36,37,38,39,310}-django>=2.2<2.2.26 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-45116 py{36,37,38,39,310}-django>=3.2<3.2.11 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-45116 py{36,37,38,39,310}-django>=4<4.0.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-45116 tiff<4.3.0nb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-22844 expat<2.4.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-22827 expat<2.4.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-22826 expat<2.4.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-22825 expat<2.4.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-22824 expat<2.4.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-22823 expat<2.4.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-22822 py{27,34,35,36,37,38,39,310}-Pillow<9.0.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-22817 py{27,34,35,36,37,38,39,310}-Pillow<9.0.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-22816 py{27,34,35,36,37,38,39,310}-Pillow<9.0.0 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2022-22815 vim<8.2.4049 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0158 vim<8.2.4040 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-0156 mediawiki<1.36.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-46150 mediawiki<1.36.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46149 mediawiki<1.36.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-46147 mediawiki<1.36.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-46148 mediawikit<1.36.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-46146 vim<8.2.3883 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-46059 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46051 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46049 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-46047 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46045 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46046 htmldoc<1.9.14 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-43579 ruby{25,26,27,30}-actionpack60<6.0.4.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-44528 ruby{25,26,27,30}-actionpack61<6.1.4.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-44528 phoronix-test-suite-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-0157 clamav<0.103.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-20698 fig2dev<3.2.8b double-free https://nvd.nist.gov/vuln/detail/CVE-2021-37529 fig2dev<3.2.8b denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-37530 gdk-pixbuf2<2.42.9 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-44648 gpac<0.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25427 gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36412 gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36414 gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36417 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-40559 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40562 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40563 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40564 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40565 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40566 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40567 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40568 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40569 gpac-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2021-40570 gpac-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2021-40571 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40572 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40573 gpac-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2021-40574 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40575 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40576 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45760 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45762 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45763 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45764 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45767 guacamole-server<1.4.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-41767 guacamole-server<1.4.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-43999 jenkins<2.330 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-20612 libde265<1.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-35452 libde265<1.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36408 libde265<1.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36409 libde265<1.0.9 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36410 libde265<1.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36411 lua54<5.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44647 binaryen<105 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46048 binaryen-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-46050 binaryen<105 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46052 binaryen-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46053 binaryen<105 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46054 binaryen<105 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46055 phoronix-test-suite-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-0196 phoronix-test-suite-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-0197 phoronix-test-suite-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-0238 radare2-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0173 samba<4.13.16 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-43566 spin-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-46168 vim<8.2.4074 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0213 wpa_supplicant<2.10 side-channel https://nvd.nist.gov/vuln/detail/CVE-2022-23303 wpa_supplicant<2.10 side-channel https://nvd.nist.gov/vuln/detail/CVE-2022-23304 zabbix<5.4.9 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-23131 zabbix<5.4.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-23132 zabbix<5.4.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-23133 zabbix<5.4.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-23134 webkit-gtk<2.34.4 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2022-0001.html polkit<0.120nb2 local-privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-4034 mysql-cluster>=8.0<8.0.28 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL mysql-server>=5.7<5.7.37 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL mysql-server>=8.0<8.0.28 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL openjdk8<1.8.313 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixJAVA openjdk11<1.11.0.14 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixJAVA apache-tomcat<8.5.75 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-23181 apache-tomcat>=9<9.0.58 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-23181 cacti-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-23225 cacti-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-26247 cacti-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-3816 duktape-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46322 expat<2.4.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-23852 expat<2.4.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-23990 gcc-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46195 go116<1.16.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39293 go117<1.17.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39293 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46234 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46236 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46237 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46238 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46239 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46240 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46311 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46313 grafana<8.3.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-21673 hdf5-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-46242 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46243 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46244 ldns<1.8.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-19860 ldns<1.8.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-19861 librecad-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-45341 librecad-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45342 librecad-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45343 libsixel-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45340 libspf2<1.2.11 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-33912 mariadb-server>=10.4<10.4.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46657 mariadb-server>=10.5<10.5.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46657 mariadb-server>=10.6<10.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46657 mariadb-server>=10.4<10.4.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46658 mariadb-server>=10.5<10.5.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46658 mariadb-server>=10.6<10.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46658 mariadb-server>=10.4<10.4.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46659 mariadb-server>=10.5<10.5.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46659 mariadb-server>=10.6<10.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46659 moodle<3.11.5 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-0332 moodle<3.11.5 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-0333 moodle<3.11.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-0334 moodle<3.11.5 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-0335 py{36,37,38,39,310}-wagtail<2.15.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-21683 vim<8.2.4120 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0261 wolfssl>=5<5.1.1 side-channel https://nvd.nist.gov/vuln/detail/CVE-2022-23408 py{36,37,38,39,310}-loguru<0.6.0 remote-code-injection https://nvd.nist.gov/vuln/detail/CVE-2022-0329 vim<8.2.4151 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0318 php{56,70,71,72,73,74,80}-phpmyadmin<4.9.8 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-23807 xerces-j<2.12.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23437 vim<8.2.4206 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-0351 vim<8.2.4217 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0368 vim<8.2.4215 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0361 vim<8.2.4214 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0359 vim<8.2.4233 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0393 vim<8.2.4218 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0392 vim<8.2.4253 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-0413 vim<8.2.4247 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0408 vim<8.2.4219 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0407 vim<8.2.4245 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0417 rust>=1<1.58.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-21658 p5-Image-ExifTool<12.38 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-23935 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23035 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23034 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23033 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23035 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23034 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23033 xenkernel415<4.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23035 xenkernel415<4.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23034 xenkernel415<4.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23033 varnish>=6.0<6.6.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-23959 varnish>=7.0<7.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-23959 qemu<6.2.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-4145 protobuf<3.15.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-22570 tightvnc-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-23967 glpi<9.5.7 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-21720 glpi<9.5.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-21719 php{56,73,74,80}-piwigo<2.8.1 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-3735 xterm<370 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-24130 py{27,34,35,36,37,38,39,310}-treq<22.1.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-23607 h2o-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-43848 zabbix-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-46088 minetest<5.4.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24301 minetest<5.4.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24300 jhead-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26208 vim<8.2.4281 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-0443 py{36,37,38,39,310}-django>=2.2<2.2.27 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-23833 py{36,37,38,39,310}-django>=3.2<3.2.12 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-23833 py{36,37,38,39,310}-django>=4.0<4.0.2 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-23833 py{36,37,38,39,310}-django>=2.2<2.2.27 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-22818 py{36,37,38,39,310}-django>=3.2<3.2.12 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-22818 py{36,37,38,39,310}-django>=4.0<4.0.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-22818 py{27,36,37,38,39,310}-ipython>=6.0.0<7.16.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-21699 py{27,36,37,38,39,310}-ipython>=7.17.0<7.31.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-21699 py{27,36,37,38,39,310}-ipython>=8.0.0<8.0.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-21699 mariadb-server>=10.6<10.6.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-46669 mariadb-server>=10.5<10.5.16 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-46669 mariadb-server>=10.4<10.4.25 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-46669 mariadb-server>=10.6<10.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46668 mariadb-server>=10.5<10.5.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46668 mariadb-server>=10.4<10.4.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46668 mariadb-server>=10.6<10.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46665 mariadb-server>=10.5<10.5.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46665 mariadb-server>=10.4<10.4.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46665 mariadb-server>=10.6<10.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46664 mariadb-server>=10.5<10.5.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46664 mariadb-server>=10.4<10.4.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46664 mariadb-server>=10.6<10.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46662 mariadb-server>=10.5<10.5.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46662 mariadb-server>=10.4<10.4.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46662 mariadb-server>=10.6<10.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46663 mariadb-server>=10.5<10.5.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46663 mariadb-server>=10.4<10.4.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46663 mariadb-server>=10.6<10.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46661 mariadb-server>=10.5<10.5.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46661 mariadb-server>=10.4<10.4.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46661 openssl>=1.1.1<1.1.1m unknown-impact https://nvd.nist.gov/vuln/detail/CVE-2021-4160 mariadb-server<10.4.22 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-46667 mariadb-server>=10.5.0<10.5.13 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-46667 mariadb-server>=10.6.0<10.6.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-46667 mariadb-server<10.4.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46666 mariadb-server>=10.5.0<10.5.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46666 mariadb-server>=10.6.0<10.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46666 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-24249 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-4043 gerbv-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-40403 gerbv-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-40401 mongodb<4.2.18 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32036 apache-cassandra<3.0.26 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-44521 atheme<7.2.12 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24976 drupal<9.0.6 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-13668 drupal<9.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13669 drupal<9.0.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-13670 drupal<9.0.12 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13672 drupal<9.2.6 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-13675 drupal<9.2.6 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-13677 gitea<1.7.0 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-45325 gitea<1.5.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-45326 gitea<1.11.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-45327 gitea<1.4.3 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2021-45328 gitea<1.5.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-45329 gitea<1.5.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-45330 gitea<1.5.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-45331 go116<1.16.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23772 go117<1.17.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23772 go116<1.16.14 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2022-23773 go117<1.17.7 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2022-23773 go116<1.16.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23806 go117<1.17.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23806 gradle<7.4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-23630 grafana<8.3.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-21702 grafana<8.3.5 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-21703 grafana<8.3.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-21713 htmldoc<1.9.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0534 jenkins<2.334 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0538 kate<21.12.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-23853 # "can't be fixed" according to https://bugzilla.redhat.com/show_bug.cgi?id=2054686 #git-base-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-24975 php{56,73,74,80,81}-concrete5<9.0 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-22954 php{56,73,74,80,81}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-45357 py{27,36,37,38,39,310}-twisted<22.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-21712 python36<3.6.14 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2022-0391 python37<3.7.11 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2022-0391 python38<3.8.11 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2022-0391 python39<3.9.5 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2022-0391 python310<3.10.0 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2022-0391 radare2<5.6.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-0139 radare2<5.6.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0519 radare2<5.6.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0521 ruby{25,26,27,30,31}-actionpack60<6.0.4.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-23633 ruby{25,26,27,30,31}-actionpack61<6.1.4.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-23633 ruby{25,26,27,30,31}-actionpack70<7.0.2.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-23633 ruby27-base<2.7.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-41816 ruby30-base<3.0.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-41816 ruby{25,26,27,30,31}-puma<5.2.6.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-23634 tcpreplay<4.3.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45386 tcpreplay<4.3.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45387 tiff<4.3.0nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0561 tiff<4.3.0nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0562 unzip<6.0nb10 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-0529 unzip<6.0nb10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0530 vim<8.2.4327 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0554 ImageMagick<7.0.10.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3596 ImageMagick<7.0.11.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3610 blender<2.83.19 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0544 blender>=2.93<2.93.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0544 blender<2.83.19 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0545 blender>=2.93<2.93.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0545 blender<3.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0546 consul<1.9.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24687 cyrus-sasl<2.1.28 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-24407 drupal<9.2.16 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-25271 expat<2.4.5 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-25235 expat<2.4.5 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-25236 expat<2.4.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-25313 expat<2.4.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-25314 expat<2.4.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-25315 ghostscript-agpl<9.55.0 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2021-3781 htmldoc<1.9.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26252 isync<1.4.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-3578 isync<1.4.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-3657 kcron<21.12.3 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2022-24986 vim<8.2.4359 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0572 phoronix-test-suite<10.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-0571 zsh<5.8.1 archive-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-45444 wireshark<3.6.2 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-0586 wireshark<3.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0583 wireshark<3.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0582 wireshark<3.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0581 radare2<5.6.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-0559 qt5>=5.9<5.15.9 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-25255 pcf2bdf<1.07 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23319 pcf2bdf<1.07 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-23318 vim<8.2.4397 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0629 wireshark<3.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0585 swtpm-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-23645 libsixel-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2021-46700 vim<8.2.4418 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0685 vim<8.2.4428 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-0696 radare2<5.6.4 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-0712 vim<8.2.4436 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0714 radare2<5.6.4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0713 vim<8.2.4440 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0729 radare2<5.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0476 wolfssl<5.2.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2022-25640 wolfssl<5.2.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2022-25638 radare2<5.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0695 radare2<5.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4021 libxml2<2.9.13 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-23308 lepton-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-26181 polkit<0.119 local-root-exploit https://nvd.nist.gov/vuln/detail/CVE-2021-3560 qemu<6.2.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3947 qemu<6.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3930 polkit-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4115 php{56,73,74,80,81}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-24620 qemu<6.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3608 qemu<6.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3607 qt5<5.15.9 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-25634 webmin<1.990 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-0829 webmin<1.990 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-0824 haproxy-[0-9]* http-response-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-0711 htmldoc<1.9.12 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-23206 htmldoc<1.9.12 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-23191 htmldoc<1.9.12 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-23180 htmldoc<1.9.11 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-26948 htmldoc<1.9.12 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-26259 liquibase<4.8.0 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2022-0839 radare2<5.6.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-0849 cmark-gfm<0.29.0.gfm.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-24724 cacti-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-0730 py{27,36,37,38,39,310}-twisted<22.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-21716 qemu<7.2.0 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-3638 openjpeg<2.5.1 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3575 openexr<2.5.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-20303 openexr<2.5.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-20300 openexr<2.5.4 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2021-20302 samba>=4.0<4.13.14 local-system-compromise https://nvd.nist.gov/vuln/detail/CVE-2020-25722 samba>=4.14<4.14.10 local-system-compromise https://nvd.nist.gov/vuln/detail/CVE-2020-25722 samba>=4.15<4.15.2 local-system-compromise https://nvd.nist.gov/vuln/detail/CVE-2020-25722 samba>=4.0<4.13.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25718 samba>=4.14<4.14.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25718 samba>=4.15<4.15.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25718 samba>=4.0<4.13.14 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-25717 samba>=4.14<4.14.10 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-25717 samba>=4.15<4.15.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-25717 samba>=4.0<4.13.14 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25719 samba>=4.14<4.14.10 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25719 samba>=4.15<4.15.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25719 samba>=4.0<4.13.14 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-2124 samba>=4.14<4.14.10 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-2124 samba>=4.15<4.15.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-2124 samba<4.13.17 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-44142 samba>=4.14<4.14.12 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-44142 samba>=4.15<4.15.5 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-44142 samba<4.15.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-44141 samba>=4.0<4.13.14 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3738 samba>=4.14<4.14.10 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3738 samba>=4.15<4.15.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3738 samba>=4.10<4.13.14 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23192 samba>=4.14<4.14.10 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23192 samba>=4.15<4.15.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23192 go116<1.16.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24921 go117<1.17.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24921 mediawiki<1.23.16 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-0371 libreoffice>=7.2<7.2.5 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-25636 py{36,37,38,39,310}-scrapy<2.6.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-0577 libtpms<0.9.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3623 ansible-base<2.9.26 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3620 python36<3.6.14 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-3737 python37<3.7.11 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-3737 python38<3.8.11 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-3737 python39<3.9.6 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-3737 sqlite3>=3.35.1<3.38.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-45346 mariadb-server<10.4.23 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24052 mariadb-server>=10.5<10.5.14 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24052 mariadb-server>=10.6<10.6.6 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24052 mariadb-server<10.4.23 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24051 mariadb-server>=10.5<10.5.14 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24051 mariadb-server>=10.6<10.6.6 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24051 mariadb-server<10.4.23 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24050 mariadb-server>=10.5<10.5.15 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24050 mariadb-server>=10.6<10.6.6 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24050 mariadb-server<10.4.23 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24048 mariadb-server>=10.5<10.5.15 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24048 mariadb-server>=10.6<10.6.6 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24048 nodejs<12.22.9 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-44533 nodejs>=14<14.18.3 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-44533 nodejs<12.22.9 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-44532 nodejs>=14<14.18.3 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-44532 nodejs<12.22.9 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-44531 nodejs>=14<14.18.3 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-44531 php>=7.4<7.4.28 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-21708 php>=8.0<8.0.16 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-21708 php>=8.1<8.1.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-21708 postgresql11-server<11.13 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-3677 postgresql12-server<12.8 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-3677 postgresql13-server<13.4 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-3677 postgresql96-server<9.6.24 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23214 postgresql10-server<10.19 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23214 postgresql11-server<11.14 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23214 postgresql12-server<12.9 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23214 postgresql13-server<13.5 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23214 postgresql14-server<14.1 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23214 nginx<1.20.2nb2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-25139 nginx>=1.21<1.21.6nb1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-25139 njs<0.7.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-25139 nginx<1.20.2nb2 type-confusion https://nvd.nist.gov/vuln/detail/CVE-2021-46463 nginx>=1.21<1.21.6nb1 type-confusion https://nvd.nist.gov/vuln/detail/CVE-2021-46463 njs<0.7.2 type-confusion https://nvd.nist.gov/vuln/detail/CVE-2021-46463 nginx<1.20.2nb2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-46462 nginx>=1.21<1.21.6nb1 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-46462 njs<0.7.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-46462 nginx<1.20.2nb2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-46461 nginx>=1.21<1.21.6nb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-46461 njs<0.7.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-46461 mupdf<1.20.0nb2 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45005 bareos<20.0.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24756 bareos<20.0.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24755 py{27,34,35,36,37,38,39,310}-httpie<3.1.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-0430 openssl<1.1.1n denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0778 gitea<1.13.6 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-29134 vim<8.2.4563 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0943 qemu<7.0.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-26354 qemu<7.0.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-26353 htmldoc<1.9.12 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-23158 openexr<3.0.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-20299 ansible-base<2.9.18 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20180 qemu<6.0.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-20257 samba>=4.0<4.13.14 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25721 samba>=4.14<4.14.10 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25721 samba>=4.15<4.15.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25721 minidlna<1.3.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-26505 py{27,34,35,36,37,38,39,310}-httpie<3.1.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-24737 php{56,71,72,73,74,80}-nextcloud>=20<20.0.14 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41239 php{56,71,72,73,74,80}-nextcloud>=21<21.0.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41239 php{56,71,72,73,74,80}-nextcloud>=22<22.2.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41239 icingaweb2<2.9.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-24716 icingaweb2<2.8.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-24714 icingaweb2<2.8.6 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24715 zabbix-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-24919 zabbix-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-24917 zabbix-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-24918 zabbix-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24349 gitea<1.16.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-0905 libcaca-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0856 php{56,70,71,72,73,74,80}-phpmyadmin<4.9.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-0813 keepass-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-0725 ming-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-34342 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34341 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34340 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34339 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34338 libpano13-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-33293 libsixel-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2020-36123 gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-26967 gpac<2.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-24578 gpac<2.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-24577 gpac<2.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-24576 gpac<2.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-24575 gpac<2.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-24574 apache<2.4.53 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-23943 apache<2.4.53 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-22720 apache<2.4.53 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-22721 apache<2.4.53 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-22719 mutt<2.2.3 buffer-overrun https://nvd.nist.gov/vuln/detail/CVE-2022-1328 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32162 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32161 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32160 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32159 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32158 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32157 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32156 vim<8.2.4647 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1160 vim<8.2.4646 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-1154 tcpreplay-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27942 tcpreplay-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27941 tcpreplay-[0-9]* arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2022-27939 tcpreplay-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27940 tcpreplay<4.4.1 double-free https://nvd.nist.gov/vuln/detail/CVE-2022-27416 tcpreplay<4.4.1 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27418 salt<3004.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-22941 salt<3004.1 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-22936 salt<3004.1 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2022-22935 salt<3004.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-22934 moodle<3.10.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32478 moodle<3.10.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32476 moodle<3.10.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32475 moodle<3.10.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2021-32474 moodle<3.10.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32473 moodle<3.10.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32472 moodle<3.10.4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-32477 radare2<5.6.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-1031 radare2<5.6.8 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1061 radare2<5.6.6 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1052 radare2<5.6.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1207 radare2<5.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1244 radare2<5.6.8 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1238 radare2<5.8.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1240 radare2<5.6.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1237 radare2<5.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1284 radare2<5.6.8 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-1283 radare2<5.6.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1296 radare2<5.6.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1297 libsixel-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27938 libsixel-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-27046 libsixel-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27044 libsixel-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-41715 libsixel-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40656 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1035 gpac-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-1222 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27148 gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-27147 gpac-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27146 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27145 php{56,72,73,74,80}-orangehrm<4.10.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-27107 php{56,72,73,74,80}-orangehrm<4.10.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-27108 jhead<3.06.0.1 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-28278 jhead<3.06.0.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-28277 jhead<3.06.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28276 jhead<3.06.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28275 abcm2ps<8.14.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32436 abcm2ps<8.14.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32435 abcm2ps<8.14.12 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-32434 mediawiki<1.37.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-28209 mediawiki<1.37.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-28202 tiff<4.4.0 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0891 tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0865 tiff<4.4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0924 tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0908 tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0909 tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0907 tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1056 tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1210 gerbv-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-40402 gerbv-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-40400 openexr<3.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3941 openexr<3.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3933 py{27,34,35,36,37,38,39,310}-tryton<6.2.6 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-26661 wavpack-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44269 grub2-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3981 horde<2.2.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-26874 fish<3.4.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-20001 lua54<5.4.4 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2021-44964 py{27,34,35,36,37,38,39,310}-paramiko<2.10.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-24302 openvpn<2.5.6 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-0547 mitmproxy<8.0.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-24766 bind>=9.16.11<9.16.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0396 libsndfile<1.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-4156 qemu<6.2.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3748 gitea<1.16.5 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2022-1058 mbedtls-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-43666 libvirt-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0897 libvirt-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4147 qemu<2.17.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3582 caribou<0.4.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3567 zlib<1.2.12 input-validation https://nvd.nist.gov/vuln/detail/CVE-2018-25032 py{27,34,35,36,37,38,39,310}-Pillow<9.0.1 local-file-delete https://nvd.nist.gov/vuln/detail/CVE-2022-24303 lrzip<0.650 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-26291 re2c<3.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-23901 openjpeg<2.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1122 mediawiki<1.37.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-28205 mediawiki<1.37.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-28206 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1172 ruby{25,26,27,30,31}-puma<5.6.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-24790 py{27,36,37,38,39,310}-notebook<6.4.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-24758 SDL2<2.0.20 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33657 weechat<3.4 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2022-28352 py{27,36,37,38,39,310}-twisted<22.4.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-24801 htmldoc<1.9.15 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-24191 py{27,36,37,38,39,310}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-24729 py{27,36,37,38,39,310}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-24728 mantis<2.25.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-26144 mantis<2.25.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-43257 libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1253 sox-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40426 njs<0.7.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27008 njs<0.7.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-27007 mutt<2.2.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1328 subversion-base<1.14.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-28544 ap24-subversion<1.14.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-28544 lua54<5.4.4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-28805 e2fsprogs-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1304 go116-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27191 go117<1.17.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27191 mariadb-server>=10.6<10.6.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27387 mariadb-server>=10.5<10.5.16 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27387 mariadb-server>=10.4<10.4.25 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27387 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27386 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27386 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27386 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27382 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27382 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27382 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27380 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27380 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27380 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27384 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27384 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27384 mariadb-server>=10.6<10.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27385 mariadb-server>=10.5<10.5.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27385 mariadb-server>=10.4<10.4.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27385 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27383 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27383 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27383 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27379 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27379 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27379 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27378 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27378 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27378 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27381 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27381 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27381 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27376 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27376 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27376 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27377 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27377 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27377 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27458 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27458 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27458 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27457 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27457 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27457 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27456 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27456 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27456 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27452 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27452 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27452 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27455 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27455 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27455 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27451 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27451 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27451 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27448 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27448 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27448 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27447 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27447 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27447 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27446 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27446 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27446 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27449 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27449 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27449 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27445 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27445 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27445 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27444 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27444 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27444 subversion-base<1.14.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-24070 ap24-subversion<1.14.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-24070 mongodb<4.2.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32040 asterisk16<16.25.2 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-26499 asterisk18<18.11.2 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-26499 asterisk19<19.3.2 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-26499 asterisk16<16.25.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2022-26498 asterisk18<18.11.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2022-26498 asterisk19<19.3.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2022-26498 asterisk16<16.25.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-26651 asterisk18<18.11.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-26651 asterisk18<19.3.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-26651 php{56,71,72,73,74,80}-nextcloud<20.0.14 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41241 php{56,71,72,73,74,80}-nextcloud>=21<21.0.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41241 php{56,71,72,73,74,80}-nextcloud>=22<22.2.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41241 php{56,71,72,73,74,80}-nextcloud<21.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24741 php{56,71,72,73,74,80}-nextcloud>=22<22.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24741 php{56,71,72,73,74,80}-nextcloud>=23<23.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24741 php{56,71,72,73,74,80}-nextcloud<20.0.14 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41233 php{56,71,72,73,74,80}-nextcloud>=21<21.0.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41233 php{56,71,72,73,74,80}-nextcloud>=22<22.2.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41233 ImageMagick<6.9.12.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4219 ImageMagick>=7.1<7.1.0.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4219 php{56,72,73,74,80}-composer<2.2.12 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-24828 xenkernel411-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-26356 xenkernel413-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-26356 xenkernel415<4.15.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-26356 njs<0.7.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-28049 php{56,73,74,80,81}-piwigo-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-26267 php{56,73,74,80,81}-piwigo-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-26266 powerdns<4.4.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-27227 powerdns-recursor<4.4.8 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-27227 ruby{25,26,27,30,31}-nokogiri<1.13.4 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2022-24836 # affects ghostpcl, not part of standard ghostscript, see e.g. https://ubuntu.com/security/CVE-2022-1350 #ghostscript-agpl-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-1350 neomutt<20220415 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1328 php{56,73,74,80,81}-memcached<2.1.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-26635 grafana<8.4.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24812 grafana<7.3.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-26148 libarchive<3.6.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-26280 py{36,37,38,39,310}-django>=2.2<2.2.28 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-28347 py{36,37,38,39,310}-django>=3.2<3.2.13 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-28347 py{36,37,38,39,310}-django>=4.0<4.0.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-28347 py{36,37,38,39,310}-django>=2.2<2.2.28 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-28346 py{36,37,38,39,310}-django>=3.2<3.2.13 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-28346 py{36,37,38,39,310}-django>=4.0<4.0.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-28346 ruby{25,26,27,30,31}-yajl<1.4.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-24795 bind>=9.11<9.11.37 dns-cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2021-25220 bind>=9.16<9.16.27 dns-cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2021-25220 python37<3.7.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3733 python39<3.8.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3733 python39<3.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3733 python37<3.7.16 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2015-20107 python38<3.8.16 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2015-20107 python39<3.9.16 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2015-20107 python310<3.10.8 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2015-20107 radare2<5.6.8 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-1382 radare2<5.6.8 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1383 vim<8.2.4763 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1381 bwm-ng<0.6.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-1341 py{27,36,37,38,39,310}-PDF2<1.27.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24859 opensc<0.22.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-42782 opensc<0.22.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-42781 opensc<0.22.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-42780 opensc<0.22.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-42779 opensc<0.22.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-42778 dcraw-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3624 freetype2<2.12.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27406 freetype2<2.12.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27405 freetype2<2.12.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27404 radare2-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1437 radare2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1444 radare2-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1452 radare2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1451 glpi<10.0.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24869 glpi<10.0.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-24868 glpi<10.0.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-24867 zoneminder-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-29806 vim<8.2.4774 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1420 pam-tacplus<1.4.1 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2016-20014 gpac-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-29537 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1441 epiphany<41.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-29536 xpdf-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27135 giflib<5.2.1nb5 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-28506 mysql-cluster<5.7.37 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixMSQL mysql-server<5.7.37 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixMSQL mysql-cluster>=7.0<7.4.35 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixMSQL mysql-server>=7.0<7.4.35 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixMSQL mysql-cluster>=7.6<7.6.21 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixMSQL mysql-server>=7.6<7.6.21 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixMSQL mysql-cluster>=8.0<8.0.28 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixMSQL mysql-server>=8.0<8.0.28 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixMSQL openjdk8<1.8.322 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixJAVA openjdk11<11.0.15 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixJAVA freerdp2<2.7.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24883 freerdp2<2.7.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24882 couchdb<3.2.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24706 htmldoc-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-28085 consul<1.9.17 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-29153 go117<1.17.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-28327 go117<1.18.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-28327 go118<1.18.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27536 go117<1.17.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24675 go118<1.18.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24675 ncurses<6.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-29458 ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-25059 ghostscript-agpl<9.27 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-25059 redis<6.2.7 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-24736 redis<6.2.7 code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-24735 php{56,71,72,73,74,80}-nextcloud>=22<22.2.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24889 php{56,71,72,73,74,80}-nextcloud>=23<23.0.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24889 php{56,71,72,73,74,80}-nextcloud>=22<22.2.4 code-injection https://nvd.nist.gov/vuln/detail/CVE-2022-24888 php{56,71,72,73,74,80}-nextcloud>=23<23.0.1 code-injection https://nvd.nist.gov/vuln/detail/CVE-2022-24888 pycharm-bin<2022.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-29820 intellij-ue-bin<2022.1 local-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-29819 intellij-ue-bin<2022.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-29818 intellij-ue-bin<2022.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-29817 intellij-ue-bin<2022.1 code-injection https://nvd.nist.gov/vuln/detail/CVE-2022-29816 intellij-ue-bin<2022.1 local-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-29815 intellij-ue-bin<2022.1 local-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-29814 intellij-ue-bin<2022.1 local-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-29813 intellij-ue-bin<2022.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29812 py{27,36,37,38,39,310}-httpx-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-41945 podman<3.4.7 code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-1227 ImageMagick>=7.1<7.1.0.28 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-1114 moodle-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-0985 moodle-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-0984 qemu<7.0.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-4207 qemu<7.0.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-4206 mediawiki<1.36.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-28323 prosody<0.11.12 denial-of-service https://prosody.im/security/advisory_20220113/ radare2-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-1649 vim<8.2.4925 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1629 vim<8.2.4919 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1621 libsixel-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29977 tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1623 tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1622 qemu<7.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3611 mp3gain-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34085 njs<0.7.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29369 vim<8.2.4938 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-1674 radare2-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1714 webmin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-30708 unrar<6.1.7 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2022-30333 janet<1.22.0 array-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-30763 gitea<1.6.7 command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-30781 xpdf-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-30775 u-boot-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-30767 apache-tomcat-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29885 apache-tomcat>=9.0<9.0.21 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-25762 apache-tomcat>=8.5<8.5.76 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-25762 gitea<1.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27313 gtk+-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gtk2+-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages qt4-libs-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ImageMagick6<6.9.12.44 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-28463 ImageMagick<7.1.0.29 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-28463 ImageMagick6<6.9.12.43 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-32545 ImageMagick<7.1.0.28 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-32545 ImageMagick6<6.9.12.44 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-32546 ImageMagick<7.1.0.29 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-32546 ImageMagick<7.1.0.30 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-32547 ImageMagick6<6.9.12.45 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-32547 SDL2_ttf<2.20.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27470 admesh-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-25033 apache-maven<3.8.3 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-29599 apache-tomcat>=8.5<8.5.82 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-34305 apache-tomcat>=9.0<9.0.65 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-34305 apache<2.4.54 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-26377 apache<2.4.54 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-28614 apache<2.4.54 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-28615 apache<2.4.54 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29404 apache<2.4.54 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30522 apache<2.4.54 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-30556 apache<2.4.54 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-31813 caddy<2.5.0 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2022-29718 clamav<0.103.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-20770 clamav<0.103.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-20771 clamav<0.103.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-20785 clamav<0.103.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-20796 curl<7.83.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-22576 curl<7.83.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-27774 curl<7.83.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-27775 curl<7.83.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-27776 curl<7.83.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2022-27778 curl<7.83.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-27779 curl<7.83.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-27780 curl<7.83.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27781 curl<7.83.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-27782 curl<7.83.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-30115 dpkg<1.21.8 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2022-1664 elasticsearch<7.17.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23712 electrum<4.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31246 ezxml-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-30045 webkit-gtk<2.34.5 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2022-0002.html webkit-gtk<2.34.6 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2022-0003.html webkit-gtk<2.36.0 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2022-0004.html webkit-gtk<2.36.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2022-0005.html ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125002 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125003 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125004 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125005 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125006 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125007 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125008 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125009 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125010 ffmpeg2<2.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-125011 ffmpeg2<2.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-125012 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125013 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125014 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125015 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125016 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125017 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125018 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125019 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125020 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125021 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125022 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125023 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125024 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125025 ffmpeg4<4.4.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1475 ffmpeg5<5.0.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1475 ghostscript-agpl<9.56.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2085 giflib-util-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40633 gimp<2.10.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30067 gimp<2.10.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32990 gitea<1.16.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-1928 gitea<1.17.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27313 go117<1.17.10 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-29526 go118<1.18.2 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-29526 gpac<2.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40592 gpac<2.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41458 gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-1795 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29339 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29340 gpac-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-30976 halibut<1.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-42612 halibut<1.3 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-42613 halibut<1.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-42614 harfbuzz<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33068 htmldoc<1.9.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27114 inkscape<1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-42700 inkscape<1.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-42702 inkscape<1.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-42704 jenkins<2.346.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-34170 jenkins<2.346.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-34171 jenkins<2.346.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-34172 jenkins<2.346.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-34173 jenkins<2.346.1 username-enumeration https://nvd.nist.gov/vuln/detail/CVE-2022-34174 jenkins<2.346.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-34175 knot<5.5.1 dns-cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2022-32983 libdwarf<0.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-32200 libdwarf<0.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34299 libjpeg-turbo<2.1.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-46822 libntfs<2022.5.17 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-30783 libntfs<2022.5.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30784 libntfs<2022.5.17 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-30785 libntfs<2022.5.17 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-30786 libntfs<2022.5.17 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-30787 libntfs<2022.5.17 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-30788 libntfs<2022.5.17 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-30789 libredwg-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-33034 libxml2<2.9.14 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-29824 lighttpd<1.4.59 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30780 lrzip-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33067 mantis<2.25.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-33910 mariadb-server>=10.4<10.4.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31621 mariadb-server>=10.5<10.5.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31621 mariadb-server>=10.6<10.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31621 mariadb-server>=10.4<10.4.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31622 mariadb-server>=10.5<10.5.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31622 mariadb-server>=10.6<10.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31622 mariadb-server>=10.4<10.4.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31623 mariadb-server>=10.5<10.5.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31623 mariadb-server>=10.6<10.6.66 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31623 mariadb-server>=10.4<10.4.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31624 mariadb-server>=10.5<10.5.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31624 mariadb-server>=10.6<10.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31624 matio<1.5.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1515 moodle<4.0.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-30596 moodle<4.0.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-30597 moodle<4.0.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-30598 moodle<4.0.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-30600 mupdf<1.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30974 mupdf<1.3.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-30975 njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29779 njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29780 njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30503 njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31306 njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31307 njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32414 nuitka<0.9 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-2054 openldap<2.6.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-29155 openssl<1.1.1o shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-1292 openssl>=3.0.0<3.0.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-1343 openssl>=3.0.0<3.0.3 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2022-1434 openssl>=3.0.0<3.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1473 openssl<1.1.1p shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-2068 pcre2<10.40 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1586 pcre2<10.40 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1587 php{56,73,74,80,81}-concrete5<9.1.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-21829 php{56,73,74,80,81}-concrete5<9.1.0 arbitrary-file-deletion https://nvd.nist.gov/vuln/detail/CVE-2022-30117 glpi<10.0.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-24876 glpi<10.0.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-29250 php74-mysql<7.4.30 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-31626 php80-mysql<8.0.20 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-31626 php81-mysql<8.1.7 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-31626 php{56,74,80,81}-nextcloud<23.0.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-29163 php{56,74,80,81}-nextcloud<23.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29243 php{56,74,80,81}-owncloud<10.10.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31649 php74-pgsql<7.4.30 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-31625 php80-pgsql<8.0.20 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-31625 php81-pgsql<8.1.7 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-31625 php{56,74,80,81}-piwigo<2.10.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-19212 php{56,74,80,81}-piwigo<2.10.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-19213 php{56,74,80,81}-piwigo<2.10.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-19215 php{56,74,80,81}-piwigo<2.10.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2021-40317 php{56,74,80,81}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-40678 pidgin<2.14.9 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2022-26491 poppler<22.04.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27337 protobuf-c<=1.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33070 py{27,36,37,38,39,310}-JWT<2.4.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-29217 py{27,36,37,38,39,310}-Pillow<9.1.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-30595 py{27,36,37,38,39,310}-aiohttp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33124 py{27,36,37,38,39,310}-bottle<0.12.20 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-31799 py{27,36,37,38,39,310}-cookiecutter<2.1.1 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-24065 py{27,36,37,38,39,310}-flower-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-30034 py{27,36,37,38,39,310}-ldap3<3.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46823 py{27,36,37,38,39,310}-notebook<6.4.12 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-29238 py{27,36,37,38,39,310}-octoprint<1.8.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-1430 py{27,36,37,38,39,310}-octoprint<1.8.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-1432 py{27,36,37,38,39,310}-waitress>=2.1.0<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31015 qemu<7.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3750 radare2<5.5.4 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-44974 radare2<5.5.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-44975 radare2<5.7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1809 radare2<5.7.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1899 redis<7.0.1 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-33105 rsyslog<8.2204.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-24903 ruby{26,27,30,31}-actionpack52-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-22577 ruby{26,27,30,31}-actionpack60<6.0.4.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-22577 ruby{26,27,30,31}-actionpack61<6.1.5.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-22577 ruby{26,27,30,31}-activestorage52<5.2.6.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-21831 ruby{26,27,30,31}-activestorage60<6.0.4.7 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-21831 ruby{26,27,30,31}-activestorage61<6.1.4.7 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-21831 ruby30-base<3.0.4 double-free https://nvd.nist.gov/vuln/detail/CVE-2022-28738 ruby31-base<3.0.4 double-free https://nvd.nist.gov/vuln/detail/CVE-2022-28738 ruby26-base<2.6.10 out-of-bounds-read https:/nvd.nist.gov/vuln/detail/CVE-2022-28739 ruby27-base<2.7.6 out-of-bounds-read https:/nvd.nist.gov/vuln/detail/CVE-2022-28739 ruby30-base<3.0.4 out-of-bounds-read https:/nvd.nist.gov/vuln/detail/CVE-2022-28739 ruby31-base<3.1.2 out-of-bounds-read https:/nvd.nist.gov/vuln/detail/CVE-2022-28739 ruby{26,27,30,31}-jmespath<1.6.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-32511 ruby{26,27,30,31}-mechanize<2.8.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31033 ruby{26,27,30,31}-nokogiri<1.13.6 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-29181 ruby{26,27,30,31}-octokit>=4.23.0<4.25.0 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2022-31072 ruby{26,27,30,31}-rails<1.4.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-32209 ruby{26,27,30,31}-sinatra<2.2.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-29970 salt<3004.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-22967 slurm-wlm<20.11.9.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-29500 slurm-wlm<20.11.9.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-29501 slurm-wlm>=21<21.08.8.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-29502 sofia-sip<1.13.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31001 sofia-sip<1.13.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31002 sofia-sip<1.13.8 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-31003 sox-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3643 sox-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2022-31650 sox-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31651 tcpreplay-[0-9]* format-string https://nvd.nist.gov/vuln/detail/CVE-2022-28487 totd<1.5.3 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-34295 php{56,73,74,80,81}-typo3<7.6.57 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31046 php{56,73,74,80,81}-typo3<7.6.57 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31047 php{56,73,74,80,81}-typo3<8.7.47 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-31048 php{56,73,74,80,81}-typo3<9.5.34 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-31049 php{56,73,74,80,81}-typo3<9.5.34 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-31050 u-boot<2022.07 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-30552 u-boot<2022.07 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-30790 unicorn-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-29692 unicorn<2.0.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-29693 unicorn<2.0.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-29694 unicorn<2.0.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-29695 vault>=1.10.0<1.10.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-30689 vim<8.2.4895 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-1616 vim<8.2.4899 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1619 vim<8.2.4901 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-1620 vim<8.2.4956 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1720 vim<8.2.4968 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1733 vim<8.2.4969 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1735 vim<8.2.4974 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1769 vim<8.2.4975 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1771 vim<8.2.4977 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-1785 vim<8.2.4979 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-1796 vim<8.2.5013 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1851 vim<8.2.5016 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1886 vim<8.2.5023 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-1897 vim<8.2.5024 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-1898 vim<8.2.5037 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1927 vim<8.2.5043 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1942 vim<8.2.5050 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-1968 vim<8.2.5063 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-2000 vim<8.2.5072 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-2042 vim<8.2.5120 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2124 vim<8.2.5122 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2125 vim<8.2.5123 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2126 vim<8.2.5126 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-2129 vim<8.2.5148 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2175 vim<8.2.5150 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2182 vim<8.2.5151 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2183 xenkernel413<4.13.4nb1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-26362 xenkernel415<4.15.2nb2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-26362 xenkernel413<4.13.4nb1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-26363 xenkernel415<4.15.2nb2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-26363 xenkernel413<4.13.4nb1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-26364 xenkernel415<4.15.2nb2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-26364 xfce4-exo<4.16.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-32278 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30524 nodejs>=14<14.19.0 weak-encryption https://nvd.nist.gov/vuln/detail/CVE-2022-2097 nodejs>=14<14.20.1 dns-rebinding https://nvd.nist.gov/vuln/detail/CVE-2022-32212 nodejs>=14<14.20.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32213 nodejs>=14<14.19.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32214 nodejs>=14<14.19.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32215 nodejs>=14<14.19.0 dll-hijacking https://nvd.nist.gov/vuln/detail/CVE-2022-32223 nodejs>=16<16.16.0 weak-encryption https://nvd.nist.gov/vuln/detail/CVE-2022-2097 nodejs>=16<16.16.0 dns-rebinding https://nvd.nist.gov/vuln/detail/CVE-2022-32212 nodejs>=16<16.16.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32213 nodejs>=16<16.16.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32214 nodejs>=16<16.16.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32215 nodejs>=16<16.16.0 dll-hijacking https://nvd.nist.gov/vuln/detail/CVE-2022-32223 nodejs>=18<18.5.0 weak-encryption https://nvd.nist.gov/vuln/detail/CVE-2022-2097 nodejs>=18<18.9.1 dns-rebinding https://nvd.nist.gov/vuln/detail/CVE-2022-32212 nodejs>=18<18.9.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32213 nodejs>=18<18.5.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32214 nodejs>=18<18.9.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32215 nodejs>=18<18.9.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-32222 vim<8.2.5160 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2206 vim<8.2.5164 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-2210 vim<8.2.5163 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-2208 vim<8.2.5162 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2207 vim<8.2.5169 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-2231 vim<9.0.0009 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2257 vim<9.0.0011 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2264 vim<9.0.0020 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2286 vim<9.0.0018 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2285 vim<9.0.0017 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2284 vim<9.0.0021 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2287 vim<9.0.0025 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-2288 vim<9.0.0026 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-2289 vim<9.0.0035 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2304 vim<9.0.0046 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2344 vim<9.0.0045 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2343 vim<9.0.0047 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-2345 libredwg-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2022-33033 libredwg-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-33027 libredwg-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-33026 libredwg-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-33032 libredwg-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-33028 libredwg-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33024 libredwg-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-33025 gpac<2.0.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40942 gpac<2.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40607 gpac<2.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40944 gpac<2.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40608 gpac<2.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40609 gpac<2.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40606 curl<7.84.0 insecure-temp-file https://nvd.nist.gov/vuln/detail/CVE-2022-32207 curl<7.84.0 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2022-32208 curl<7.84.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32206 curl<7.84.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32205 glpi<10.0.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-31061 glpi<10.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31068 glpi<10.0.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-31056 mediawiki<1.39.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-34750 mediawiki<1.38.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-34912 mediawiki<1.38.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-34911 salt<3004.2. authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-2282 jetty<9.4.47 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2048 jetty<9.4.47 improper-session-handling https://nvd.nist.gov/vuln/detail/CVE-2022-2047 webmin<1.997 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2022-36446 webmin<1.995 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-36880 vim<9.0.0060 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2522 vim<9.0.0100 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-2598 vim<9.0.0104 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2581 vim<9.0.0102 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2580 vim<9.0.0101 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2571 unbound<1.16.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30699 unbound<1.16.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30698 lrzip-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-33451 lrzip-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-33453 yasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-33468 yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33465 yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33466 yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33459 yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33456 yasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-33467 yasm-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33464 yasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-33462 yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33463 yasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-33461 yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33460 yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33458 yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33457 yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33454 yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33455 u-boot<2022.07 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-34835 u-boot<2022.07 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-33103 u-boot<2022.07 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33967 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33108 radare2-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-34520 radare2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34502 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2454 gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-2453 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-2549 njs<0.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34032 njs<0.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34031 njs<0.7.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-34029 njs<0.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34030 njs<0.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34028 njs<0.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34027 nasm-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-33450 nasm-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-33452 gstreamer1<1.20.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2122 gstreamer1<1.20.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1924 gstreamer1<1.20.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1923 gstreamer1<1.20.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1921 gstreamer1<1.20.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1922 gstreamer1<1.20.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-1920 gstreamer1<1.20.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1925 opa<0.42.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33082 dovecot<2.3.20 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-30550 caddy<2.5.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34037 autotrace-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-32323 picoc-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-34556 qpdf<10.3.2 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-34503 libxml2<2.9.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-3709 py{27,36,37,38,39,310}-lxml<4.9.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-2309 libxml2<2.10.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-2309 htmldoc<1.9.12 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-34035 htmldoc<1.9.16 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-34033 p5-HTTP-Daemon<6.15 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-31081 mplayer-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32317 grub2<2.12 buffer-underflow https://nvd.nist.gov/vuln/detail/CVE-2021-3697 grub2<2.12 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-3696 grub2<2.12 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-3695 vault<1.11.1 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2022-36129 wavpack-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-2476 tor>=0.4.7<0.4.7.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33903 moodle<4.0.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-35650 moodle<4.0.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-35653 moodle<4.0.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-35652 moodle<4.0.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-35651 moodle<4.0.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-35649 mbedtls<2.28.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-35409 gdk-pixbuf2<2.42.8 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-46829 gradle<7.5.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31156 py{27,36,37,38,39,310}-ujson<5.4.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-31116 py{27,36,37,38,39,310}-ujson<5.4.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2022-31117 tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2056 tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2058 tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2057 tiff<4.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34266 mysql-server>=8.0<8.0.30 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixMSQL mysql-server>=7.6<7.6.23 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixMSQL mysql-server>=7.0<7.4.37 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixMSQL mysql-server<5.7.39 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixMSQL mysql-cluster>=8.0<8.0.30 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixMSQL mysql-cluster>=7.6<7.6.23 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixMSQL mysql-cluster>=7.0<7.4.37 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixMSQL matrix-synapse<1.61.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31052 ruby{26,27,30,31}-mysql<2.10.0 local-file-read https://nvd.nist.gov/vuln/detail/CVE-2021-3779 php{56,73,74,80,81}-piwigo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-40553 jpegoptim-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-32325 libreoffice<7.3.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2022-26305 libreoffice<7.3.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-26307 libreoffice<7.3.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-26306 qemu<7.1.0 uninitialized-buffer https://nvd.nist.gov/vuln/detail/CVE-2022-35414 grafana>=9.0.0<9.0.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-31097 grafana<8.5.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-31097 grafana>=9.0.0<9.0.3 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-31107 grafana<8.5.9 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-31107 gnutls<3.7.7 double-free https://nvd.nist.gov/vuln/detail/CVE-2022-2509 gsasl<2.0.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2469 py{36,37,38,39,310}-django>=3.2<3.2.14 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-34265 py{36,37,38,39,310}-django>=4.0<4.0.6 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-34265 php{56,74,80,81}-nextcloud<23.0.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31014 rt4-[0-9]* open-redirect https://nvd.nist.gov/vuln/detail/CVE-2022-25803 rt4<4.4.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-25802 php{56,73,74,80,81}-piwigo-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-32297 ruby{26,27,30,31}-tzinfo<1.2.10 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2022-31163 py{27,36,37,38,39,310}-mistune<2.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34749 php>=8.1<8.1.8 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-31627 SDL-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-34568 packagekit-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-0987 squid4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46784 py{27,36,37,38,39,310}-sanic<22.6.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2022-35920 lua54<5.4.5 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-33099 mariadb-server<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32089 mariadb-server>=10.6.0<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32089 mariadb-server<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32087 mariadb-server>=10.5.0<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32087 mariadb-server>=10.6.0<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32087 mariadb-server<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32085 mariadb-server>=10.5.0<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32085 mariadb-server>=10.6.0<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32085 mariadb-server<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32082 mariadb-server>=10.6.0<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32082 mariadb-server<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32086 mariadb-server>=10.5.0<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32086 mariadb-server>=10.6.0<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32086 mariadb-server<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32084 mariadb-server>=10.5.0<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32084 mariadb-server>=10.6.0<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32084 mariadb-server<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32083 mariadb-server>=10.5.0<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32083 mariadb-server>=10.6.0<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32083 mariadb-server<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32088 mariadb-server>=10.5.0<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32088 mariadb-server>=10.6.0<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32088 mariadb-server<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32081 mariadb-server>=10.5.0<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32081 mariadb-server>=10.6.0<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32081 gnupg2<2.2.36 signature-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-34903 openssl<1.1.1q weak-encryption https://nvd.nist.gov/vuln/detail/CVE-2022-2097 rsync<3.2.5 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2022-29154 frr-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-37035 milkytracker-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-34927 sqlite3<3.39.2 array-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35737 moodle<3.8.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-1754 py{36,37,38,39,310}-django>=3.2<3.2.15 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-36359 py{36,37,38,39,310}-django>=4.0<4.0.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-36359 py{27,36,37,38,39,310}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-31175 php{56,74,80,81}-nextcloud<22.2.7 excessive-logging https://nvd.nist.gov/vuln/detail/CVE-2022-31120 php{56,74,80,81}-nextcloud>=23.0<23.0.4 excessive-logging https://nvd.nist.gov/vuln/detail/CVE-2022-31120 php{56,74,80,81}-nextcloud<22.2.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31118 php{56,74,80,81}-nextcloud>=23.0<23.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31118 php{56,74,80,81}-nextcloud>=24.0<24.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31118 zlib-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-37434 libmpeg2-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-37416 exim4<4.96 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-37451 exim4<4.95 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-37452 openjdk7<1.7.344 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixJAVA openjdk8<1.8.334 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixJAVA openjdk11<1.11.0.15.2 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixJAVA libxslt<1.1.34nb10 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-30560 expat<2.4.9 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-40674 routinator<0.11.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3029 bind916<9.16.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38178 bind916<9.16.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38177 bind916<9.16.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3080 bind916<9.16.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2795 unbound<1.16.3 denial-of-service https://nlnetlabs.nl/downloads/unbound/CVE-2022-3204.txt redis>7<7.0.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-35951 ruby25-* eol https://www.ruby-lang.org/en/downloads/branches/ ruby26-* eol https://www.ruby-lang.org/en/downloads/branches/ nodejs>=14<14.20.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32256 nodejs>=18<18.9.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32255 nodejs>=18<18.9.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32256 php>=7.4<7.4.32 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-31628 php>=8.0<8.0.24 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-31628 php>=8.0<8.0.24 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-31629 php>=8.1<8.1.11 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-31628 php>=8.1<8.1.11 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-31629 drupal<9.3.22 multiple-vulnerabilities https://www.drupal.org/sa-core-2022-016 sqlite3<3.39.4 integer-overflow https://sqlite.org/news.html#2022_09_29 go118<1.18.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2879 go119<1.19.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2879 isc-dhcpd<4.4.3p1 integer-overflow https://kb.isc.org/docs/cve-2022-2928 isc-dhcpd<4.4.3p1 memory-leak https://kb.isc.org/docs/cve-2022-2929 isc-dhcp4-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages isc-dhcpd4-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages isc-dhclient4-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages isc-dhcrelay4-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xterm<375 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45063 postgresql10-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages py{27,36,37,38,39,310}-sip<5 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages emacs20-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939 emacs21-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939 emacs21-nox11-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939 emacs25-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939 emacs25-nox11-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939 emacs26-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939 emacs26-nox11-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939 emacs27-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939 emacs27-nox11-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939 emacs28<28.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939 emacs28-nox11<28.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939 rust<1.66.1 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2022-46176 libXpm<3.5.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-46285 libXpm<3.5.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44617 libXpm<3.5.15 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-4883 motif-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-46285 motif-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44617 motif-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-4883 heimdal<7.8.0nb2 unknown-impact https://nvd.nist.gov/vuln/detail/CVE-2022-45142 py{36,37,38,39,310,311}-django>=3.2<3.2.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-23969 py{36,37,38,39,310,311}-django>=3.2<3.2.18 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-24580 gnutls<3.7.9 side-channel https://nvd.nist.gov/vuln/detail/CVE-2023-0361 git-base<2.39.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-41903 git-base<2.39.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-23521 git-base<2.39.2 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2023-22490 git-base<2.39.2 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2023-23946 curl>=7.57.0<7.88.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-23916 haproxy<2.7.3 http-response-smuggling https://nvd.nist.gov/vuln/detail/CVE-2023-25725 webkit-gtk<2.38.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-23529 vim<9.0.0224 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-2874 vim<9.0.0211 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2819 vim<9.0.0213 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-2817 vim<9.0.0212 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2816 vim<9.0.0218 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2845 vim<9.0.0220 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2849 vim<9.0.0221 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-2862 vim<9.0.0225 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-2889 vim<9.0.0240 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-2923 vim<9.0.0246 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-2946 vim<9.0.0260 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-2982 vim<9.0.0259 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-2980 vim<9.0.0286 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3016 vim<9.0.0322 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3037 vim<9.0.0360 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3099 vim<9.0.0389 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3134 vim<9.0.0404 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-3153 vim<9.0.0483 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3234 vim<9.0.0490 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3235 vim<9.0.0530 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3256 vim<9.0.0552 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-3278 vim<9.0.0577 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3296 vim<9.0.0598 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3324 vim<9.0.0579 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3297 vim<8.2.4959 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-1725 vim<9.0.0614 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3352 vim<9.0.0805 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3705 vim<9.0.0946 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-4141 vim<9.0.0789 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3591 vim<9.0.0765 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3520 vim<9.0.0742 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3491 vim<9.0.0882 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-4292 vim<9.0.0804 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2022-4293 vim<9.0.1144 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0051 vim<9.0.1143 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-0049 vim<9.0.1145 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-0054 vim<9.0.1189 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0288 vim>=8.1.2269<9.0.0339 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-47024 vim<9.0.1225 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0433 vim<9.0.1247 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2023-0512 picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44321 picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44320 picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44319 picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44318 picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44317 picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44315 picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44316 picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44314 picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44313 picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44312 zoneminder<1.37.24 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39290 zoneminder<1.37.24 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39291 zoneminder<1.37.24 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39289 zoneminder<1.37.24 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39285 zoneminder<1.37.24 session-hijack https://nvd.nist.gov/vuln/detail/CVE-2022-30769 zoneminder<1.37.24 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-30768 openimageio<2.5.0.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-41794 openimageio<2.5.0.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-41981 openimageio<2.5.0.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-43597 openimageio<2.5.0.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-43598 openimageio<2.5.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41639 openimageio<2.5.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41684 openimageio<2.5.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41999 openimageio<2.5.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43603 openimageio<2.5.0.0 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-41838 openimageio<2.5.0.0 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43592 openimageio<2.5.0.0 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43596 openimageio<2.5.0.0 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43599 openimageio<2.5.0.0 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43600 openimageio<2.5.0.0 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43601 openimageio<2.5.0.0 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43602 openimageio<2.5.0.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-41837 openimageio<2.5.0.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-43593 openimageio<2.5.0.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-43594 openimageio<2.5.0.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-43595 openimageio<2.5.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-36354 openimageio<2.5.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-38143 openimageio<2.4.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41649 openimageio<2.5.0.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41977 openimageio<2.5.0.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41988 redis>=7<7.0.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35951 redis>=7<7.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-22458 redis>=6.0<6.0.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35977 redis>=6.2<6.2.9 denial-of-service https://nvd.nist.gov/vuln/detail/cve-2022-35977 redis>=7<7.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35977 advancecomp-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35020 advancecomp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35019 advancecomp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35018 advancecomp-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35017 advancecomp-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35016 advancecomp-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35015 advancecomp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35014 nasm-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-41420 nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-46457 nasm-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-46456 tcpreplay-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-37049 tcpreplay-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-37048 tcpreplay-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-37047 binwalk<2.3.3 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2021-4287 binwalk>=2.2<2.3.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-4510 upx<3.96 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2020-27790 upx<3.96 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27787 upx<3.96 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27788 upx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-23457 upx-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-23456 ampache<5.5.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-0606 ampache<5.5.7 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-0771 bind>=9.18.0<9.18.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2906 bind>=9.19.0<9.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2906 bind>=9.18.0<9.18.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2881 bind>=9.19.0<9.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2881 bind>=9.16.12<9.16.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3924 bind>=9.18.0<9.18.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3924 bind>=9.19.0<9.19.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3924 bind>=9.16.12<9.16.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3736 bind>=9.18.0<9.18.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3736 bind>=9.19.0<9.19.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3736 xpdf-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38238 xpdf-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38237 xpdf-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38236 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38235 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38233 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38234 xpdf-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38231 xpdf-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2022-38230 xpdf-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38229 xpdf-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38228 xpdf-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38227 xpdf<4.04 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38171 xpdf<4.04 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-24107 xpdf<4.04 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-24106 xpdf<4.05 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-36561 xpdf<4.04 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38334 xpdf<4.05 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38928 xpdf<4.05 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38222 xpdf<4.05 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41842 xpdf<4.05 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41844 xpdf<4.05 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41843 xpdf<4.04 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40226 xpdf<4.05 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43295 xpdf<4.05 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43071 xpdf<4.04 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36493 grafana<9.1.6 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-35957 grafana<9.1.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-36062 grafana<9.1.8 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-39201 grafana<9.1.8 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-39229 grafana<9.1.8 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-31130 grafana<9.1.8 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-31123 grafana>=9.2.0<9.2.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-39328 grafana<9.2.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39307 grafana<9.2.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39306 grafana<9.2.8 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-39324 grafana<9.3.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-23552 grafana<9.3.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-23498 libde265<1.0.10 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43253 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43252 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43250 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43249 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43248 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43245 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43244 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43243 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43242 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43241 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43240 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43238 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43237 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43239 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43236 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43235 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47655 heimdal<7.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41916 heimdal<7.7.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-44640 heimdal<7.7.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-44758 curl<7.85.0 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-35252 curl>=7.77.0<7.86.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-42916 curl>=7.77.0<7.86.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2022-42915 curl>=7.84.0<7.86.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35260 curl<7.86.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-32221 curl>=7.77.0<7.87.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-43551 curl<7.87.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-43552 freeradius-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-41860 freeradius-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41861 freeradius-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41859 freerdp2<2.8.1 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2022-39283 freerdp2<2.8.1 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2022-39282 freerdp2<2.9.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-41877 freerdp2<2.9.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-39347 freerdp2<2.9.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-39320 freerdp2<2.9.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-39319 freerdp2<2.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-39318 freerdp2<2.9.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-39316 freerdp2<2.9.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-39317 fribidi<1.0.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-25310 fribidi<1.0.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-25309 fribidi<1.0.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-25308 glpi>=0.65<10.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39376 glpi<10.0.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39375 glpi>=10.0.0<10.0.4 code-injection https://nvd.nist.gov/vuln/detail/CVE-2022-39373 glpi>=0.70<10.0.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39372 glpi>=10.0.0<10.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39371 glpi<10.0.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-39370 glpi<10.0.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-39323 glpi>=0.60<10.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39277 glpi<10.0.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39262 glpi<10.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39276 glpi<10.0.4 access-validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-39234 glpi<10.0.3 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-35947 glpi<10.0.3 html-attribute-injection https://nvd.nist.gov/vuln/detail/CVE-2022-31187 glpi<10.0.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-36112 glpi<10.0.3 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-35946 glpi<10.0.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31143 glpi<10.0.3 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-35945 glpi-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39181 glpi<10.0.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-23610 glpi<10.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-22725 glpi<10.0.6 access-validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-22500 glpi<10.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-22724 glpi<10.0.6 url-injection https://nvd.nist.gov/vuln/detail/CVE-2023-22722 glpi<10.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-41941 wordpress<6.0.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-43500 wordpress<6.0.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-43504 wordpress<6.0.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-43497 wordpress-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-3590 wordpress-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-22622 radare2<4.4.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2020-27794 radare2<4.4.0 off-by-one https://nvd.nist.gov/vuln/detail/CVE-2020-27793 radare2<4.4.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-27795 radare2-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-4398 radare2<5.8.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-4843 radare2<5.8.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-0302 exim-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3559 exim-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3620 sox-[0-9]* division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-33844 sox-[0-9]* division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-23210 sox-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-23172 sox-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-23159 tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2869 tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2868 tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2867 tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2953 tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2521 tiff<4.5.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2022-2519 tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2520 tiff<4.4.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1355 tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1354 tiff<4.5.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-3599 tiff<4.5.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-3598 tiff<4.5.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-3627 tiff<4.5.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-3626 tiff<4.5.0 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3570 tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3970 tiff<4.5.1 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-48281 libraw<0.21.1 ut-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35535 libraw<0.21.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35533 libraw<0.21.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35531 libraw<0.21.1 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-35534 libraw<0.21.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-35530 libraw<0.21.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35532 libredwg<0.12.4.4608 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-35164 libredwg-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-45332 blender<3.3.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-2833 blender<3.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2832 blender<3.3.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2831 consul<1.11.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-41803 consul<1.12.5 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-40716 consul<1.24.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-3920 rpm<4.17.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-3521 rpm<4.18.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-35938 rpm<4.18.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-35937 rpm<4.18.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-35939 typo3<8 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages wireshark<3.6.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3725 wireshark<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-4345 wireshark<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-4344 wireshark<4.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0417 wireshark<4.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0416 wireshark<4.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0415 wireshark<4.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0414 wireshark<4.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0413 wireshark<4.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0412 wireshark<4.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0411 wolfssl<5.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34293 wolfssl>=5.3.0<5.5.0 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2022-38153 wolfssl<5.5.0 unknown-impact https://nvd.nist.gov/vuln/detail/CVE-2022-38152 wolfssl<5.1.0 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-44718 wolfssl<5.5.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-39173 wolfssl<5.5.0 privacy-leak https://nvd.nist.gov/vuln/detail/CVE-2022-42961 wolfssl<5.5.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-42905 wkhtmltopdf<0.12.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-21365 wkhtmltopdf-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-35583 moodle<3.8.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-1756 moodle<3.8.2 url-spoofing https://nvd.nist.gov/vuln/detail/CVE-2020-1755 moodle<3.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14322 moodle<3.8.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-14321 moodle<3.9.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-14320 moodle<4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-36568 moodle<3.11.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-40695 moodle<3.11.3 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-40694 moodle<3.11.3 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-40693 moodle<3.11.3 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-40692 moodle<3.11.3 session-hijack https://nvd.nist.gov/vuln/detail/CVE-2021-40691 moodle<4.0.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-40315 moodle<4.0.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-40316 moodle<4.0.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-40314 moodle<4.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-40313 moodle<4.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-45151 moodle<4.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-45150 moodle<4.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-45149 moodle<4.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-45152 py{36,37,38,39,310,311}-octoprint<1.8.3 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-2930 py{36,37,38,39,310,311}-octoprint<1.8.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-3068 py{36,37,38,39,310,311}-octoprint<1.8.3 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-2888 py{36,37,38,39,310,311}-octoprint<1.8.3 remote-file-write https://nvd.nist.gov/vuln/detail/CVE-2022-2872 py{36,37,38,39,310,311}-octoprint<1.8.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-3607 php{56,73,74,80,81}-concrete5<8.5.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-43967 php{56,73,74,80,81}-concrete5<8.5.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-43692 php{56,73,74,80,81}-concrete5<8.5.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-43691 php{56,73,74,80,81}-concrete5<8.5.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-43968 php{56,73,74,80,81}-concrete5<8.5.10 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-43695 php{56,73,74,80,81}-concrete5<8.5.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-43694 php{56,73,74,80,81}-concrete5<8.5.10 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-43690 php{56,73,74,80,81}-concrete5<8.5.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-43689 php{56,73,74,80,81}-concrete5<8.5.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43686 php{56,73,74,80,81}-concrete5<8.5.10 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-43687 php{56,73,74,80,81}-concrete5<8.5.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-43556 lighttpd<1.4.67 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37797 lighttpd>=1.4.56<1.4.67 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-41556 varnish<7.1.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-38150 varnish<7.2.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-45059 mediawiki<1.38.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-39194 mediawiki<1.37.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-28203 mediawiki<1.37.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-28204 mediawiki<1.37.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-28201 mediawiki<1.38.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-42049 mediawiki<1.37.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-44855 mediawiki<1.37.1 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2021-44854 mediawiki<1.38.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41767 mediawiki<1.38.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41765 mediawiki<1.37.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-44856 mediawiki<1.38.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-22911 mediawiki<1.39.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-22909 mediawiki<1.39.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-22945 mediawiki<1.39.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-47927 mediawiki<1.39.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-22912 mediawiki<1.39.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-22910 mediawiki-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39193 mbedtls<2.28.2 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-46393 mbedtls>=3<3.3.0 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-46393 mbedtls<2.28.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-46392 mbedtls>=3<3.3.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-46392 mbedtls<2.16.11 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-36647 mbedtls>=2.17<2.27 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-36647 mbedtls>=2.28.0<3.0.0 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-36647 gitea<1.16.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-38183 gitea<1.17.3 command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-42968 squid<5.7 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-41318 squid>=4.9<4.17 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41317 squid>=5.0.6<5.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41317 tiff<4.5.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-0804 tiff<4.5.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-0803 tiff<4.5.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-0802 tiff<4.5.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-0801 tiff<4.5.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-0800 tiff<4.5.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-0799 tiff<4.5.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-0798 tiff<4.5.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-0797 tiff<4.5.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-0796 tiff<4.5.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-0795 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-45587 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-45586 py{36,37,38,39,310,311}-werkzeug<2.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-25577 py{36,37,38,39,310,311}-werkzeug<2.2.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-23934 php{56,73,74,80,81}-nextcloud<24.0.8 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2023-25162 php{56,73,74,80,81}-nextcloud<25.0.1 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2023-25161 py{27,36,37,38,39,310,311}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-48110 postgresql-timescaledb<2.9.3 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2023-25149 cmark-gfm<0.29.0.gfm.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-39209 cmark-gfm<0.29.0.gfm.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-22485 cmark-gfm<0.29.0.gfm.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-22484 cmark-gfm<0.29.0.gfm.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-22483 cmark-gfm<0.29.0.gfm.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-22486 ap-modsecurity2<2.9.7 filtering-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-24021 ap-modsecurity2<2.9.6 filtering-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-48279 apache>=2.4.0<2.4.55 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-36760 apache<2.4.55 remote-memory-read https://nvd.nist.gov/vuln/detail/CVE-2006-20001 apache<2.4.55 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2022-37436 nginx<1.22.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41742 nginx<1.22.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41741 zabbix-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-40626 zabbix-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-43515 xfig<3.2.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40241 webmin<2.003 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-3844 wayland<1.20.91 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3782 w3m<0.5.3.0.20230121 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-38223 viewvc<1.1.29 arbitrary-file-creation https://nvd.nist.gov/vuln/detail/CVE-2023-22456 viewvc>=1.2.0<1.2.2 arbitrary-file-creation https://nvd.nist.gov/vuln/detail/CVE-2023-22456 viewvc<1.1.30 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-22464 viewvc>=1.2.0<1.2.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-22464 jasper<4.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40755 net-snmp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44793 net-snmp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44792 pspp-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-39831 pspp-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-39832 samba<4.14.13 unspecified https://nvd.nist.gov/vuln/detail/CVE-2021-3670 samba>=4.15<4.15.6 unspecified https://nvd.nist.gov/vuln/detail/CVE-2021-3670 samba<4.15.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20316 samba>=4.13.14<4.14.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32745 samba>=4.15.2<4.15.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32745 samba>=4.16.0<4.16.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32745 samba>=4.3.0<4.14.14 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-32744 samba>=4.15.0<4.15.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-32744 samba>=4.16.0<4.16.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-32744 samba<4.14.14 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-32742 samba>=4.15.0<4.15.9 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-32742 samba>=4.16.0<4.16.4 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-32742 samba<4.14.14 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-2031 samba>=4.15.0<4.15.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-2031 samba>=4.16.0<4.16.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-2031 samba>=4.0.0<4.13.17 insecure-defaults https://nvd.nist.gov/vuln/detail/CVE-2022-0336 samba>=4.14.0<4.14.12 insecure-defaults https://nvd.nist.gov/vuln/detail/CVE-2022-0336 samba>=4.15.0<4.15.4 insecure-defaults https://nvd.nist.gov/vuln/detail/CVE-2022-0336 samba<4.17.1 insecure-defaults https://nvd.nist.gov/vuln/detail/CVE-2022-32743 samba<4.17.1 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2022-1615 samba>=4.0.0<4.15.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3437 samba>=4.16.0<4.16.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3437 samba>=4.17.0<4.17.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3437 samba>=4.17.0<4.17.2 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2022-3592 samba-[0-9]* sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14628 ffmpeg5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-3965 ffmpeg4-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-3964 ffmpeg3-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-3109 ffmpeg5<5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3341 ffmpeg5-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-2566 sqlite3<3.40.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-46908 sqlite3<3.32.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35527 sqlite3<3.32.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-35525 powerdns-recursor>=4.5.0<4.5.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37428 powerdns-recursor>=4.6.0<4.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37428 powerdns-recursor>=4.7.0<4.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37428 powerdns-recursor>=4.8.0<4.8.1 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2023-22617 open-vm-tools-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2009-1143 open-vm-tools-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2009-1142 dbus<1.12.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42012 dbus>=1.13.0<1.14.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42012 dbus>=1.15.0<1.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42012 dbus<1.12.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42011 dbus>=1.13.0<1.14.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42011 dbus>=1.15.0<1.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42011 dbus<1.12.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42010 dbus>=1.13.0<1.14.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42010 dbus>=1.15.0<1.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42010 apr<1.7.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-24963 apr-util<1.6.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-25147 p5-libapreq2<2.18 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-22728 gpac-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0819 gpac-[0-9]* off-by-one https://nvd.nist.gov/vuln/detail/CVE-2023-0818 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0817 gpac-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0841 php>=8.0<8.0.28 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2023-0568 php>=8.1<8.1.16 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2023-0568 php>=8.2<8.2.3 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2023-0568 php>=8.0<8.0.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0662 php>=8.1<8.1.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0662 php>=8.2<8.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0662 apache-tomcat>=8.5.0<8.5.78 unspecified https://nvd.nist.gov/vuln/detail/CVE-2021-43980 apache-tomcat>=9<9.0.61 unspecified https://nvd.nist.gov/vuln/detail/CVE-2021-43980 apache-tomcat>=8.5.0<8.5.83 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-42252 apache-tomcat>=9.0.0<9.0.68 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-42252 apache-tomcat>=9.0.40<9.0.69 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-45143 hdf5-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-26061 hdf5-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-25972 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-25942 hdf5-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-37501 gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-36190 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-36186 gpac-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38530 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3178 gpac<2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3222 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43045 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43044 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43043 gpac-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43042 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43039 gpac-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43040 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-43255 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-43254 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-3957 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-45204 gpac-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-45202 gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-45343 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-4202 gpac-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-45283 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47663 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47662 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47661 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47659 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47658 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47657 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47660 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47656 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47654 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47653 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47095 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-47094 gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-47093 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47092 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47091 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47089 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47088 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47087 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47086 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-46490 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-46489 gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-0358 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-23145 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-23144 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-23143 gpac-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0760 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0770 htmldoc<1.9.12 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33235 htmldoc<1.9.12 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33236 htmldoc<1.9.15 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0137 go117<1.17.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32189 go118<1.18.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32189 go117<1.17.12 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2022-32148 go118<1.18.4 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2022-32148 go117<1.17.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30635 go118<1.18.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30635 go117<1.17.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30633 go118<1.18.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30633 go117<1.17.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30632 go118<1.18.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30632 go117<1.17.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30631 go118<1.18.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30631 go117<1.17.11 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2022-30629 go118<1.18.3 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2022-30629 go117<1.17.11 code-injection https://nvd.nist.gov/vuln/detail/CVE-2022-30580 go118<1.18.3 code-injection https://nvd.nist.gov/vuln/detail/CVE-2022-30580 go117<1.17.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30630 go118<1.18.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30630 go117<1.17.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-28131 go118<1.18.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-28131 go117<1.17.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1962 go118<1.18.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1962 go117<1.17.12 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-1705 go118<1.18.4 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-1705 go118<1.18.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27664 go119<1.19.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27664 go118<1.18.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41715 go119<1.19.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41715 go118<1.18.7 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-2880 go119<1.19.2 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-2880 go118<1.18.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41717 go119<1.19.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41717 go119<1.19.1 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2022-32190 php{56,73,74,80,81}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-37183 py{36,37,38,39,310,311}-django>=3.2<3.2.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41323 py{36,37,38,39,310,311}-django>=4.0<4.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41323 py{36,37,38,39,310,311}-django>=4.1<4.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41323 py{27,36,37,38,39,310,311}-django-photologue<3.16 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-4526 gpac-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0866 thunderbird<91.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43529 jhead-[0-9]* command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-41751 jhead-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-34055 rust<1.65.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-36113 rust<1.65.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-36114 ruby{26,27,30,31}-activerecord60<6.0.5.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-32224 ruby{26,27,30,31}-activerecord61<6.1.6.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-32224 ruby{26,27,30,31}-activerecord70<7.0.3.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-32224 ruby{26,27,30,31}-activerecord60<6.0.6.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-22794 ruby{26,27,30,31}-activerecord61<6.1.7.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-22794 ruby{26,27,30,31}-activerecord70<7.0.4.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-22794 ruby{26,27,30,31}-activerecord61<6.1.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44566 ruby{26,27,30,31}-activerecord70<7.0.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44566 exctags-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-4515 expat<2.5 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-43680 openexr<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20304 openexr<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20298 php{56,73,74,80,81}-nextcloud<22.2.11 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-36074 php{56,73,74,80,81}-nextcloud>=23<23.0.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-36074 php{56,73,74,80,81}-nextcloud>=24<24.0.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-36074 php{56,73,74,80,81}-nextcloud<22.2.10.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39211 php{56,73,74,80,81}-nextcloud>=23<23.0.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39211 php{56,73,74,80,81}-nextcloud>=24<24.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39211 php{56,73,74,80,81}-nextcloud<23.0.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39329 php{56,73,74,80,81}-nextcloud>=24<24.0.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39329 php{56,73,74,80,81}-nextcloud<22.2.10.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39364 php{56,73,74,80,81}-nextcloud>=23<23.0.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39364 php{56,73,74,80,81}-nextcloud>=24<24.0.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39364 php{56,73,74,80,81}-nextcloud<22.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-39330 php{56,73,74,80,81}-nextcloud>=23<23.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-39330 php{56,73,74,80,81}-nextcloud>=24<24.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-39330 php{56,73,74,80,81}-nextcloud<22.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-39346 php{56,73,74,80,81}-nextcloud>=23<23.0.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-39346 php{56,73,74,80,81}-nextcloud>=24<24.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-39346 php{56,73,74,80,81}-nextcloud>=24<24.0.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41970 php{56,73,74,80,81}-nextcloud>=25<25.0.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41970 php{56,73,74,80,81}-nextcloud>=23<23.0.10 insufficient-input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-41968 php{56,73,74,80,81}-nextcloud>=24<24.0.5 insufficient-input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-41968 php{56,73,74,80,81}-nextcloud>=23<23.0.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41969 php{56,73,74,80,81}-nextcloud>=24<24.0.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41969 php{56,73,74,80,81}-nextcloud>=24<24.0.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-25159 php{56,73,74,80,81}-nextcloud>=25<25.0.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-25159 firefox<96 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-01/ firefox91<91.5 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-02/ thunderbird<91.5 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-03/ firefox<97 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-04/ firefox91<91.6 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-05/ thunderbird<91.6 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-06/ thunderbird<91.6.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-07/ firefox<97.0.2 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-09/ firefox91<91.6.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-09/ firefox<98 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-10/ firefox91<91.7 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-11/ thunderbird<91.7 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-12/ firefox<99 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-13/ firefox91<91.8 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-14/ thunderbird<91.8 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-15/ firefox<100 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-16/ firefox91<91.9 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-17/ thunderbird<91.9 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-18/ firefox<100.0.2 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-19/ firefox91<91.9.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-19/ thunderbird<91.9.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-19/ firefox<101 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-20/ firefox91<91.10 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-21/ thunderbird<91.10 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-22/ firefox<102 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-24/ firefox91<91.11 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-25/ thunderbird<102 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-26/ firefox<103 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-28/ firefox91<91.12 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-29/ firefox102<102.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-30/ thunderbird<91.12 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-31/ thunderbird<102.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-32/ firefox<104 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-33/ thunderbird<102.2.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-38/ thunderbird<91.13.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-39/ firefox<105 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-40/ firefox102<102.3 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-41/ thunderbird<102.3 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-42/ firefox<107 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-47/ firefox102<102.5 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-48/ firefox102<102.5 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-49/ xentools411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42326 xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42326 xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42326 xentools411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42325 xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42325 xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42325 xentools413-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-42324 xentools411-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-42323 xentools413-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-42323 xentools415-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-42323 xentools413-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-42322 xentools415-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-42322 xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42321 xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42321 xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42319 xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42319 xentools413-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-42320 xentools415-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-42320 xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42317 xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42317 xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42318 xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42318 xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42316 xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42316 xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42315 xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42315 xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42314 xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42314 xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42313 xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42313 xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42312 xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42312 xentools413-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-42310 xentools415-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-42310 xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42311 xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42311 xentools413-[0-9]* expired-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-42309 xentools415-[0-9]* expired-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-42309 sudo>=1.8.0<1.9.12 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-43995 sudo>=1.8.0<1.9.12 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-22809 syslog-ng<3.38.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38725 dompdf<2.0.1 arbitrary-file-access https://nvd.nist.gov/vuln/detail/CVE-2022-41343 mpd<0.23.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-46449 tinyproxy<1.11.1nb3 insecure-defaults https://nvd.nist.gov/vuln/detail/CVE-2022-40468 syft<0.70.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-24827 sslh-[0-9]* remote-code-injection https://nvd.nist.gov/vuln/detail/CVE-2022-4639 sofia-sip<1.13.11 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-22741 sleuthkit-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45639 firefox<79 timing https://nvd.nist.gov/vuln/detail/CVE-2020-12413 python37<3.7.17 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-24329 python38<3.8.17 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-24329 python39<3.9.17 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-24329 python310<3.10.12 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-24329 python311<3.11.4 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-24329 clamav<0.103.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-20803 mpv<0.30 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-19824 libraw<0.21.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32142 py{27,36,37,38,39,310,311}-joblib<1.2.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-21797 glib2<2.63.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3800 libarchive<3.5.2 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2021-31566 libarchive<3.5.2 acl-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-23177 libarchive>=3.0.0<3.6.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-36227 libdwarf<0.4.2 double-free https://nvd.nist.gov/vuln/detail/CVE-2022-39170 libetpan-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-4121 libgit2<1.4.5 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2023-22742 libiberty-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3826 libjpeg-turbo<2.0.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-35538 libksba<1.6.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47629 libksba<1.6.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-3515 libtasn1<4.19.0 off-by-one https://nvd.nist.gov/vuln/detail/CVE-2021-46848 libvirt<7.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3975 libxml2<2.10.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40303 libxml2<2.10.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40304 py{27,36,37,38,39,310,311}-oauthlib>=3.1.1<3.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-36087 shapelib-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2022-0699 py{27,36,37,38,39,310,311}-Pillow<9.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-45199 py{27,36,37,38,39,310,311}-Pillow<9.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-45198 py{27,36,37,38,39,310,311}-certifi>=2017.11.05<2022.12.07 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2022-23491 py{27,36,37,38,39,310,311}-cleo-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42966 py{27,36,37,38,39,310,311}-cryptography>=1.8<39.0.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-23931 py{27,36,37,38,39,310,311}-gitpython<3.1.30 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-24439 py{27,36,37,38,39,310,311}-ipython<8.10.0 arbitrary-command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-24816 py{27,36,37,38,39,310,311}-jupyter_core<4.11.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-39286 py{27,36,37,38,39,310,311}-jwt<3.3.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-39227 py{27,36,37,38,39,310,311}-mako<1.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40023 py{27,36,37,38,39,310,311}-mechanize<0.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32837 py{27,36,37,38,39,310,311}-mod_wsgi<4.9.3 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2022-2255 py{27,36,37,38,39,310,311}-poetry<1.1.9 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-36069 py{27,36,37,38,39,310,311}-py<1.11.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42969 py{27,36,37,38,39,310,311}-setuptools<65.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40897 py{27,36,37,38,39,310,311}-twisted>=0.9.4<22.10.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39348 py{27,36,37,38,39,310,311}-wheel<0.38.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-40898 xfce4-settings<4.16.4 missing-argument-check https://nvd.nist.gov/vuln/detail/CVE-2022-45062 vtk<9.0.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-42521 vlc<3.0.18 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-41325 unzip-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-4217 editorconfig-core<0.12.6 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2023-0341 tor<0.4.7.13 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-23589 u-boot-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2347 totd-[0-9]* dns-cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2022-34294 scala>=2.13<2.13.9 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2022-36944 allegro<5.2.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36489 ruby{26,27,30,31}-activesupport<6.1.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-22796 ruby{26,27,30,31}-activesupport>=7.0.0<7.0.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-22796 ruby{26,27,30,31}-globalid>=0.2.1<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-22799 ruby{26,27,30,31}-loofah>=2.2.0<2.19.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23516 ruby{26,27,30,31}-loofah>=2.1.0<2.19.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-23515 ruby{26,27,30,31}-loofah<2.19.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23514 ruby-nokogiri>=1.13.8<1.13.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-23476 ruby{26,27,30,31}-rack>=1.2<2.0.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30122 ruby{26,27,30,31}-rack>=2.1.0<2.1.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30122 ruby{26,27,30,31}-rack>=2.2.0<2.2.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30122 ruby{26,27,30,31}-rack<2.0.9.1 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-30123 ruby{26,27,30,31}-rack>=2.1.0<2.1.4.1 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-30123 ruby{26,27,30,31}-rack>=2.2.0<2.2.3.1 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-30123 ruby{26,27,30,31}-rack<2.0.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44572 ruby{26,27,30,31}-rack>=2.1.0<2.1.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44572 ruby{26,27,30,31}-rack>=2.2.0<2.2.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44572 ruby{26,27,30,31}-rack>=2.0.0<2.0.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44571 ruby{26,27,30,31}-rack>=2.1.0<2.1.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44571 ruby{26,27,30,31}-rack>=2.2.0<2.2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44571 ruby{26,27,30,31}-rack>=3.0.0.0<3.0.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44571 ruby{26,27,30,31}-rack>=1.5.0<2.0.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44570 ruby{26,27,30,31}-rack>=2.1.0<2.1.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44570 ruby{26,27,30,31}-rack>=2.2.0<2.2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44570 ruby{26,27,30,31}-rack>=3.0.0<3.0.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44570 ruby{26,27,30,31}-rails>=0.2.1<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-22797 ruby{26,27,30,31}-rails-html-sanitizer<1.4.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-23519 ruby{26,27,30,31}-rails-html-sanitizer<1.4.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-23520 ruby{26,27,30,31}-rails-html-sanitizer<1.4.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-23518 ruby{26,27,30,31}-redmine>=5<5.0.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-44030 ruby{26,27,30,31}-redmine<4.2.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-44637 ruby{26,27,30,31}-redmine>=5<5.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-44637 ruby{26,27,30,31}-redmine<4.2.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-44031 ruby{26,27,30,31}-redmine>=5<5.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-44031 ruby{26,27,30,31}-sanitize>=5<6.0.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-23627 ruby{26,27,30,31}-sinatra>=2.0.0<2.2.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-45442 ruby{26,27,30,31}-sinatra>=3.0.0<3.0.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-45442 rxvt-unicode<9.29 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-4170 rtf2html-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43148 rabbitmq<3.8.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31008 rabbitmq>=3.9.0<3.9.18 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31008 rabbitmq>=3.10.0<3.10.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31008 qt5-qtbase-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3481 qemu<7.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14394 qemu<7.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0216 qemu-[0-9]* insecure-lock-files https://nvd.nist.gov/vuln/detail/CVE-2021-3735 qemu<6.2.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-0358 qemu<2.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-0148 qemu<1.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-0147 qemu<2.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-0144 qemu<7.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3165 qemu<7.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3872 qemu<7.2.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-4172 qemu<7.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-4144 #png-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4214 # test program only, not installed pngcheck<3.0.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-35511 py{27,36,37,38,39,310,311}-matrix-nio<0.20 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39254 py{27,36,37,38,39,310,311}-octoprint<1.9.0 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-2822 python36<3.6.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-4189 python37<3.7.11 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-4189 python38<3.8.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-4189 python39<3.9.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-4189 python37<3.7.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10735 python38<3.8.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10735 python39<3.9.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10735 python310<3.10.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10735 python37<3.7.8 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-42919 python38<3.8.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-42919 python39<3.9.16 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-42919 python310<3.10.9 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-42919 python37<3.7.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-45061 python38<3.8.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-45061 python39<3.9.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-45061 python310<3.10.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-45061 python311<3.11.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-45061 python37<3.7.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-28861 python38<3.8.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-28861 python39<3.9.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-28861 python310<3.10.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-28861 protobuf>=3.19.0<3.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1941 protobuf>=3.20.0<3.20.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1941 protobuf>=3.21.0<3.21.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1941 podman<4.4.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-2989 poppler<22.08.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38784 php{56,73,74,80,81}-gd>=7.4.0<7.4.33 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31630 php{56,73,74,80,81}-gd>=8.0.0<8.0.25 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31630 php{56,73,74,80,81}-gd>=8.1.0<8.1.12 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31630 php{73,74,80,81}-phpmyadmin>=5<5.2.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-22452 phppgadmin<6.17 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-4223 php{56,73,74,80,81}-phpmyadmin<4.9.11 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-25727 php{73,74,80,81}-phpmyadmin>=5<5.2.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-25727 phppgadmin>=4<6.14 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-22298 phoronix-test-suite-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-40704 mplayer<15.0 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2022-38865 mencoder<15.0 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2022-38865 mplayer<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38855 mencoder<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38855 mplayer<15.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-38851 mencoder<15.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-38851 mplayer<15.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-38600 mplayer<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38866 mencoder<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38866 mplayer<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38864 mencoder<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38864 mplayer<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38862 mencoder<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38862 mplayer<15.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-38861 mencoder<15.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-38861 mplayer<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38863 mencoder<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38863 mplayer<15.0 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2022-38860 mplayer<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38858 mencoder<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38858 mplayer<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38856 mencoder<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38856 mplayer<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38853 mencoder<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38853 mplayer<15.0 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2022-38850 matrix-synapse<1.62.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31152 matrix-synapse<1.52.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41952 pkgconf<1.9.4 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-24056 pixman<0.42.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-44638 pgpool-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-22332 openscad<2022-01-09 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0497 openscad<2022-02-04 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2022-0496 opusfile<0.12nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47021 openssh<9.2 double-free https://nvd.nist.gov/vuln/detail/CVE-2023-25136 p5-HTML-StripScripts-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-24038 patchelf<0.10 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-44940 opa>=0.40.0<0.43.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-36085 nautilus<2.26.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-37290 nostromo<2.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-48253 netatalk<3.1.14 remote-root-access https://nvd.nist.gov/vuln/detail/CVE-2022-45188 njs<0.7.6 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-35173 njs<0.7.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-38890 njs<0.7.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-43286 njs<0.7.8 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-43285 njs<0.7.6 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-43284 nim<1.6.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-46872 nss<3.79.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3479 mujs>=1.0.0<1.3.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-44789 mupdf<1.21 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2021-4216 openssl<1.1.1t denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0286 openssl<1.1.1t use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-0215 openssl<1.1.1t timing-attack https://nvd.nist.gov/vuln/detail/CVE-2022-4304 openssl<1.1.1t denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-4450 man2html-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-40648 man2html-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-40647 bash<5.1.8 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3715 minetest-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-35978 less>=566<609 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-46663 grub2-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-2601 grub2-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-3775 memcached<1.6.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-37519 leptonica<1.80.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38266 lepton-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-4104 binutils<2.40 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-38533 binutils<2.40 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-4285 awstats>=7<7.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-46391 assimp<5.4.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-45748 knot<5.5.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40188 freeciv>=2.6.7<3.0.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-39047 modular-xorg-server<21.1.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2319 modular-xorg-server<21.1.4 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-2320 modular-xorg-server<21.1.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-3551 modular-xorg-server<21.1.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3550 modular-xorg-server<1.20.11 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-46342 modular-xorg-server<1.20.11 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-46344 modular-xorg-server<1.20.11 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-46343 modular-xorg-server<1.20.11 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-46341 modular-xorg-server<1.20.11 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-46340 modular-xorg-server<1.20.11 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-4283 git-base<2.38.1 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-39260 git-base<2.38.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39253 mysql-server<5.7.40 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixMSQL mysql-server>=8.0<8.0.32 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixMSQL mysql-cluster<5.7.40 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixMSQL mysql-cluster>=8.0<8.0.32 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixMSQL mysql-server<5.7.41 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2023.html#AppendixMSQL mysql-server>=7.6<7.6.25 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2023.html#AppendixMSQL mysql-server>=8.0<8.0.32 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2023.html#AppendixMSQL mysql-cluster<5.7.41 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2023.html#AppendixMSQL mysql-cluster>=7.6<7.6.25 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2023.html#AppendixMSQL mysql-cluster>=8.0<8.0.32 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2023.html#AppendixMSQL thunderbird<102.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0616 thunderbird<102.8.0 information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-25728 thunderbird<102.8.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-25730 thunderbird<102.8.0 arbitrary-memory-write https://nvd.nist.gov/vuln/detail/CVE-2023-0767 thunderbird<102.8.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-25735 thunderbird<102.8.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-25737 thunderbird<102.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-25738 thunderbird<102.8.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-25739 thunderbird<102.8.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-25729 thunderbird<102.8.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-25732 thunderbird<102.8.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-25734 thunderbird<102.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-25742 thunderbird<102.8.0 memory-safety https://nvd.nist.gov/vuln/detail/CVE-2023-25746 thunderbird<102.7.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-0430 thunderbird<102.7.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-46871 thunderbird<102.7.0 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2023-23598 thunderbird<102.7.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-23599 thunderbird<102.7.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-23601 thunderbird<102.7.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-23602 thunderbird<102.7.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-46877 thunderbird<102.7.0 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-23603 thunderbird<102.7.0 memory-safety https://nvd.nist.gov/vuln/detail/CVE-2023-23605 clamav<0.103.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-20792 ImageMagick<7.1.0.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2719 ghostscript-agpl<9.51 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27792 ap{22,24}-auth-mellon<0.18.0 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2021-3639 gnutls<3.7.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4209 colord<1.4.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-42523 anjuta-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-42522 ImageMagick6<6.9.12.44 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1115 ImageMagick<7.1.0-29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1115 dnsmasq-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-0934 ImageMagick<7.1.0.20 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0284 inetutils<2.4 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-39028 gzip<1.12 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2022-1271 influxdb<1.8.10 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-36640 confuse-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-40320 frr<8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37032 nodejs>=14<14.21.1 arbitrary-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-43548 nodejs>=16<16.18.1 arbitrary-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-43548 nodejs>=18<18.12.1 arbitrary-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-43548 nodejs<16.17.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-35256 nodejs>=18<18.9.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-35256 nodejs<16.17.1 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2022-35255 nodejs>=18<18.9.1 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2022-35255 SOGo<5.8.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-4558 SOGo<5.8.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-4556 dropbear<2022.82 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-36369 dynamips-[0-9]* uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2022-47012 gajim<1.5.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-39835 harfbuzz<7.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-25193 hs-aeson<2.0.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3433 hyperscan<5.4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-29486 jasper<4.0.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-2963 jenkins<2.370 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-41224 kitty<0.26.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-41322 cacti<1.2.23 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-46169 caddy<2.5.0 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2022-28923 chicken>=5.0.0<5.3.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45145 erlang<23.3.4.15 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-37026 erlang>=24<24.3.4.2 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-37026 erlang>=25<25.0.2 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-37026 fcitx5<5.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-37311 botan2<2.19.3 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2022-43705 fuse-ntfs-3g<2022.10.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-40284 gtar-base<1.34nb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-48303 bind>=9.11<9.11.37 dns-cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2022-3488 bind>=9.16<9.16.36 dns-cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2022-3488 bind>=9.16<9.16.37 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3094 bind>=9.18<9.18.11 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3094 bind>=9.19<9.19.9 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3094 libreoffice>=7.3<7.3.6 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-3140 libreoffice>=7.4<7.4.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-3140 mariadb-server>=10.3<10.3.36 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38791 mariadb-server>=10.4<10.4.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38791 mariadb-server>=10.5<10.5.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38791 mariadb-server>=10.6<10.6.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38791 mariadb-server>=10.7<10.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38791 mariadb-server>=10.8<10.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38791 mariadb-server>=10.11<10.11.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47015 mariadb-server>=10.6<10.6.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47015 mariadb-server>=10.5<10.5.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47015 mariadb-server>=10.4<10.4.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47015 mit-krb5>=1.8<1.19.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-42898 modular-xorg-xquartz-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3553 ImageMagick<7.0.10.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20224 ImageMagick6<6.9.11.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20224 ImageMagick<7.0.11.8 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-3574 ImageMagick6<6.9.12.8 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-3574 ImageMagick<7.1.0.47 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-3213 ImageMagick6<6.9.12.62 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-3213 ImageMagick<7.1.0.62 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44267 ImageMagick6<6.9.12.76 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44267 ImageMagick<7.1.0.52 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44268 ImageMagick6<6.9.12.67 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44268 SDL2>=2.0.4<2.26.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-4743 alpine<2.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46853 amanda-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-37703 GraphicsMagick<1.3.38 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1270 ap{22,24}-auth-openidc<2.4.12.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2022-23527 postgresql-server>=10<10.22 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-2625 postgresql-server>=11<11.17 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-2625 postgresql-server>=12<12.12 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-2625 postgresql-server>=13<13.8 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-2625 postgresql-server>=14<14.5 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-2625 postgresql-server>=10<10.21 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-1552 postgresql-server>=11<11.16 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-1552 postgresql-server>=12<12.11 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-1552 postgresql-server>=13<13.7 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-1552 postgresql-server>=14<14.3 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-1552 asterisk>=16<16.16.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46837 asterisk>=17<17.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46837 asterisk>=18<18.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46837 asterisk>=16<16.16.1 local-file-read https://nvd.nist.gov/vuln/detail/CVE-2022-42706 asterisk>=17<18.15.1 local-file-read https://nvd.nist.gov/vuln/detail/CVE-2022-42706 asterisk>=19<19.7.1 local-file-read https://nvd.nist.gov/vuln/detail/CVE-2022-42706 asterisk>=16<16.29.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-42705 asterisk>=18.14<18.15.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-42705 asterisk>=19.6<19.7.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-42705 asterisk>=16<16.29.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37325 asterisk>=18<18.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37325 asterisk>=19<19.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37325 salt-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33226 xdg-utils-[0-9]* command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-4055 mysql-client>=8<8.0.29 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixMSQL openjdk8<1.8.346 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixJAVA openjdk11<1.11.0.16.2 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixJAVA openjdk17<1.17.0.4.2 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixJAVA openjdk8<1.8.352 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2023.html#AppendixJAVA openjdk11<1.11.0.18 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2023.html#AppendixJAVA openjdk11<1.17.0.6 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2023.html#AppendixJAVA nethack>=3.6.2<3.6.7 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-24809 moodle<4.1.1 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2023-23923 moodle<4.1.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-23922 moodle<4.1.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-23921 samba>=4.3<4.14.14 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-32746 samba>=4.15<4.15.9 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-32746 samba>=4.16<4.16.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-32746 xenkernel413-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-33745 xenkernel413-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-33748 xenkernel415-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-33748 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33747 xenkernel415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33747 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33746 xenkernel415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33746 epiphany-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-26081 afl++-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-26266 glusterfs-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-26253 knot<5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-26249 jd-gui-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-26235 jd-gui-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-26234 glusterfs-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-48340 emacs<29.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-48339 emacs<29.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-48338 emacs<29.1 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-48337 zoneminder<1.36.33 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2023-26039 zoneminder<1.36.33 local-file-inclusion https://nvd.nist.gov/vuln/detail/CVE-2023-26038 zoneminder<1.36.33 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-26037 zoneminder<1.36.33 local-file-inclusion https://nvd.nist.gov/vuln/detail/CVE-2023-26036 zoneminder<1.36.33 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-26035 zoneminder<1.36.33 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-26034 zoneminder<1.36.33 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-25825 zoneminder<1.36.33 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-26032 curl>=7.57<7.88 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-23915 curl>=7.57<7.88 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-23914 freeimage-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33367 mantis<2.25.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-22476 libheif<1.15 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0996 php{56,73,74,80,81}-nextcloud>=23<23.0.12 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2023-25579 php{56,73,74,80,81}-nextcloud>=24<24.0.8 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2023-25579 php{56,73,74,80,81}-nextcloud>=25<25.0.2 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2023-25579 php{56,73,74,80,81}-nextcloud>=24<24.0.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-25821 php{56,73,74,80,81}-nextcloud>=25<25.0.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-25821 php{56,73,74,80,81}-nextcloud>=25<25.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-25816 nodejs<14.21.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-23920 nodejs>=16<16.19.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-23920 nodejs>=18<18.14.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-23920 nodejs>=19<19.6.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-23920 nodejs<14.21.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-23919 nodejs>=16<16.19.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-23919 nodejs>=18<18.14.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-23919 nodejs>=19<19.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-23919 nodejs<14.21.3 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-23918 nodejs>=16<16.19.1 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-23918 nodejs>=18<18.14.1 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-23918 nodejs>=19<19.6.1 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-23918 apache<2.4.56 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2023-27522 apache<2.4.56 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2023-25690 yubico-c-client-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages curl>=7.7<8.00 command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-27533 curl>=7.18<8.00 improper-path-limitation https://nvd.nist.gov/vuln/detail/CVE-2023-27534 curl>=7.13<8.00 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-27535 curl>=7.22<8.00 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-27536 curl>=7.88<8.00 double-free https://nvd.nist.gov/vuln/detail/CVE-2023-27537 curl>=7.16.1<8.00 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-27538 redis>=7.0.8<7.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-28425 openssl<1.1.1tnb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0464 modular-xorg-server<21.1.7nb1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-1393 irssi<1.4.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-29132 pcre-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ghostscript-gpl<10.01.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-28879 ghostscript-agpl<10.01.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-28879 git-base<2.40.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2023-25652 git-base<2.40.1 arbitrary-messages https://nvd.nist.gov/vuln/detail/CVE-2023-25815 git-base<2.40.1 configuration-misinterpretation https://nvd.nist.gov/vuln/detail/CVE-2023-29007 perl<5.38.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-31484 p5-GitLab-API-v4-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-31485 perl<5.38.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-31486 py{36,37,38,39,310,311}-django>=3.2<3.2.19 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-31047 py{36,37,38,39,310,311}-django>=4.1<4.1.9 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-31047 py{36,37,38,39,310,311}-django>=4.2<4.2.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-31047 libssh<0.105 debial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1667 libssh<0.105 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2023-2283 curl>=7.81.0<8.1.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-28319 curl>=7.9.8<8.1.0 improper-synchronization https://nvd.nist.gov/vuln/detail/CVE-2023-28320 curl>=7.12.0<8.1.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2023-28321 curl>=7.7<8.1.0 expected-behavior-violation https://nvd.nist.gov/vuln/detail/CVE-2023-28322 cups-filters<1.28.18 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-24805 libcares<1.19.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-32067 libcares<1.19.1 lack-of-entropy https://nvd.nist.gov/vuln/detail/CVE-2023-31124 libcares<1.19.1 buffer-underflow https://nvd.nist.gov/vuln/detail/CVE-2023-31130 libcares<1.19.1 lack-of-entropy https://nvd.nist.gov/vuln/detail/CVE-2023-31147 luatex<1.17 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-32700 openssl<1.1.1u denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2650 webkit-gtk<2.40.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-28204 webkit-gtk<2.40.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-32373 cups-base<2.4.2nb9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-32324 libde265<1.0.12 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-27102 libde265<1.0.12 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-27103 libX11<1.8.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-3138 libtpms<0.9.6 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-1017 libtpms<0.9.6 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-1018 cups-base<2.4.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-34241 webkit-gtk<2.38.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-48503 webkit-gtk<2.40.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-32435 webkit-gtk<2.40.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-32439 ruby27-* eol https://www.ruby-lang.org/en/downloads/branches/ ruby{26,27,30,31}-actionpack52<5.2.8.1nb1 cross-site-scripting https://cve.report/CVE-2023-28362 ruby{26,27,30,31}-actionpack60<6.0.6.1nb1 cross-site-scripting https://cve.report/CVE-2023-28362 ruby{26,27,30,31}-actionpack61<6.1.7.4 cross-site-scripting https://cve.report/CVE-2023-28362 ruby{26,27,30,31}-actionpack70<6.1.7.4 cross-site-scripting https://cve.report/CVE-2023-28362 ruby30-base<3.0.6nb1 denial-of-service https://cve.report/CVE-2023-36617 ruby31-base<3.1.4nb1 denial-of-service https://cve.report/CVE-2023-36617 ruby32-base<3.2.2nb2 denial-of-service https://cve.report/CVE-2023-36617 python36-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python37-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages py{37,38,39,310,311}-django>=3.2<3.2.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-36053 py{37,38,39,310,311}-django>=4.1<4.1.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-36053 py{37,38,39,310,311}-django>=4.2<4.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-36053 py{27,34,35,36,37,38,39,310,311}-django<3.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby{26,27,30,31}-sanitize<6.0.2 cross-site-scripting https://cve.report/CVE-2023-36823 acmesh<3.0.6 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-38198 openssh<9.3p2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-38408 samba<4.18.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-2127 samba<4.18.5 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2023-3347 samba<4.18.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-34966 samba<4.18.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-34967 samba<4.18.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-34968 samba<4 eol https://wiki.samba.org/index.php/Samba_Release_Planning webkit-gtk<2.40.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-37450 webkit-gtk<2.40.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-32393 librsvg<2.46.6 arbitrary-file-read https://nvd.nist.gov/vuln/detail/CVE-2023-38633 librsvg<2.56.3 arbitrary-file-read https://nvd.nist.gov/vuln/detail/CVE-2023-38633 webkit-gtk<2.40.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-38133 webkit-gtk<2.40.5 same-origin-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-38572 webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-38592 webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-38594 webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-38595 webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-38597 webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-38599 webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-38600 webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-38611 rust<1.71.1 permission-problem https://nvd.nist.gov/vuln/detail/CVE-2023-38497 py{27,37,38,39,310,311}-borgbackup<1.2.5 archive-spoofing https://nvd.nist.gov/vuln/detail/CVE-2023-36811 ruby{30,31,32}-rails<6.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages py{37,38,39,310,311}-django>=3.2<3.2.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41164 py{37,38,39,310,311}-django>=4.1<4.1.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41164 py{37,38,39,310,311}-django>=4.2<4.2.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41164 curl>=7.84.0<8.3.0 allocation-of-resources-without-limits-or-throttling https://nvd.nist.gov/vuln/detail/CVE-2023-38039 webkit-gtk<2.40.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-28198 webkit-gtk<2.40.1 content-security-policiy-escape https://nvd.nist.gov/vuln/detail/CVE-2023-32370 webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-40397 libwebp<1.3.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-4863 bind>=9.2<9.16.43 denial-of-service https://kb.isc.org/docs/cve-2023-3341 bind>=9.18<9.18.18 denial-of-service https://kb.isc.org/docs/cve-2023-3341 bind>=9.19<9.19.16 denial-of-service https://kb.isc.org/docs/cve-2023-3341 bind>=9.18<9.18.18 denial-of-service https://kb.isc.org/docs/cve-2023-4236 cups-base<2.4.7 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-4504 zbar<0.23.93 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-40890 zbar<0.23.93 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-40889 zola<0.18.0 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-40274 zstd<1.5.4 buffer-overrun https://nvd.nist.gov/vuln/detail/CVE-2022-4899 z3<4.8.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-19725 yasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-29581 yasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-29580 yasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-29582 yasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-29583 yasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-29579 yasm-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-30402 yasm-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-31975 yasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-31974 yasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-31973 yasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-31972 yasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-31724 yasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-31725 yasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-31723 yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-37732 yt-dlp>=2015.01.25<2023.07.06 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2023-35934 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-38310 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-38308 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-38306 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-38305 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-38311 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-38309 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-38307 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-38304 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-38303 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-41155 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-40986 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-40985 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-40984 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-40983 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-40982 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-43309 upx<4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43316 upx<4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43317 upx<4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43314 upx<4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43315 upx<4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43311 upx<4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43313 upx<4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43312 upx<4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46179 netatalk3<3.1.13 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-23125 netatalk3<3.1.13 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-23124 netatalk3<3.1.13 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-23123 netatalk3<3.1.13 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-23122 netatalk3<3.1.13 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-23121 netatalk3<3.1.13 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-0194 netatalk3<3.2.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-43634 cacti<1.2.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-37543 cacti<1.2.19 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-48547 cacti<1.2.23 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-48538 cacti-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-41444 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39515 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39514 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39513 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39516 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39512 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39510 cacti>=1.2.0<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39366 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39365 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39364 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39362 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39361 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39360 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39359 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39358 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39357 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-31132 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-30534 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39511 radare2<5.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27114 radare2<5.8.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1605 radare2<5.3.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-32495 radare2<5.3.0 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-32494 radare2<5.9.0 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-4322 radare2<5.5.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-28073 radare2<5.5.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-28072 radare2<5.5.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-28071 radare2<5.5.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-28070 radare2<5.5.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-28069 radare2<5.5.0 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-28068 vault<1.10.11 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-24999 vault<1.11.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-25000 vault<1.11.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0665 vault<1.11.9 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-0620 vault<1.11.11 html-attribute-injection https://nvd.nist.gov/vuln/detail/CVE-2023-2121 vault<1.13.5 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-3462 vault<1.12.11 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-4680 libxls-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38854 libxls-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38856 libxls-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38853 libxls-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38852 libxls-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38851 libxls-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38855 tcpreplay<4.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27789 tcpreplay<4.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27788 tcpreplay<4.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27787 tcpreplay<4.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27786 tcpreplay<4.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27785 tcpreplay<4.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27784 tcpreplay<4.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27783 salt<3005.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-20898 salt<3005.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-20897 salt>=3006.0<3006.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-20898 salt>=3006.0<3006.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-20897 sudo>=1.9.8<1.9.13 double-free https://nvd.nist.gov/vuln/detail/CVE-2023-27320 sudo<1.9.13 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-28487 sudo<1.9.13 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-28486 jetty<9.4.51 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-26049 jetty<9.4.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-26048 jetty>=9.0.0<9.4.52 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-40167 jetty>=9.4.21<9.4.52 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-41900 sox-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-34318 sox-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2023-32627 sox-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2023-26590 sox-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-34432 libredwg<0.12.5.5016 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-25222 libredwg<0.12.5.5256 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-36274 libredwg<0.12.5.5256 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36273 libredwg<0.12.5.5256 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36272 libredwg<0.12.5.5256 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36271 podofo<0.10.1 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-2241 podofo<0.10.1 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-31568 podofo<0.10.1 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-31567 podofo<0.10.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-31566 podofo<0.10.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-31555 podofo<0.10.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-31556 openimageio<2.4.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-24472 openimageio<2.4.8.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-24473 openimageio<2.4.8.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-22845 openimageio<2.4.13.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36183 ntp<4.2.8p17 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-26554 ntp<4.2.8p16 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-26555 ntp<4.2.8p16 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-26553 ntp<4.2.8p16 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-26552 ntp<4.2.8p16 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-26551 ntpsec<1.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-4012 webkit-gtk<2.42.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-39928 webkit-gtk<2.40.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-35074 webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-39434 webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-40451 webkit-gtk<2.42.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-41074 webkit-gtk<2.42.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-41993 libvpx<1.13.0nb1 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2023-5217 exim<4.96.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-42114 exim<4.96.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42115 exim<4.96.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42116 exim<4.96.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42117 libspf2<1.2.11nb2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42118 exim<4.96.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-42119 gst-plugins1-bad<1.22.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40474 gst-plugins1-bad<1.22.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40475 gst-plugins1-bad<1.22.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40476 libX11<1.8.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-43785 libX11<1.8.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-43786 libX11<1.8.7 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-43787 libXpm<3.5.17 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-43788 libXpm<3.5.17 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-43789 py{37,38,39,310,311}-django>=3.2<3.2.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-43665 py{37,38,39,310,311}-django>=4.1<4.1.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-43665 py{37,38,39,310,311}-django>=4.2<4.2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-43665 grub2-[0-9]* out-of-bounds https://nvd.nist.gov/vuln/detail/CVE-2023-4692 grub2-[0-9]* out-of-bounds https://nvd.nist.gov/vuln/detail/CVE-2023-4693 croc-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-43621 croc-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-43620 croc-[0-9]* remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2023-43619 croc-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-43618 croc-[0-9]* arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2023-43616 croc-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-43617 ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44232 ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-31976 ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-30085 ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-30084 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-30083 ming-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-31240 ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36239 ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40781 amanda-server<3.5.4 local-root-shell https://nvd.nist.gov/vuln/detail/CVE-2022-37705 amanda-server<3.5.4 local-root-shell https://nvd.nist.gov/vuln/detail/CVE-2022-37704 lldpd<1.0.13 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-43612 lldpd<1.0.17 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-41910 zabbix<4.0.47 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-29456 zabbix<4.0.46 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-29457 zabbix<4.0.46 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-29455 zabbix<4.0.46 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-29454 freeimage<1.18.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-40266 freeimage<1.18.0 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40265 freeimage<1.18.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-40264 freeimage<1.18.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40262 freeimage-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40263 freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24295 freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24293 freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24294 freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24292 freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22524 freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21428 freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21426 freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21427 wireshark<4.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1161 wireshark<4.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1992 wireshark<4.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1994 wireshark<4.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2879 wireshark<4.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2858 wireshark<4.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2857 wireshark<4.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2856 wireshark<4.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2855 wireshark<4.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2854 wireshark<4.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2952 wireshark<4.0.6 code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-0667 wireshark>=4<4.0.6 code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-0666 wireshark<4.0.6 code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-0668 wireshark<4.0.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-3649 wireshark<4.0.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-3648 wireshark<4.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-4513 wireshark<4.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-4512 wireshark<4.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-4511 wireshark<4.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-5371 w3m<0.5.3.0.20230121nb4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-38252 w3m-img<0.5.3.0.20230121nb2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-38252 w3m<0.5.3.0.20230121nb4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-38253 w3m-img<0.5.3.0.20230121nb2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-38253 vsftpd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-30047 vorbis-tools-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-43361 matrix-synapse<1.74.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-32323 matrix-synapse>=1.62.0<1.68.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39374 matrix-synapse<1.69.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39335 matrix-synapse<1.85.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-32682 matrix-synapse<1.85.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-32683 matrix-synapse>=1.66.0<1.93.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-41335 matrix-synapse>=1.34.0<1.93.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-42453 freerdp2<2.11.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40589 freerdp2<2.11.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-40569 freerdp2<2.11.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-40188 freerdp2<2.11.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-40567 freerdp2<2.11.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-40186 freerdp2<2.11.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-40181 freerdp2<2.11.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-39356 freerdp2<2.11.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-39354 freerdp2<2.11.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-39353 freerdp2<2.11.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-39352 freerdp2<2.11.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-39350 freerdp2<2.11.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-39351 gnupg2-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-3219 libmicrohttpd<0.9.76 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-27371 libde265<1.0.11 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-25221 libde265<1.0.11 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-24758 libde265<1.0.11 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-24757 libde265<1.0.11 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-24756 libde265<1.0.11 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-24754 libde265<1.0.11 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-24755 libde265<1.0.11 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-24752 libde265<1.0.11 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-24751 nasm<2.16 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44370 nasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-44369 nasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-44368 nasm-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-31722 nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38668 nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38667 nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38665 nasm<2.15.05 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29654 nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21687 nasm<2.15.04 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21686 nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21685 nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21528 nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18780 puppet<7.11.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1894 openssh>=8.9<9.3 configuration-misinterpretation https://nvd.nist.gov/vuln/detail/CVE-2023-28531 wolfssl<5.6.2 privacy-leak https://nvd.nist.gov/vuln/detail/CVE-2023-3724 catdoc-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-31979 catdoc-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-41633 geeklog-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-37787 geeklog-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-37786 avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38469 avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38470 avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38471 avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38472 avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38473 libxml2<2.12.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-45322 libcue<2.2.1nb1 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2023-43641 mutt<2.2.12 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-4874 mutt<2.2.12 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-4875 djvulibre-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46312 djvulibre-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46310 grpc<1.53.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-32732 grpc>=1.53.0<1.55.0 expected-behavior-violation https://nvd.nist.gov/vuln/detail/CVE-2023-32731 grpc>=1.51.0<1.53.0 expected-behavior-violation https://nvd.nist.gov/vuln/detail/CVE-2023-1428 grpc<1.55.3 expected-behavior-violation https://nvd.nist.gov/vuln/detail/CVE-2023-4785 podman-[0-9]* unknown-impact https://nvd.nist.gov/vuln/detail/CVE-2023-0778 opensc-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2977 opensc<0.23.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-34193 jhead<3.08 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-28550 jhead<3.04 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-28840 monit<5.31.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-26563 tiff<4.5.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-4645 tiff<4.5.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-1916 vim<9.0.1367 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2023-1127 vim<9.0.1376 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-1170 vim<9.0.1378 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-1175 vim<9.0.1392 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-1264 vim<9.0.1402 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-1355 vim<9.0.1499 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-2426 vim<9.0.1531 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-2609 vim<9.0.1532 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-2610 optipng-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-43907 #png-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-3857 # false positive jpegoptim<1.5.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-27781 phppgadmin<7.14.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-40619 phppgadmin<7.7 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2023-5002 phppgadmin<6.19 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-0241 webkit-gtk<2.36.8 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-25363 webkit-gtk<2.36.8 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-25362 webkit-gtk<2.36.8 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-25361 webkit-gtk<2.36.8 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-25360 webkit-gtk<2.36.8 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-25358 libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47664 libcares<1.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-4904 webkit-gtk<2.26.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2019-8720 qemu>=7.2.0<7.2.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-0330 emacs>=28.1<28.3 code-injection https://nvd.nist.gov/vuln/detail/CVE-2023-27986 emacs>=28.1<28.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-27985 consul<1.14.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0845 liferea<1.14.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-1350 opendoas-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-28339 stellarium<23.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-28371 dnsmasq<2.90 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-28450 pandoc>=1.13<3.1.4 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2023-35936 pandoc<3.1.6 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2023-38745 exempi<2.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18652 exempi<2.5.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-18651 cmark-gfm<0.29.0.gfm.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-24824 cmark-gfm<0.29.0.gfm.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-26485 cmark-gfm<0.29.0.gfm.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-37463 syncthing<1.23.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-46165 memcached<1.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-48571 memcached>=1.6.0<1.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22570 mbedtls<2.28.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-43615 libheif<1.15.2 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2023-29659 grafana<9.3.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-0594 grafana<9.3.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-0507 redis<7.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-36021 gradle>=6.2<6.9.4 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-26053 redis<7.0.9 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-25155 grafana<9.3.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-22462 libde265<1.0.10 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-47665 moodle<3.11.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-36398 moodle<3.11.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-36397 moodle<3.11.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-36396 moodle<3.11.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2021-36393 moodle<3.11.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36395 moodle<3.11.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-36403 samba4<4.17.4 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2021-20251 pev-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-45423 vim<9.0.1969 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-5344 mosquitto<2.0.16 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-3592 gpac-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-5377 tiff<4.5.1 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-3576 ImageMagick<7.1.1.19 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-3428 gradle<7.6.3 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2023-44387 webkit-gtk<2.42 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-39928 gifsicle-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44821 libcue<2.2.1nb1 code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-43641 py{27,37,38,39,310,311,312}-urllib3<2.0.6 cookie-injection https://nvd.nist.gov/vuln/detail/CVE-2023-43804 tnftpd<20231001 information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-45198 tiff<4.6.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-41175 tiff<4.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-40745 vim<9.0.1992 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-5441 go120<1.20.9 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-39323 php{56,73,74,80,81,82}-concrete5-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-44766 php{56,73,74,80,81,82}-concrete5-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-44765 php{56,73,74,80,81,82}-concrete5-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-44762 php{56,73,74,80,81,82}-concrete5-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-44761 php{56,73,74,80,81,82}-concrete5-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-44764 gradle<7.6.3 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2023-42445 py{27,37,38,39,310,311,312}-octoprint<1.9.3 code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-41047 php{56,73,74,80,81,82}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-44393 asn1c-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-23910 asn1c-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-23911 yajl-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-33460 zziplib-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18770 xterm<380 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40359 vim<9.0.1847 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-4735 vim<9.0.1846 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-4734 vim<9.0.1833 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-4736 vim<9.0.1848 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-4738 vim<9.0.1331 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-4751 vim<9.0.1858 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-4752 vim<9.0.1840 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-4733 vim<9.0.1857 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-4750 vim<9.0.1873 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-4781 tightvnc<2.8.75 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-27830 unrar<6.2.3 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-48579 haproxy<2.7.1 information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-0836 haproxy<2.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-25950 haproxy<2.8.2 request-forgery https://nvd.nist.gov/vuln/detail/CVE-2023-40225 py{27,37,38,39,310,311,312}-MechanicalSoup<1.3.0 arbitrary-file-read https://nvd.nist.gov/vuln/detail/CVE-2023-34457 p7zip-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-47069 p7zip-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-1576 wordpress<6.1.2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-2745 webkit-gtk-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-2203 vault>=0.10.0<1.13.0 permission-problem https://nvd.nist.gov/vuln/detail/CVE-2023-5077 vim<8.1.2136 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-20703 vim<9.0.1664 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2023-3896 vim<8.2.2354 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3236 poppler<23.06.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-34872 poppler<21.01.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36024 poppler<21.01.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2020-36023 poppler<21.01.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38349 poppler<22.08.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37052 poppler<22.08.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37050 poppler<0.76.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-18839 poppler<20.08.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-23804 protobuf-c<1.4.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-48468 advancecomp<2.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2961 opendkim-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-48521 grub2>=2.00<2.06.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-28736 grub2>=2.00<2.06.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-28735 grub2>=2.00<2.06.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-28733 grub2>=2.00<2.06.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-28734 mp4v2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1451 mp4v2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1450 mp4v2-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-29584 mp4v2-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-29578 mp4v2-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-33720 mp4v2-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-33718 mp4v2-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-33716 mp4v2-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-33719 mp4v2-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-33717 njs<0.3.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-19695 njs<0.3.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-19692 njs<0.7.11 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-27730 njs<0.7.11 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2023-27729 njs<0.7.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27728 njs<0.7.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27727 nats-server>=2.2.0<2.8.0 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2022-28357 qpdf<10.1.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-25786 gawk<5.1.1 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-4156 tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2731 tiff<4.5.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-26965 tiff>=3.9.0<4.5.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-3316 tiff<4.5.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-3618 tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40090 consul>=1.15.0<1.15.3 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-2816 consul>=1.13.0<1.15.3 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-1297 consul<1.16.1 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-3518 faad2<2.11.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38858 faad2<2.11.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38857 bitcoin<24.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-33297 bitcoin-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-37192 gnuplot-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25969 screen<4.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-24626 terraform>=1.0.8<1.5.7 overwrite-arbitrary-files https://nvd.nist.gov/vuln/detail/CVE-2023-4782 sniproxy<0.6.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-25076 spice-server-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-23793 routinator<0.12.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-39915 routinator>=0.9.0<0.12.2 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-39916 sofia-sip<1.13.15 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-32307 xpdf-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-26930 xpdf<4.05 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-2664 xpdf<4.05 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-2663 xpdf<4.05 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2023-2662 xpdf<4.05 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2023-3044 xpdf<4.05 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-3436 xpdf-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-48545 tcpdump-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-1801 quickjs-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-31922 libsass-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43358 libsass-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43357 libsass-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-26592 nuclei<2.9.9 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2023-37896 powerdns-recursor<4.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-26437 go117-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487 go118-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487 go119-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487 go120-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487 go121<1.21.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487 h2o-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487 nghttp2<1.57.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487 apache-tomcat>=9<9.0.81 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487 apache-tomcat>=8<8.5.94 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487 apache-tomcat<8.5 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages frr<8.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-36440 frr<8.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40302 frr<8.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43681 frr<8.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40318 frr<8.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-31490 frr<8.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-31489 frr<8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-3748 frr-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41361 frr-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41360 frr-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41358 frr-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41359 frr-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38802 frr-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-41909 mupdf<1.18.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-26683 mupdf<1.18.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21896 binutils<2.40 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-48065 binutils<2.40 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-48064 binutils<2.39.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47696 binutils<2.39.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47695 binutils<2.39.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47673 binutils<2.40 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-48063 binutils<2.40 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44840 binutils<2.38 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-46174 binutils<2.34 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-35342 binutils<2.34 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-21490 binutils<2.34 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-19724 libdwarf<0.3.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-27545 libdwarf<0.3.4 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-28163 kilo-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20335 h2o-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-30847 atasm-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-34123 KeePass>=2.00<2.54 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-32784 curl>=7.69.0<8.4.0 heap-based-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38545 curl>=7.9.1<8.4.0 external-control-of-file-name-or-path https://nvd.nist.gov/vuln/detail/CVE-2023-38546 samba4>=4.17<4.17.12 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-3961 samba4>=4.18<4.18.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-3961 samba4>=4.17<4.17.12 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-42669 samba4>=4.18<4.18.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-42669 samba4>=4.17<4.17.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-42670 samba4>=4.18<4.18.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-42670 hs-http2<4.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487 varnish-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487 apache<2.4.58 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-31122 apache<2.4.58 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-43622 apache<2.4.58 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-45802 minizip<1.3.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-45853 py{27,37,38,39,310,311,312}-configobj<5.0.8nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-26112 modular-xorg-server<21.1.9 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-5367 modular-xorg-server<21.1.9 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-5380 modular-xorg-server-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-5574 py{27,38,39,310,311,312}-pip<23.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-5752 php{56,73,74,80,81,82}-roundcube<1.6.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-5631 exiv2>=0.28<0.28.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-44398 ltm<1.2.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36328 gimp<2.10.36 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-44441 qimp<2.10.36 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-44442 gimp<2.10.36 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-44443 gimp<2.10.36 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-44444 tor<0.4.8.8 unknown-impact https://gitlab.torproject.org/tpo/core/team/-/wikis/NetworkTeam/TROVE tor<0.4.8.9 unknown-impact https://gitlab.torproject.org/tpo/core/team/-/wikis/NetworkTeam/TROVE yt-dlp<2023.11.14 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2023-46121 webkit-gtk<2.38.4 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2023-32919 webkit-gtk<2.38.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-32933 webkit-gtk<2.38.4 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2022-46705 webkit-gtk<2.38.4 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2022-46725 webkit-gtk<2.42 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-32359 webkit-gtk<2.42.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41983 webkit-gtk<2.42.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42852 gst-plugins1-base<1.22.4 heap-overwrite https://nvd.nist.gov/vuln/detail/CVE-2023-37328 gst-plugins1-base<1.22.4 heap-overwrite https://nvd.nist.gov/vuln/detail/CVE-2023-37329 gst-plugins1-ugly<1.22.5 integer-overflow https://gstreamer.freedesktop.org/security/sa-2023-0004.html gst-plugins1-ugly<1.22.5 integer-overflow https://gstreamer.freedesktop.org/security/sa-2023-0005.html gst-plugins1-bad<1.22.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40474 gst-plugins1-bad<1.22.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40475 gst-plugins1-bad<1.22.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40476 gst-plugins1-bad<1.22.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-44429 gst-plugins1-bad<1.22.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-44446 vim<9.0.2106 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-48231 vim<9.0.2112 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-48237 gnutls<3.8.2 timing-side-channel https://nvd.nist.gov/vuln/detail/CVE-2023-5981 vim<9.0.2121 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-48706 samba4>=4.0<4.18.9 information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14628 samba4>=4.19<4.19.3 information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14628 py{27,38,39,310,311,312}-cryptography>=3.1<41.0.6 NULL-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-49083 perl>=5.30.0<5.38.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-47038 webkit-gtk<2.42.3 disclose-sensitive-information https://nvd.nist.gov/vuln/detail/CVE-2023-42916 webkit-gtk<2.42.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42917 go120<1.20.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-39326 go121<1.21.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-39326 go120<1.20.12 insecure-fallback https://nvd.nist.gov/vuln/detail/CVE-2023-45285 go121<1.21.5 insecure-fallback https://nvd.nist.gov/vuln/detail/CVE-2023-45285 curl>=7.46.0<8.5.0 information-exposure-through-sent-data https://nvd.nist.gov/vuln/detail/CVE-2023-46218 curl>=7.84.0<8.5.0 missing-encryption-of-sensitive-data https://nvd.nist.gov/vuln/detail/CVE-2023-46219 fish<3.6.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-49284 modular-xorg-server<21.1.10 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-6377 modular-xorg-server<21.1.10 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-6478 opensc>=0.17.0<0.24.0 potential-pin-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-40660 asterisk<18.20.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-49786 asterisk>=20<20.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-49786 asterisk>=21<21.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-49786 asterisk<18 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages asterisk>=19<20 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages jq<1.7.1 buffer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-50246 jq<1.7.1 buffer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-50268 webkit-gtk<2.42.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-42883 webkit-gtk<2.42.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42890 openssh<9.6 extension-negotiation-downgrade https://nvd.nist.gov/vuln/detail/CVE-2023-48795 putty<0.80 extension-negotiation-downgrade https://nvd.nist.gov/vuln/detail/CVE-2023-48795 py{38,39,310,311,321}-asyncssh<2.14.2 extension-negotiation-downgrade https://nvd.nist.gov/vuln/detail/CVE-2023-48795 py{38,39,310,311,321}-asyncssh<2.14.2 extension-negotiation-attack https://nvd.nist.gov/vuln/detail/CVE-2023-46445 py{38,39,310,311,321}-asyncssh<2.14.2 session-attack https://nvd.nist.gov/vuln/detail/CVE-2023-46446 libssh<0.106 extension-negotiation-downgrade https://nvd.nist.gov/vuln/detail/CVE-2023-48795 py{38,39,310,311,321}-paramiko<3.4.0 session-attack https://nvd.nist.gov/vuln/detail/CVE-2023-46446 proftpd<1.3.8b extension-negotiation-downgrade https://nvd.nist.gov/vuln/detail/CVE-2023-48795 dropbear<2022.83nb1 extension-negotiation-downgrade https://nvd.nist.gov/vuln/detail/CVE-2023-48795 erlang<26.2.1 extension-negotiation-downgrade https://nvd.nist.gov/vuln/detail/CVE-2023-48795 libssh2<1.11.0nb2 extension-negotiation-downgrade https://nvd.nist.gov/vuln/detail/CVE-2023-48795 postfix<3.8.4 email-spoofing https://nvd.nist.gov/vuln/detail/CVE-2023-51764 mysqld_exporter<0.15.1 auth-bypass https://pkg.go.dev/vuln/GO-2022-1130 mysqld_exporter<0.15.1 denial-of-service https://pkg.go.dev/vuln/GO-2023-1571 postgres_exporter<0.15.0 auth-bypass https://pkg.go.dev/vuln/GO-2022-1130 postgres_exporter<0.15.0 denial-of-service https://pkg.go.dev/vuln/GO-2023-1571 git-lfs<3.4.1 denial-of-service https://pkg.go.dev/vuln/GO-2023-1571 exim<4.97.1 email-spoofing https://nvd.nist.gov/vuln/detail/CVE-2023-51766 nuclei<3.1.3 man-in-the-middle https://pkg.go.dev/vuln/GO-2023-2402 glow<1.5.1 man-in-the-middle https://pkg.go.dev/vuln/GO-2023-2402 sendmail<8.18.0.2 email-spoofing https://nvd.nist.gov/vuln/detail/CVE-2023-51765 packer<1.9.5 man-in-the-middle https://pkg.go.dev/vuln/GO-2023-2402 ssh-chat-[0-9]* man-in-the-middle https://pkg.go.dev/vuln/GO-2023-2402 influxdb-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2023-1571 lazygit-[0-9]* man-in-the-middle https://pkg.go.dev/vuln/GO-2023-2402 amfora-[0-9]* infinite-loop https://pkg.go.dev/vuln/GO-2021-0238 hub-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2021-0061 nats-server-[0-9]* permissions-checking https://pkg.go.dev/vuln/GO-2022-0386 obfs4proxy-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2023-1571 terraform-provider-aws-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2023-2153 terraform-provider-aws-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2023-1571 authelia-[0-9]* path-traversal https://pkg.go.dev/vuln/GO-2022-0355 authelia-[0-9]* out-of-bounds-read https://pkg.go.dev/vuln/GO-2021-0113 apisprout-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2021-0061 gitea<1.22 man-in-the-middle https://pkg.go.dev/vuln/GO-2023-2402 gitea<1.22 improper-rendering https://pkg.go.dev/vuln/GO-2023-1988 openssh<9.6 command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-51385 libssh<0.10.6 command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-6004 p5-Spreadsheet-ParseExcel<0.6600 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-7101 filezilla<3.66.4 extension-negotiation-downgrade https://nvd.nist.gov/vuln/detail/CVE-2023-48795 libheif<1.17.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-49462 libde265<1.0.15 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-49468 gst-plugins1-bad<1.22.8 buffer-overflow https://gstreamer.freedesktop.org/security/sa-2023-0011.html modular-xorg-server<21.1.11 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-6816 coreutils<9.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-0684 gnutls<3.8.3 timing-side-channel https://nvd.nist.gov/vuln/detail/CVE-2023-0553 py{27,38,39,310,311,312}-Pillow<10.2.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-50447 postgresql-server>=11<12 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages nodejs>=16<18 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages py{27,37,38,39,310,311,312}-aiohttp<3.9.2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-23334 py{27,37,38,39,310,311,312}-aiohttp<3.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-23829 curl<8.6.0 out-of-bounds https://nvd.nist.gov/vuln/detail/CVE-2023-52071 mbedtls<2.28.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-23170 mbedtls>=3<3.5.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-23170 mbedtls<2.28.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-23775 mbedtls>=3<3.5.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-23775 opensc-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-5992 py{27,37,38,39,310,311,312}-octoprint-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-23637 glpi<10.0.12 code-injection https://nvd.nist.gov/vuln/detail/CVE-2023-51446 glpi<10.0.12 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-23645 graphviz<10 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-46045 expat<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-52425 expat<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-52426 webkit-gtk<2.42.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-23222 py{37,38,39,310,311,312}-django>=3.2<3.2.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24680 py{37,38,39,310,311,312}-django>=4.1<4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24680 py{37,38,39,310,311,312}-django>=4.2<4.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24680 libuv>=1.24.0<1.48 address-check-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-24806 postgresql-server>=12<12.18 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2024-0985 postgresql-server>=13<13.14 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2024-0985 postgresql-server>=14<14.11 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2024-0985 postgresql-server>=15<15.6 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2024-0985 postgresql-server>=16<16.2 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2024-0985 asterisk-13.* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages unbound<1.19.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387 unbound<1.19.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868 bind>=9.18<9.18.24 denial-of-service https://kb.isc.org/docs/cve-2023-4408 bind>=9.18<9.18.24 denial-of-service https://kb.isc.org/docs/cve-2023-5517 bind>=9.18<9.18.24 denial-of-service https://kb.isc.org/docs/cve-2023-5679 bind>=9.18<9.18.24 denial-of-service https://kb.isc.org/docs/cve-2023-50387 bind>=9.18<9.18.24 denial-of-service https://kb.isc.org/docs/cve-2023-50868 bind>=9.16<9.16.48 denial-of-service https://kb.isc.org/docs/cve-2023-4408 bind>=9.16<9.16.48 denial-of-service https://kb.isc.org/docs/cve-2023-5517 bind>=9.16<9.16.48 denial-of-service https://kb.isc.org/docs/cve-2023-5679 bind>=9.16<9.16.48 denial-of-service https://kb.isc.org/docs/cve-2023-50387 bind>=9.16<9.16.48 denial-of-service https://kb.isc.org/docs/cve-2023-50868 dnsmasq<2.90 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-50387 dnsmasq<2.90 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-50868 powerdns-recursor<4.8.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-50387 powerdns-recursor<4.8.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-50868 nss<3.98.0 information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-5388 py{27,37,38,39,310,311,312}-dns<2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-29483 py{27,37,38,39,310,311,312}-cryptography<42.0.4 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2024-26130 libcares<1.27.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-25629 ruby{27,30,31,32,33}-rack2>=2.0<2.2.8.1 denial-of-service https://discuss.rubyonrails.org/t/denial-of-service-vulnerability-in-rack-content-type-parsing/84941 ruby{27,30,31,32,33}-rack>=3.0<3.0.9.1 denial-of-service https://discuss.rubyonrails.org/t/denial-of-service-vulnerability-in-rack-content-type-parsing/84941 ruby{27,30,31,32,33}-rack2>=2.0<2.2.8.1 denial-of-service https://discuss.rubyonrails.org/t/possible-dos-vulnerability-with-range-header-in-rack/84944 ruby{27,30,31,32,33}-rack>=3.0<3.0.9.1 denial-of-service https://discuss.rubyonrails.org/t/possible-dos-vulnerability-with-range-header-in-rack/84944 ruby{27,30,31}-actionpack71>=7.1<7.1.3.1 denial-of-service https://discuss.rubyonrails.org/t/possible-redos-vulnerability-in-accept-header-parsing-in-action-dispatch/84946 ruby{27,30,31,32,33}-actionpack70>=7.0<7.0.8.1 cross-site-scripting https://discuss.rubyonrails.org/t/possible-xss-vulnerability-in-action-controller/84947 ruby{27,30,31,32,33}-actionpack71>=7.1<7.1.3.2 cross-site-scripting https://discuss.rubyonrails.org/t/possible-xss-vulnerability-in-action-controller/84947 ruby{27,30,31,32,33}-activestorage61>=6.1<6.1.7.7 information-leak https://discuss.rubyonrails.org/t/possible-sensitive-session-information-leak-in-active-storage/84945 ruby{27,30,31,32,33}-activestorage70>=7.0<7.0.8.1 information-leak https://discuss.rubyonrails.org/t/possible-sensitive-session-information-leak-in-active-storage/84945 ruby{27,30,31}-rack2>=2.0<2.2.8.1 denial-of-service https://discuss.rubyonrails.org/t/possible-denial-of-service-vulnerability-in-rack-header-parsing/84942 ruby{27,30,31}-rack>=3.0<3.0.9.1 denial-of-service https://discuss.rubyonrails.org/t/possible-denial-of-service-vulnerability-in-rack-header-parsing/84942 py{27,37,38,39,310,311,312}-cbor2<5.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-26134 wolfssl<5.6.6 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-6936 mantis<2.26.1 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-23830 wireshark<4.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24478 wireshark<4.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24476 wireshark<4.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24479 routinator<0.13.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-1622 yasm-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2024-25760 fontforge<20230101nb6 command-injection https://nvd.nist.gov/vuln/detail/CVE-2024-25081 fontforge<20230101nb6 command-injection https://nvd.nist.gov/vuln/detail/CVE-2024-25082 opendmarc-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2024-25768 py{37,38,39,310,311,312}-django>=3<3.2.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-27351 py{37,38,39,310,311,312}-django>=4<4.2.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-27351 py{37,38,39,310,311,312}-django>=5<5.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-27351 go121<1.21.8 information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-45289 go121<1.21.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24783 go122<1.22.1 information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-45289 go122<1.22.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24783 py{37,38,39,310,311,312}-fonttools>4.28.2<4.43.0 xml-external-entity-vulnerability https://nvd.nist.gov/vuln/detail/CVE-2023-45139 expat<2.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-28757 python38<3.8.19 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-6597 python39<3.9.19 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-6597 python310<3.10.14 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-6597 python311<3.11.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-6597 python312<3.12.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-6597 gnutls<3.8.4 timing-side-channel https://nvd.nist.gov/vuln/detail/CVE-2024-28834 ruby31-base>=3.1<3.1.4nb3 buffer-overread https://www.ruby-lang.org/en/news/2024/03/21/buffer-overread-cve-2024-27280/ ruby31-base>=3.1<3.1.4nb3 remote-code-execution https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/ ruby32-base>=3.2<3.2.3nb1 remote-code-execution https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/ ruby33>=3.3<3.3.0nb1 remote-code-execution https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/ firefox<124.0.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2024-29944 emacs<29.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2024-30205 webkit-gtk<2.44.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42950 curl<8.7.0 improper-validation-of-certificate https://nvd.nist.gov/vuln/detail/CVE-2024-2466 xz>=5.6<5.6.1nb100 backdoor https://www.openwall.com/lists/oss-security/2024/03/29/4 modular-xorg-server<21.1.12 heap-buffer-overread https://nvd.nist.gov/vuln/detail/CVE-2024-31080 modular-xorg-xwayland<23.2.5 heap-buffer-overread https://nvd.nist.gov/vuln/detail/CVE-2024-31080 nodejs>=18<18.20.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-27983 nodejs>=20<20.12.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-27983 nodejs>=21<21.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-27983 go121<1.21.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-45288 go122<1.22.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-45288 nghttp2<1.61.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-28182 apache<2.4.59 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-28182 php{80,81,82}-concrete-cms<9.2.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-2753 php{80,81,82}-concrete-cms<9.2.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-3178 php{80,81,82}-concrete-cms<9.2.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-3179 php{80,81,82}-concrete-cms<9.2.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-3180 php{80,81,82}-concrete-cms<9.2.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-3181 p5-HTTP-Body<1.23 shell-escape https://nvd.nist.gov/vuln/detail/CVE-2013-4407 php>=8.1<8.1.28 command-injection https://github.com/php/php-src/security/advisories/GHSA-pc52-254m-w9w7 php>=8.1.11<8.1.28 security-bypass https://github.com/php/php-src/security/advisories/GHSA-wpj3-hf5j-x4v4 php>=8.1<8.1.28 authentication-bypass https://github.com/php/php-src/security/advisories/GHSA-h746-cjrr-wfmr php>=8.2<8.2.18 command-injection https://github.com/php/php-src/security/advisories/GHSA-pc52-254m-w9w7 php>=8.2<8.2.18 security-bypass https://github.com/php/php-src/security/advisories/GHSA-wpj3-hf5j-x4v4 php>=8.2<8.2.18 authentication-bypass https://github.com/php/php-src/security/advisories/GHSA-h746-cjrr-wfmr php>=8.3<8.3.5 command-injection https://github.com/php/php-src/security/advisories/GHSA-pc52-254m-w9w7 php>=8.3<8.3.5 security-bypass https://github.com/php/php-src/security/advisories/GHSA-wpj3-hf5j-x4v4 php>=8.3<8.3.5 authentication-bypass https://github.com/php/php-src/security/advisories/GHSA-h746-cjrr-wfmr php>=7.4<8.0 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php>=8.0<8.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages putty<0.81 secret-key-recovery https://nvd.nist.gov/vuln/detail/CVE-2024-31497 filezilla<3.67.0 secret-key-recovery https://nvd.nist.gov/vuln/detail/CVE-2024-31497 ruby31-base>=3.1<3.1.5 arbitrary-memory-read https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/ ruby32-base>=3.2<3.2.4 arbitrary-memory-read https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/ ruby33>=3.3<3.3.1 arbitrary-memory-read https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/ R<4.4.0 arbirary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-27322 py{27,37,38,39,310,311,312}-aiohttp<3.9.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-30251 p5-Email-MIME<1.954 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-4140 uriparser<0.9.8 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-34402 uriparser<0.9.8 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-34403 tinyproxy<1.11.1nb2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-49606 unbound<1.20.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33655 phpldapadmin<1.2.6.7 cross-site-scripting https://github.com/leenooks/phpLDAPadmin/commit/d59cbfef5d8a78da55e4c1919862e9e3968b3715 go121<1.21.10 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-24787 go122<1.22.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-24787 vim<9.1.0404 buffer-overflow https://github.com/vim/vim/commit/67797191e039196128c69 git-base<2.45.1 execute-arbitrary-code https://nvd.nist.gov/vuln/detail/CVE-2024-32002 git-base<2.45.1 execute-arbitrary-code https://nvd.nist.gov/vuln/detail/CVE-2024-32004 git-base<2.45.1 insufficient-checks https://nvd.nist.gov/vuln/detail/CVE-2024-32020 git-base<2.45.1 toctou https://nvd.nist.gov/vuln/detail/CVE-2024-32021 git-base<2.45.1 execute-arbitrary-code https://nvd.nist.gov/vuln/detail/CVE-2024-32465 dino<0.4.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-28686 ghostscript-gpl-[0-9]* unknown https://nvd.nist.gov/vuln/detail/CVE-2023-52722 ghostscript-agpl<10.03.1 unknown https://nvd.nist.gov/vuln/detail/CVE-2023-52722 asterisk<18.23.1 authentication-bypass https://github.com/asterisk/asterisk/security/advisories/GHSA-qqxj-v78h-hrf9 asterisk>=20<20.8.1 authentication-bypass https://github.com/asterisk/asterisk/security/advisories/GHSA-qqxj-v78h-hrf9 asterisk>=21<21.3.1 authentication-bypass https://github.com/asterisk/asterisk/security/advisories/GHSA-qqxj-v78h-hrf9 keepassxc-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-33900 keepassxc-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-33901 py{27,37,38,39,310,311,312}-requests<2.32.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-35195 py{37,38,39,310,311,312}-mysql<1.1.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2024-36039 gst-plugins1-base<1.24.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-4453 lighttpd-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-3708 libarchive<3.7.4 out-of-bounds-access https://nvd.nist.gov/vuln/detail/CVE-2024-26256 nginx<1.26.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-31079 nginx<1.26.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-34161 php>=8.1<8.1.29 argument-injection https://nvd.nist.gov/vuln/detail/CVE-2024-4577 php>=8.2<8.2.20 argument-injection https://nvd.nist.gov/vuln/detail/CVE-2024-4577 php>=8.3<8.3.8 argument-injection https://nvd.nist.gov/vuln/detail/CVE-2024-4577 vte<0.76.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-37535 vte3<0.76.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-37535 libxml2<2.12.5 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2024-25062 libxml2<2.12.7 buffer-overread https://nvd.nist.gov/vuln/detail/CVE-2024-34459 python38<3.8.20 race-condition https://github.com/python/cpython/issues/114572 python39<3.9.20 race-condition https://github.com/python/cpython/issues/114572 python310<3.10.4 race-condition https://github.com/python/cpython/issues/114572 python311<3.11.9 race-condition https://github.com/python/cpython/issues/114572 python312<3.12.3 race-condition https://github.com/python/cpython/issues/114572 python38<3.8.20 ip-range-classification https://github.com/python/cpython/issues/113171 python39<3.9.20 ip-range-classification https://github.com/python/cpython/issues/113171 python310<3.10.15 ip-range-classification https://github.com/python/cpython/issues/113171 python311<3.11.10 ip-range-classification https://github.com/python/cpython/issues/113171 python312<3.12.4 ip-range-classification https://github.com/python/cpython/issues/113171 emacs29<29.4 remote-user-access https://list.orgmode.org/87sex5gdqc.fsf@localhost/ emacs28-[0-9]* remote-user-access https://list.orgmode.org/87sex5gdqc.fsf@localhost/ emacs27-[0-9]* remote-user-access https://list.orgmode.org/87sex5gdqc.fsf@localhost/ emacs26-[0-9]* remote-user-access https://list.orgmode.org/87sex5gdqc.fsf@localhost/ samba4<4.19.7 memory-corruption https://www.openwall.com/lists/oss-security/2024/06/24/3 samba4>=4.20<4.20.2 memory-corruption https://www.openwall.com/lists/oss-security/2024/06/24/3 mit-krb5>=1.3<1.21.3 truncate-message https://nvd.nist.gov/vuln/detail/CVE-2024-37370 mit-krb5>=1.3<1.21.3 invalid-memory-read https://nvd.nist.gov/vuln/detail/CVE-2024-37371 apache<2.4.60 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-39573 apache<2.4.60 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-38477 apache<2.4.60 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-38476 apache<2.4.60 code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-38475 apache<2.4.60 code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-38474 apache<2.4.60 bypass-authentication https://nvd.nist.gov/vuln/detail/CVE-2024-38473 apache<2.4.60 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-38472 apache<2.4.60 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-36387 apache<2.4.61 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-39884 znc<1.9.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-39844 7-zip<24.01 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-52168 py{37,38,39,310,311,312}-django>=4<4.2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-38875 py{37,38,39,310,311,312}-django>=5<5.0.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-38875 exim<4.98 smtp-smuggling-attack https://nvd.nist.gov/vuln/detail/CVE-2023-51766 py{38,39,310,311,312}-httpie-[0-9]* improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2023-48052 exiv2<0.28.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-39695 apache<2.4.62 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-40725 mit-krb5<1.21.3 truncated-token https://nvd.nist.gov/vuln/detail/CVE-2024-37370 mit-krb5<1.21.3 invalid-memory-reads https://nvd.nist.gov/vuln/detail/CVE-2024-37371 libcurl-gnutls>8.6.0<8.9.0 free-of-memory-not-on-heap https://nvd.nist.gov/vuln/detail/CVE-2024-6197 mysql-client-5.6.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-server-5.6.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-client-5.7.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-server-5.7.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages orc<0.4.39 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-40897 curl<8.9.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-7264 vim<9.1.0647 double-free https://github.com/vim/vim/security/advisories/GHSA-f9cr-gv85-hcr4 vim<9.1.0648 double-free https://github.com/vim/vim/security/advisories/GHSA-46pw-v7qw-xc2f py{37,38,39,310,311,312}-django>=4<4.2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-41991 py{37,38,39,310,311,312}-django>=5<5.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-41991 php{56,74,80,81,82,83}-roundcube<1.6.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-42009 nodejs>=18<18.20.4 code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-22020 dovecot<2.3.21.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-23184 dovecot<2.3.21.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-23185 unbound<1.21.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-43167 webkit-gtk<2.44.3 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2024-4558 py{38,39,310,311,312}-WebOb<1.8.8 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2024-42353 vim<9.1.0689 heap-buffer-overflow https://github.com/vim/vim/security/advisories/GHSA-v2x2-cjcg-f9jm python38<3.8.20 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2024-8088 python39<3.9.20 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2024-8088 python310<3.10.15 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2024-8088 python311<3.11.10 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2024-8088 python312<3.12.6 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2024-8088 apr<1.7.5 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-49582 vim<9.1.0697 heap-buffer-overflow https://github.com/vim/vim/security/advisories/GHSA-4ghr-c62x-cqfh vim<9.1.0707 heap-buffer-overflow https://github.com/vim/vim/security/advisories/GHSA-wxf9-c5gx-qrwr go122<1.22.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-34155 go122<1.22.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-34156 go122<1.22.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-34158 go123<1.23.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-34155 go123<1.23.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-34156 go123<1.23.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-34158 expat<2.6.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-45490 expat<2.6.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-45491 expat<2.6.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-45492 python38<3.8.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-6232 python39<3.9.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-6232 python310<3.10.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-6232 python311<3.11.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-6232 python312<3.12.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-6232 openssl<3.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-6119 py{38,39,310,311,312}-django>=4<4.2.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-45230 py{38,39,310,311,312}-django>=5<5.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-45230 gtk3+<3.24.43 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-6655 libcurl-gnutls<8.10.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2024-8096 webkit-gtk<2.46.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-40857 olm-[0-9]* observable-timing-discrepancy https://nvd.nist.gov/vuln/detail/CVE-2024-45191 olm-[0-9]* use-of-a-broken-or-risky-cryptographic-algorithm https://nvd.nist.gov/vuln/detail/CVE-2024-45193 olm-[0-9]* convert-timing-channel https://nvd.nist.gov/vuln/detail/CVE-2024-45192 olm-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages cups-base<2.4.10nb1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-47176 cups-base<2.4.10nb1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-47076 cups-base<2.4.10nb1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-47175 cups-base<2.4.10nb1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-47177 unbound<1.21.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-8508 powerdns-recursor<4.9.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-25590 libgsf<1.14.53 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-42415 python38-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages libarchive<3.7.5 out-of-bounds-access https://nvd.nist.gov/vuln/detail/CVE-2024-48957 libarchive<3.7.5 out-of-bounds-access https://nvd.nist.gov/vuln/detail/CVE-2024-48958 element-web<1.11.81 expose-access-tokens https://nvd.nist.gov/vuln/detail/CVE-2024-47771 mpg123<1.32.8 heap-buffer-overflow https://mpg123.org/cgi-bin/news.cgi#2024-10-26 modular-xorg-server<21.1.14 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-9632 modular-xorg-xwayland<24.1.4 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-9632 webkit-gtk<2.46.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-44244 curl<8.11.0 comparison-using-wrong-factors https://nvd.nist.gov/vuln/detail/CVE-2024-9681 libsoup3<3.6.0 request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2024-52530 libsoup3<3.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-52532 openafs<1.6.25 privilege-escalation http://openafs.org/pages/security/OPENAFS-SA-2024-001.txt openafs>=1.7<1.8.13 privilege-escalation http://openafs.org/pages/security/OPENAFS-SA-2024-001.txt openafs<1.6.25 denial-of-service http://openafs.org/pages/security/OPENAFS-SA-2024-002.txt openafs>=1.7<1.8.13 denial-of-service http://openafs.org/pages/security/OPENAFS-SA-2024-002.txt openafs<1.6.25 buffer-overflow http://openafs.org/pages/security/OPENAFS-SA-2024-003.txt openafs>=1.7<1.8.13 buffer-overflow http://openafs.org/pages/security/OPENAFS-SA-2024-003.txt postgresql-server>=12<13 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages wget<1.25.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-10524 webkit-gtk<2.46.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-44308 py{38,39,310,311,312}-django>=4<4.2.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-53907 py{38,39,310,311,312}-django>=5<5.1.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-53907 curl<8.11.1 credential-leak https://nvd.nist.gov/vuln/detail/CVE-2024-11053 gstreamer-1.24.10 multiple-vulnerabilities https://discourse.gstreamer.org/t/gstreamer-1-24-10-stable-bug-fix-release/3683 firefox<131.0.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-9680 firefox128<128.3.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-9680 firefox115<115.16.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-9680 liboqs<0.12.0 incorrect-decapsulation https://nvd.nist.gov/vuln/detail/CVE-2024-54137 #CHECKSUM SHA1 2d1d09de77bfd8bbfe4fc8fd12f92a3338d659c6