# $NetBSD: pkg-vulnerabilities,v 1.263 2024/09/27 07:09:23 wiz Exp $ # #FORMAT 1.0.0 # # Please read "Handling packages with security problems" in the pkgsrc # guide before editing this file. # # Note: NEVER remove entries from this file; this should document *all* # known package vulnerabilities so it is entirely appropriate to have # multiple entries in this file for a single package, and to contain # entries for packages which have been removed from pkgsrc. # # New entries should be added at the end of this file. # # Please ask pkgsrc-security to update the copy on ftp.NetBSD.org after # making changes to this file. # # The command to run for this update is "./pkg-vuln-update.sh", but it needs # access to the private GPG key for pkgsrc-security. # # If you have comments/additions/corrections, please contact # pkgsrc-security@NetBSD.org. # # Note: If this file format changes, please do not forget to update # pkgsrc/mk/scripts/genreadme.awk which also parses this file. # # package type of exploit URL cfengine<1.5.3nb3 remote-root-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-013.txt.asc navigator<4.75 remote-user-access http://www.cert.org/advisories/CA-2000-15.html navigator<4.74 remote-user-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-011.txt.asc communicator<4.75 remote-user-access http://www.cert.org/advisories/CA-2000-15.html communicator<4.74 remote-user-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-011.txt.asc pine<4.30 remote-user-shell http://www.securityfocus.com/bid/1709 pine<4.21nb1 denial-of-service http://www.securityfocus.com/advisories/2646 imap-uw<4.7c6 denial-of-service http://www.securityfocus.com/advisories/2646 screen<3.9.5nb1 local-root-shell http://www.securityfocus.com/advisories/2634 ntop<1.1 remote-root-shell http://www.securityfocus.com/advisories/2520 wu-ftpd<2.6.1 remote-root-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-010.txt.asc wu-ftpd<2.4.2b18.2 remote-root-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA1999-003.txt.asc xlockmore<4.17 local-root-file-view ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-003.txt.asc lsof<4.41 local-root-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA1999-005.txt.asc wu-ftpd<2.6.0 remote-root-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA1999-003.txt.asc racoon<20001004a local-root-file-view http://mail-index.NetBSD.org/tech-net/2000/09/24/0000.html global<3.56 remote-user-access http://www.NetBSD.org/cgi-bin/query-pr-single.pl?number=11165 apache<1.3.14 remote-user-access http://httpd.apache.org/dist/httpd/CHANGES_1.3 apache6<1.3.14 remote-user-access http://httpd.apache.org/dist/httpd/CHANGES_1.3 thttpd<2.20 remote-user-access http://www.dopesquad.net/security/advisories/20001002-thttpd-ssi.txt bind<8.2.2.7 denial-of-service http://www.isc.org/products/BIND/bind-security.html gnupg<1.0.4 weak-authentication http://www.gnupg.org/whatsnew.html#rn20001017 pine<=4.21 remote-root-shell ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:59.pine.asc navigator<4.76 remote-root-shell ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00%3A66.netscape.asc navigator3<4.76 remote-root-shell ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00%3A66.netscape.asc openssh<2.3.0 weak-authentication http://www.openbsd.org/errata27.html#sshforwarding ethereal<=0.8.13 remote-root-shell http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Ffromthread%3D1%26end%3D2000-11-25%26mid%3D145761%26start%3D2000-11-19%26list%3D1%26threads%3D0%26 php<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3 php-gd<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3 php-ldap<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3 php-mysql<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3 php-pgsql<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3 php-snmp<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3 racoon<20001211a denial-of-service http://www.kame.net/ LPRng<3.6.25 remote-root-shell http://www.cert.org/advisories/CA-2000-22.html jakarta-tomcat<3.1.1 remote-server-admin http://jakarta.apache.org/site/news.html jakarta-tomcat<3.2.3 cross-site-html http://www.securityfocus.com/bid/2982 fsh<1.1 local-root-file-view http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1135 bitchx<1.0.3.17nb1 remote-user-shell http://www.securityfocus.com/bid/2087 namazu<1.3.0.11 remote-file-creation http://www.namazu.org/security.html.en zope<2.2.5 weak-authentication http://www.zope.org/Products/Zope/ bind<8.2.3 remote-root-shell http://www.cert.org/advisories/CA-2001-02.html suse{,32}_base<6.4nb2 local-root-shell http://www.suse.com/de/support/security/2001_001_glibc_txt.txt ja-micq<0.4.6.1 remote-user-shell http://www.freebsd.org/security/#adv micq<0.4.6.1 remote-user-shell http://www.freebsd.org/security/#adv ssh<1.2.27nb1 remote-root-shell http://razor.bindview.com/publish/advisories/adv_ssh1crc.html ssh6<=1.2.31 remote-root-shell http://razor.bindview.com/publish/advisories/adv_ssh1crc.html openssh<2.3.0 remote-root-shell http://razor.bindview.com/publish/advisories/adv_ssh1crc.html camediaplay<20010211 local-user-shell ftp://ftp.itojun.org/pub/digi-cam/C-400/unix/README analog<4.16 remote-user-shell http://www.analog.cx/security2.html gnupg<1.0.4nb3 weak-authentication http://www.gnupg.org/whatsnew.html#rn20001130 xemacs<21.1.14 remote-user-shell http://list-archive.xemacs.org/xemacs-announce/200102/msg00000.html sudo<1.6.3p6 local-root-shell http://www.openbsd.org/errata36.html#sudo Mesa-glx<=20000813 local-root-shell http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-029.php3?dis=7.2 apache<1.3.19 remote-user-access http://httpd.apache.org/dist/httpd/Announcement.html apache6<1.3.19 remote-user-access http://httpd.apache.org/dist/httpd/Announcement.html exmh<2.3 local-symlink-race http://www.beedub.com/exmh/symlink.html samba<2.0.8 local-symlink-race http://www.securityfocus.com/templates/archive.pike?list=1&mid=177370 hylafax<4.1b3 local-root-shell http://www.securityfocus.com/archive/1/176716 squirrelmail<1.0.5 remote-user-access http://www.geocrawler.com/lists/3/SourceForge/599/500/5567091/ kdelibs-2.1 local-root-shell http://dot.kde.org/988663144/ icecast<1.3.10 remote-user-access http://www.securityfocus.com/bid/2264 joe<2.8nb1 local-file-write http://www.securityfocus.com/bid/1959 joe<2.8nb1 local-user-shell http://www.securityfocus.com/bid/2437 openssh<2.9.2 remote-file-write http://www.openbsd.org/errata.html#sshcookie w3m<0.2.1.0.19nb1 remote-user-shell http://mi.med.tohoku.ac.jp/~satodai/w3m-dev-en/200106.month/537.html samba<2.0.10 local-root-shell http://www.samba.org/samba/whatsnew/macroexploit.html samba-2.2.0 local-root-shell http://www.samba.org/samba/whatsnew/macroexploit.html samba-2.2.0nb1 local-root-shell http://www.samba.org/samba/whatsnew/macroexploit.html fetchmail<5.8.8 remote-user-access http://www.securityfocus.com/vdb/?id=2877 openldap<1.2.12 denial-of-service http://www.cert.org/advisories/CA-2001-18.html horde<1.2.6 remote-user-shell http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26mid%3D198495 imp<1.2.6 remote-user-shell http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26mid%3D198495 fetchmail<5.8.17 remote-user-shell http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26mid%3D203165 windowmaker<0.65.1 remote-user-shell http://www.debian.org/security/2001/dsa-074 sendmail<8.11.6 local-root-shell ftp://ftp.sendmail.org/pub/sendmail/RELEASE_NOTES gnut<0.4.27 remote-script-inject http://www.gnutelliums.com/linux_unix/gnut/ screen<3.9.10 local-root-shell http://lists.opensuse.org/opensuse-security-announce/2000-Sep/0005.html openssh<2.9.9.2 remote-user-access http://www.securityfocus.com/cgi-bin/archive.pl?id=1&mid=216702&start=2001-09-23&end=2001-09-29 w3m<0.2.1.0.19nb2 weak-authentication http://mi.med.tohoku.ac.jp/~satodai/w3m-dev/200109.month/2226.html procmail<3.20 local-root-shell http://www.somelist.com/mail.php/282/view/1200950 slrn<0.9.7.2nb1 remote-script-inject http://slrn.sourceforge.net/patches/index.html#subsect_decode nvi-m17n<1.79.19991117 local-user-shell http://www.securityfocus.com/archive/1/221880 mgetty<1.1.22 denial-of-service ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00%3A71.mgetty.asc kdeutils-2.2.1 local-root-shell http://lists.kde.org/?l=kde-announce&m=100535642201983&w=2 imp<2.2.7 remote-file-view http://www.securityfocus.com/archive/1/225686 libgtop<1.0.12nb1 remote-user-shell http://www.intexxia.com/ wu-ftpd<=2.6.1 remote-root-shell http://msgs.securepoint.com/cgi-bin/get/bugtraq0111/199.html radius-3.6B remote-user-shell http://xforce.iss.net/alerts/advise87.php exim<3.34 remote-user-shell http://www.exim.org/pipermail/exim-announce/2001q4/000048.html stunnel<3.22 remote-user-shell http://www.stunnel.org/patches/desc/formatbug_ml.html mutt<1.2.5.1 remote-user-shell http://www.mutt.org/announce/mutt-1.2.5.1-1.3.25.html mutt-1.3.1* remote-user-shell http://www.mutt.org/announce/mutt-1.2.5.1-1.3.25.html mutt-1.3.2[0-4]* remote-user-shell http://www.mutt.org/announce/mutt-1.2.5.1-1.3.25.html cyrus-sasl<1.5.27 remote-code-execution http://www.securityfocus.com/bid/3498 openldap<2.0.20 denial-of-service http://www.openldap.org/lists/openldap-announce/200201/msg00002.html xchat<1.8.7 remote-command-injection http://xchat.org/ enscript<1.6.1nb1 local-file-write http://www.securityfocus.com/bid/3920 rsync<2.5.2 remote-code-execution http://lists.samba.org/pipermail/rsync-announce/2002-January/000005.html squirrelmail-1.2.[0-3] remote-code-execution http://www.securityfocus.com/bid/3952 gnuchess<5.03 remote-user-shell http://linux.oreillynet.com/pub/a/linux/2002/01/28/insecurities.html ucd-snmp<4.2.3 weak-authentication http://www.cert.org/advisories/CA-2002-03.html ucd-snmp<4.2.3 denial-of-service http://www.cert.org/advisories/CA-2002-03.html ucd-snmp<4.2.3nb1 remote-user-shell http://www.securityfocus.com/archive/1/248141 squid<2.4.4 remote-user-shell http://www.squid-cache.org/Advisories/SQUID-2002_1.txt ap-php<3.0.18nb1 remote-code-execution http://security.e-matters.de/advisories/012002.html php<3.0.18nb1 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.1pl2 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.3pl1 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.3pl1nb1 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.4 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.4.1 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.4.1nb1 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.5 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.6 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.1.0 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.1.1 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.0.3pl1 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.0.4 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.0.4.1 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.0.4.1nb1 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.0.5 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.0.6 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.1.0 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.1.1 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.3.0 remote-code-execution http://www.php.net/release_4_3_1.php radiusd-cistron<1.6.6 denial-of-service http://www.kb.cert.org/vuls/id/936683 radiusd-cistron<1.6.6 remote-code-execution http://www.kb.cert.org/vuls/id/589523 openssh<3.0.2.1nb2 local-root-shell http://www.pine.nl/advisories/pine-cert-20020301.txt htdig<3.1.6 denial-of-service http://online.securityfocus.com/bid/3410 htdig<3.1.6 local-user-file-view http://online.securityfocus.com/bid/3410 fileutils<4.1.7 local-file-removal http://mail.gnu.org/pipermail/bug-fileutils/2002-March/002433.html zlib<1.1.4 denial-of-service http://www.zlib.org/advisory-2002-03-11.txt rsync<2.5.3 remote-user-file-view http://lists.samba.org/pipermail/rsync-announce/2002-March/000006.html suse{,32}_base<6.4nb5 denial-of-service http://www.zlib.org/advisory-2002-03-11.txt icecast<1.3.11 remote-root-shell http://www.debian.org/security/2001/dsa-089 sun-{jre,jdk}<1.3.1.0.2 remote-code-execution http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/218&type=0&nav=sec.sba analog<5.22 remote-script-inject http://www.analog.cx/docs/whatsnew.html jakarta-tomcat<3.2.3nb1 cross-site-scripting http://httpd.apache.org/info/css-security/ sudo<1.6.6 local-root-shell http://www.sudo.ws/sudo/alerts/prompt.html squirrelmail<1.2.6 remote-code-execution http://cert.uni-stuttgart.de/archive/bugtraq/2002/03/msg00414.html analog<5.23 denial-of-service http://www.analog.cx/security5.html icecast<1.3.12 denial-of-service http://online.securityfocus.com/bid/4415 qpopper<4.0.4 denial-of-service http://online.securityfocus.com/bid/4295 qpopper<4.0.4nb1 local-root-shell http://online.securityfocus.com/bid/4614 imap-uw<2001.1 local-root-shell http://online.securityfocus.com/bid/4713 fetchmail<5.9.10 remote-user-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0146 gaim<0.58 local-user-file-view http://online.securityfocus.com/archive/1/272180 mozilla<1.0rc3 remote-user-file-view http://groups.google.com/groups?as_umsgid=3CD095D4.9050003%40mozilla.org&hl=en ethereal<0.9.4 remote-user-access http://www.ethereal.com/appnotes/enpa-sa-00004.html bind-9.[01].* denial-of-service http://www.cert.org/advisories/CA-2002-15.html bind-9.2.0* denial-of-service http://www.cert.org/advisories/CA-2002-15.html bind-9.2.1rc* denial-of-service http://www.cert.org/advisories/CA-2002-15.html bind-8.3.0 denial-of-service http://www.isc.org/products/BIND/bind8.html xchat<1.8.9 remote-user-shell http://www.linuxsecurity.com/advisories/redhat_advisory-2107.html apache<1.3.26 remote-root-shell http://httpd.apache.org/info/security_bulletin_20020617.txt apache6<1.3.26 remote-root-shell http://httpd.apache.org/info/security_bulletin_20020617.txt apache-2.0.1? remote-root-shell http://httpd.apache.org/info/security_bulletin_20020617.txt apache-2.0.2? remote-root-shell http://httpd.apache.org/info/security_bulletin_20020617.txt apache-2.0.3[0-8]* remote-root-shell http://httpd.apache.org/info/security_bulletin_20020617.txt irssi<0.8.5 denial-of-service http://online.securityfocus.com/archive/1 #ap-ssl<2.8.10 remote-root-shell http://www.apache-ssl.org/advisory-20020620.txt ap-ssl<2.8.10 remote-root-shell http://www.modssl.org/news/changelog.html apache<1.3.26nb1 remote-root-shell http://www.apache-ssl.org/advisory-20020620.txt apache6<1.3.26nb1 remote-root-shell http://www.apache-ssl.org/advisory-20020620.txt bind<4.9.7nb1 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html #compat12<=1.2.1 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html #compat13<=1.3.3nb1 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html compat14<1.4.3.2 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html openssh<3.4 remote-root-shell https://nvd.nist.gov/vuln/detail/CVE-2002-0639 #bind<=9.2.1 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html bind<8.3.3 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html socks5<1.0.2nb2 remote-root-shell http://online.securityfocus.com/archive/1/9842 socks5-1.0.[3-9]* remote-root-shell http://online.securityfocus.com/archive/2/9842 socks5-1.0.1[0-1]* remote-root-shell http://online.securityfocus.com/archive/2/9842 ipa<1.2.7 local-access http://www.NetBSD.org/cgi-bin/query-pr-single.pl?number=17434 ethereal<0.9.5 remote-root-shell http://www.ethereal.com/appnotes/enpa-sa-00005.html squid<2.4.7 remote-user-shell http://www.squid-cache.org/Advisories/SQUID-2002_3.txt nn<6.6.4 remote-user-shell http://online.securityfocus.com/bid/5160 inn<2.3.0 remote-user-shell http://online.securityfocus.com/bid/2620 cvsup-gui<=16.1.d remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html cvsup<=16.1.d remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html xpilot<4.5.1 remote-user-shell http://online.securityfocus.com/bid/4534 gnut<0.4.28 remote-user-shell http://online.securityfocus.com/bid/3267/ wwwoffle<2.7c denial-of-service http://bespin.org/~qitest1/adv/wwwoffle-2.7b.asc png<1.2.4 remote-user-shell ftp://swrinde.nde.swri.edu/pub/png-group/archives/png-list.200207 php-4.2.[01] remote-user-shell http://security.e-matters.de/advisories/022002.html ap-php-4.2.[01] remote-user-shell http://security.e-matters.de/advisories/022002.html srp_client<1.7.5 unknown http://www-cs-students.stanford.edu/~tjw/srp/download.html hylafax<4.1.3 remote-root-shell http://www.securityfocus.com/bid/3357 openssl<0.9.6e remote-root-shell http://www.openssl.org/news/secadv_20020730.txt libmm<1.2.1 local-root-shell http://online.securityfocus.com/bid/5352 openssl<0.9.6f denial-of-service http://www.openssl.org/news/secadv_20020730.txt png<=1.0.12 remote-user-shell http://online.securityfocus.com/bid/5409 kdelibs-2.1.* weak-ssl-authentication http://online.securityfocus.com/archive/1/286290/2002-08-08/2002-08-14/2 kdelibs-2.2.1* weak-ssl-authentication http://online.securityfocus.com/archive/1/286290/2002-08-08/2002-08-14/2 kdelibs-2.2.2{,nb1} weak-ssl-authentication http://online.securityfocus.com/archive/1/286290/2002-08-08/2002-08-14/2 kdelibs-3.0.[12] weak-ssl-authentication http://online.securityfocus.com/archive/1/286290/2002-08-08/2002-08-14/2 arla<0.35.9 denial-of-service http://www.stacken.kth.se/lists/arla-drinkers/2002-08/msg00019.html arla<0.35.9 remote-root-shell http://www.stacken.kth.se/lists/arla-drinkers/2002-08/msg00019.html ethereal<0.9.6 remote-root-shell http://www.ethereal.com/appnotes/enpa-sa-00006.html bind<4.9.10 remote-root-shell http://www.kb.cert.org/vuls/id/738331 compat14<1.4.3.2 remote-root-shell http://www.kb.cert.org/vuls/id/738331 compat14-crypto<1.4.3.2 remote-root-shell http://www.kb.cert.org/vuls/id/738331 netbsd32_compat14<1.4.3.2 remote-root-shell http://www.kb.cert.org/vuls/id/738331 compat15<1.5.3.1 remote-root-shell http://www.kb.cert.org/vuls/id/738331 netbsd32_compat15<1.5.3.1 remote-root-shell http://www.kb.cert.org/vuls/id/738331 postgresql-server<7.2.2 remote-code-execution http://online.securityfocus.com/archive/1/288998 gaim<0.59.1 remote-code-execution http://sourceforge.net/tracker/index.php?func=detail&aid=584252&group_id=235&atid=100235 gaim-gnome<0.59.1 remote-code-execution http://sourceforge.net/tracker/index.php?func=detail&aid=584252&group_id=235&atid=100235 mozilla<1.1 remote-file-read http://archives.neohapsis.com/archives/bugtraq/2002-07/0259.html mozilla<1.1 remote-file-read http://www.geocities.co.jp/SiliconValley/1667/advisory03e.html freebsd_lib<=2.2.7 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html opera<6.03 remote-user-shell http://www.opera.com/linux/changelog/log603.html wmnet<1.06nb3 local-root-shell http://www.securiteam.com/unixfocus/5HP0F1P8AM.html apache-2.0.3[0-9]* denial-of-service http://www.apacheweek.com/issues/02-09-27#apache2042 apache-2.0.4[0-1]* denial-of-service http://www.apacheweek.com/issues/02-09-27#apache2042 fetchmail<6.1.0 remote-code-execution http://security.e-matters.de/advisories/032002.html unzip<=5.42 local-file-write http://online.securityfocus.com/archive/1/196445 apache-2.0.3[0-9]* remote-root-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0840 apache-2.0.4[0-2]* remote-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0840 net-snmp<5.0.5 denial-of-service http://sourceforge.net/forum/forum.php?forum_id=215540 sendmail<8.12.6nb1 local-user-shell http://www.sendmail.org/smrsh.adv.txt apache<1.3.27 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0843 apache<1.3.27 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0839 apache<1.3.27 local-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0840 apache6<1.3.27 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0843 apache6<1.3.27 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0839 apache6<1.3.27 local-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0840 gv<3.5.8nb2 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1569 logsurfer<1.5.2 local-user-shell http://www.cert.dfn.de/eng/team/wl/logsurf/ suse{,32}_base<7.3nb1 remote-code-execution http://www.suse.com/de/security/2002_031_glibc.html suse{,32}_devel<7.3nb1 remote-code-execution http://www.suse.com/de/security/2002_031_glibc.html kdegraphics<2.2.2nb2 remote-code-execution http://www.kde.org/info/security/advisory-20021008-1.txt kdegraphics-3.0.[123]* remote-code-execution http://www.kde.org/info/security/advisory-20021008-1.txt kdenetwork-3.0.[123]* remote-file-read http://www.kde.org/info/security/advisory-20021008-2.txt gtar-base<1.13.25 local-file-write http://online.securityfocus.com/archive/1/196445 kth-krb4<1.2.1 remote-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2002-002-kadm4.txt inn<2.3.3 local-user-shell http://online.securityfocus.com/bid/6049 inn<2.3.3 local-user-shell http://online.securityfocus.com/bid/4501 fetchmail<6.1.0 remote-user-shell http://online.securityfocus.com/bid/5825 fetchmail<6.1.0 denial-of-service http://online.securityfocus.com/bid/5826 fetchmail<6.1.0 remote-user-shell http://online.securityfocus.com/bid/5827 squirrelmail<1.2.8 remote-script-inject http://online.securityfocus.com/bid/5763 bind<4.9.10nb1 remote-root-shell http://www.isc.org/products/BIND/bind-security.html bind<8.3.3nb1 remote-root-shell http://www.isc.org/products/BIND/bind-security.html samba-2.2.[2-6]* remote-root-shell http://www.samba.org/samba/whatsnew/samba-2.2.7.html windowmaker<0.80.2 remote-user-shell http://www.windowmaker.org/ ssh<3.2.2 local-root-shell http://www.kb.cert.org/vuls/id/740619 w3m<0.3.2.1 remote-file-write http://mi.med.tohoku.ac.jp/%7Esatodai/w3m-dev/200211.month/3492.html w3m-img<0.3.2.1 remote-file-write http://mi.med.tohoku.ac.jp/%7Esatodai/w3m-dev/200211.month/3492.html Canna-server-bin<3.5.2nb3 remote-root-shell http://canna.sourceforge.jp/sec/Canna-2002-01.txt windowmaker<0.80.2 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1277 kdelibs-2.1.* remote-user-shell http://www.kde.org/info/security/advisory-20021111-1.txt kdelibs-2.2.1* remote-user-shell http://www.kde.org/info/security/advisory-20021111-1.txt kdelibs-2.2.2{,nb[123]} remote-user-shell http://www.kde.org/info/security/advisory-20021111-1.txt kdelibs-3.0.[123]* remote-user-shell http://www.kde.org/info/security/advisory-20021111-1.txt kdelibs-3.0.4 remote-user-shell http://www.kde.org/info/security/advisory-20021111-1.txt kdenetwork-2.[12]* remote-root-shell http://www.kde.org/info/security/advisory-20021111-2.txt kdenetwork-3.0.[123]* remote-root-shell http://www.kde.org/info/security/advisory-20021111-2.txt kdenetwork-3.0.4{,nb1} remote-root-shell http://www.kde.org/info/security/advisory-20021111-2.txt cyrus-imapd<2.0.17 remote-code-execution http://www.securityfocus.com/bid/6298 cyrus-imapd-2.1.9{,nb1} remote-code-execution http://www.securityfocus.com/bid/6298 imap-uw<2002.1rc1 remote-code-execution http://www.kb.cert.org/vuls/id/961489 cyrus-sasl-2.1.9{,nb[12]} remote-code-execution http://online.securityfocus.com/archive/1/302603 fetchmail<6.2.0 remote-code-execution http://security.e-matters.de/advisories/052002.html mysql-client<3.23.49nb2 remote-code-execution http://security.e-matters.de/advisories/042002.html mysql-server<3.23.49nb1 remote-code-execution http://security.e-matters.de/advisories/042002.html pine<4.50 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1320 w3m{,-img}<0.3.2.2 remote-file-read http://sourceforge.net/project/shownotes.php?group_id=39518&release_id=126233 ethereal<0.9.8 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00007.html wget<1.8.2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1344 wget<1.8.2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1345 ssh<=3.2.2 denial-of-service http://www.rapid7.com/advisories/R7-0009.txt cups<1.1.18 remote-root-shell http://www.idefense.com/advisory/12.19.02.txt png<1.2.5nb2 unknown ftp://swrinde.nde.swri.edu/pub/png-group/archives/png-implement.200212 leafnode<1.9.30 denial-of-service http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0123.html cups<1.1.18 local-code-execution http://online.securityfocus.com/bid/6475 xpdf<=2.01 local-code-execution http://online.securityfocus.com/bid/6475 mhonarc<2.5.14 cross-site-scripting http://www.mhonarc.org/archive/cgi-bin/mesg.cgi?a=mhonarc-users&i=200212220120.gBM1K8502180@mcguire.earlhood.com libmcrypt<2.5.5 remote-user-shell http://online.securityfocus.com/archive/1/305162/2003-01-01/2003-01-07/0 kdebase<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdegames<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdegraphics<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdelibs<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdemultimedia<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdenetwork<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdepim<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdesdk<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdeutils<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt cvs<1.11.4nb1 remote-file-write https://ccvs.cvshome.org/servlets/NewsItemView?newsItemID=51 gabber<0.8.7nb4 privacy-leak http://online.securityfocus.com/archive/1/307430 spamassassin<2.43nb2 remote-code-execution http://cert.uni-stuttgart.de/archive/bugtraq/2003/01/msg00254.html p5-Mail-SpamAssassin<2.43nb2 remote-code-execution http://cert.uni-stuttgart.de/archive/bugtraq/2003/01/msg00254.html squirrelmail<1.2.11 cross-site-scripting http://www.squirrelmail.org/ openssl<0.9.6gnb1 weak-encryption http://www.openssl.org/news/secadv_20030219.txt php-4.1.[3-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 php-4.2.[0-2]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 php-4.2.3{,nb1} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 sendmail<8.11.6nb3 remote-code-execution http://www.cert.org/advisories/CA-2003-07.html sendmail-8.12.[0-7] remote-code-execution http://www.cert.org/advisories/CA-2003-07.html sendmail-8.12.[0-7]nb* remote-code-execution http://www.cert.org/advisories/CA-2003-07.html snort<1.9.1 remote-code-execution http://www.kb.cert.org/vuls/id/916785 snort-pgsql<1.9.1 remote-code-execution http://www.kb.cert.org/vuls/id/916785 snort-mysql<1.9.1 remote-code-execution http://www.kb.cert.org/vuls/id/916785 hypermail<2.1.7 remote-code-execution http://www.hypermail.org/mail-archive/2003/Feb/0025.html zlib<1.1.4nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0107 ethereal-0.8.[7-9] remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00008.html ethereal-0.9.[0-9] remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00008.html qpopper<4.0.5 remote-user-shell http://archives.neohapsis.com/archives/bugtraq/2003-03/0152.html ircII<20030313 remote-code-execution http://eterna.com.au/ircii/ samba<2.2.8 remote-code-execution http://us1.samba.org/samba/whatsnew/samba-2.2.8.html openssl<0.9.6gnb2 remote-key-theft http://www.openssl.org/news/secadv_20030317.txt openssl<0.9.6gnb2 remote-use-of-secret http://www.openssl.org/news/secadv_20030319.txt mutt<1.4.1 remote-code-execution http://www.securityfocus.com/archive/1/315771/2003-03-19/2003-03-25/0 rxvt<2.7.10 remote-code-execution http://marc.theaimsgroup.com/?l=bugtraq&m=104612710031920&w=2 eterm<0.9.2 remote-code-execution http://marc.theaimsgroup.com/?l=bugtraq&m=104612710031920&w=2 apcupsd<3.8.6 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1396 apcupsd-3.10.[0-4] remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1396 ap-php-4.1.[3-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 ap-php-4.2.[0-2]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 ap-php-4.2.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 ja-samba<2.2.7.1.1.1 remote-code-execution http://www.samba.gr.jp/news-release/2003/20030317-2.html bitchx<1.0.3.19nb1 remote-code-execution http://www.securityfocus.com/archive/1/315057 apache-2.0.[0-3][0-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0132 apache-2.0.4[0-4] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0132 apcupsd<3.8.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0099 apcupsd-3.10.[0-4] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0099 setiathome<3.08 remote-code-execution http://spoor12.edup.tudelft.nl/SkyLined%20v4.2/?Advisories/Seti@home samba<=2.2.8 remote-root-access http://lists.samba.org/pipermail/samba-announce/2003-April/000065.html mgetty+sendfax<1.1.29 file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1392 mgetty+sendfax<1.1.29 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1391 ja-samba<2.2.7.2.1.0 remote-code-execution http://www.samba.gr.jp/news-release/2003/20030409-2.html kde<3.1.1nb1 remote-code-execution http://www.kde.org/info/security/advisory-20030409-1.txt kdelibs<3.1.1nb1 remote-code-execution http://www.kde.org/info/security/advisory-20030409-1.txt kdebase<3.1.1nb1 remote-code-execution http://www.kde.org/info/security/advisory-20030409-1.txt kdegraphics<3.1.1nb2 remote-code-execution http://www.kde.org/info/security/advisory-20030409-1.txt snort<2.0.0 remote-code-execution http://www.securityfocus.com/archive/1/318669 snort-pgsql<2.0.0 remote-code-execution http://www.securityfocus.com/archive/1/318669 snort-mysql<2.0.0 remote-code-execution http://www.securityfocus.com/archive/1/318669 poppassd<4.0.5nb1 local-root-shell http://www.securityfocus.com/archive/1/319811/2003-04-26/2003-05-02/0 ethereal<0.9.12 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00009.html gnupg<1.2.2 weak-authentication http://www.securityfocus.com/archive/1/320444 lv<4.49.5 local-code-execution http://bugs.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=190941 bitchx<1.0.3.19nb2 denial-of-service http://www.securityfocus.com/archive/1/321093 suse{,32}_libpng<7.3nb1 remote-user-shell http://www.suse.com/de/security/2003_004_libpng.html apache-2.0.3[7-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0245 apache-2.0.4[0-5] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0245 suse{,32}_base<7.3nb4 remote-code-execution http://www.suse.com/de/security/2003_027_glibc.html suse{,32}_devel<7.3nb2 remote-code-execution http://www.suse.com/de/security/2003_027_glibc.html cups<1.1.19 denial-of-service http://www.cups.org/str.php?L75 speakfreely<=7.5 remote-code-execution http://www.securityfocus.com/archive/1/324257/2003-06-06/2003-06-12/0 ethereal<0.9.13 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00010.html xpdf<2.02pl1 remote-code-execution http://lists.netsys.com/pipermail/full-disclosure/2003-June/010397.html acroread5<5.07 remote-code-execution http://lists.netsys.com/pipermail/full-disclosure/2003-June/010397.html acroread5<5.08 remote-user-shell http://lists.netsys.com/pipermail/full-disclosure/2003-July/006342.html ImageMagick<5.5.7.1 local-symlink-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0455 apache-2.0.3[7-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0253 apache-2.0.4[0-6] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0253 falcons-eye<1.9.3nb3 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0358 xconq<7.4.1nb1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0607 mhonarc<2.6.4 cross-site-scripting http://savannah.nongnu.org/bugs/?func=detailbug&bug_id=3128&group_id=1968 wu-ftpd<2.6.2nb1 remote-root-shell http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt lftp<2.5.3 remote-user-shell http://freshmeat.net/releases/87364/ postfix<1.1.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0468 postfix<1.1.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0540 xfstt<1.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0581 xfstt<1.5.1 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0625 stunnel<3.25 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1563 stunnel-4.0[0-3]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1563 ssh2<3.2.5 weak-authentication http://www.ssh.com/company/newsroom/article/454/ horde<2.2.4rc1 privacy-leak http://www.securityfocus.com/archive/1/333114/2003-08-13/2003-08-19/0 imp<3.2.2rc1 privacy-leak http://www.securityfocus.com/archive/1/333114/2003-08-13/2003-08-19/0 gopher<3.0.6 remote-root-shell http://www.securityfocus.com/archive/1/328843/2003-08-18/2003-08-24/2 unzip<5.50nb2 weak-path-validation http://www.securityfocus.com/archive/1/334070/2003-08-18/2003-08-24/2 xmule-[0-9]* remote-user-shell http://lists.netsys.com/pipermail/full-disclosure/2003-August/008449.html sendmail-8.12.[0-8]nb* denial-of-service http://www.sendmail.org/dnsmap1.html exim<3.36 remote-code-execution http://www.exim.org/pipermail/exim-announce/2003q3/000094.html exim>=4<4.22 remote-code-execution http://www.exim.org/pipermail/exim-announce/2003q3/000094.html leafnode<1.9.42 denial-of-service http://www.securityfocus.com/archive/1/336186 p5-Apache-Gallery<0.7 local-user-shell http://www.securityfocus.com/archive/1/336583/2003-09-06/2003-09-12/0 pine<4.58 remote-code-execution http://www.idefense.com/advisory/09.10.03.txt net-snmp<5.0.9 privacy-leak http://sourceforge.net/forum/forum.php?forum_id=308015 gtkhtml<1.1.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0541 sane-backends<1.0.11 weak-authentication http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0773 sane-backends<1.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0774 sane-backends<1.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0775 sane-backends<1.0.11 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0776 sane-backends<1.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0777 sane-backends<1.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0778 apache<1.3.28 denial-of-service http://www.kb.cert.org/vuls/id/379828 apache6<1.3.28 denial-of-service http://www.kb.cert.org/vuls/id/379828 mysql-server<3.23.49nb5 remote-code-execution http://lists.netsys.com/pipermail/full-disclosure/2003-September/009819.html openssh<3.7.1 denial-of-service http://www.openssh.org/txt/buffer.adv openssh+gssapi<3.6.1.2.20030430nb2 denial-of-service http://www.openssh.org/txt/buffer.adv sendmail<8.12.10 unknown http://www.sendmail.org/8.12.10.html thttpd<2.23.0.1nb1 remote-code-execution http://marc.theaimsgroup.com/?l=thttpd&m=106402145912879&w=2 openssh<3.7.1.2 remote-code-execution http://www.openssh.com/txt/sshpam.adv proftpd<1.2.8nb2 remote-root-shell http://xforce.iss.net/xforce/alerts/id/154 cfengine-2.0.[0-7]* remote-code-execution http://www.securityfocus.com/archive/1/339083/2003-09-22/2003-09-28/0 mplayer<1.0rc1nb1 remote-code-execution http://www.mplayerhq.hu/homepage/news.html#vuln01 gmplayer<1.0rc1nb1 remote-code-execution http://www.mplayerhq.hu/homepage/news.html#vuln01 marbles<1.0.2nb3 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0830 ncftp3<3.1.6 remote-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1345 openssl<0.9.6k remote-root-shell http://www.openssl.org/news/secadv_20030930.txt vmware3<3.2.1pl1 local-root-shell http://marc.theaimsgroup.com/?l=gentoo-announce&m=106181867621048&w=2 fetchmail<6.2.4nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0790 kdelibs<2.2.2 denial-of-service http://www.kde.org/info/security/ kdebase<2.2.2 remote-code-execution http://www.kde.org/info/security/ kdebase<2.2.2 denial-of-service http://www.kde.org/info/security/ kdebase<2.2.2 remote-code-execution http://www.kde.org/info/security/ silc-client<0.9.13 denial-of-service http://silcnet.org/txt/security_20031016_1.txt silc-server<0.9.14 denial-of-service http://silcnet.org/txt/security_20031016_1.txt sylpheed-claws-0.9.4{,nb1} denial-of-service http://www.guninski.com/sylph.html vtun<2.6nb1 privacy-leak ftp://ftp.netbsd.org/pub/NetBSD/packages/distfiles/LOCAL_PORTS/vtun-26to30.patch libnids<=1.17 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0850 apache<1.3.28nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0542 apache6<1.3.28nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0542 apache-2.0.[0-3][0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0254 apache-2.0.4[0-7] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0254 sun-{jre,jdk}13<1.0.9 privilege-escalation http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57221&zone_32=category%3Asecurity sun-{jre,jdk}14<2.0 privilege-escalation http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57221&zone_32=category%3Asecurity thttpd<2.24 remote-code-execution http://www.texonet.com/advisories/TEXONET-20030908.txt coreutils<5.0nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0853 coreutils<5.0nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0854 hylafax<4.1.8 remote-code-execution http://www.securiteam.com/unixfocus/6O00D0K8UI.html quagga<0.96.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0795 zebra<0.93bnb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0795 pan<0.13.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0855 ethereal<0.9.15 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00011.html mozilla{,-bin}<1.5 remote-code-execution http://www.mozilla.org/projects/security/known-vulnerabilities.html screen<4.0.1nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0972 gnupg<1.2.3nb2 weak-authentication http://lists.gnupg.org/pipermail/gnupg-announce/2003q4/000276.html rsync<2.5.7 remote-user-shell http://www.mail-archive.com/rsync@lists.samba.org/msg08782.html audit-packages<1.26 no-exploit-but-less-integrity-so-please-upgrade http://mail-index.netbsd.org/tech-pkg/2003/11/30/0001.html cvs<1.11.10 remote-file-write https://ccvs.cvshome.org/servlets/NewsItemView?newsItemID=84 lftp<2.6.10 remote-code-execution http://lists.netsys.com/pipermail/full-disclosure/2003-December/014824.html opera<7.23 remote-file-delete http://opera.rainyblue.org/modules/cjaycontent/index.php?id=1 mgetty+sendfax<=1.1.30 file-permissions http://mail-index.netbsd.org/tech-pkg/2003/11/18/0003.html cvs<1.11.11 privilege-escalation https://ccvs.cvshome.org/servlets/NewsItemView?newsItemID=88 ethereal<0.10.0 denial-of-service http://www.ethereal.com/appnotes/enpa-sa-00012.html bind<8.4.3 cache-poisoning http://www.kb.cert.org/vuls/id/734644 mpg321<0.2.10nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0969 mailman<2.1.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0965 racoon<20040116a remote-sa-delete http://www.securityfocus.com/archive/1/349756 gaim<0.75nb1 remote-code-execution http://security.e-matters.de/advisories/012004.html freeradius<0.9.3 denial-of-service http://www.freeradius.org/security.html#0.9.2 libtool-base<1.5.2nb3 local-symlink-race http://www.securityfocus.com/archive/1/352519 jitterbug<1.6.2nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0028 mpg123<0.59.18nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0865 mpg123-esound<0.59.18nb1 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0865 mpg123-nas<0.59.18nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0865 clamav<0.66 denial-of-service http://www.securityfocus.com/archive/1/353186 mutt<1.4.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0078 metamail<2.7nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0104 xboing<2.4nb2 privilege-escalation http://www.debian.org/security/2004/dsa-451 libxml2<2.6.6 remote-user-shell http://lists.gnome.org/archives/xml/2004-February/msg00070.html automake<1.8.3 privilege-escalation http://www.securityfocus.com/archive/1/356574/2004-03-05/2004-03-11/2 apache-2.0.? denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0113 apache-2.0.[0-3][0-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0113 apache-2.0.4[0-8] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0113 apache-2.0.? denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174 apache-2.0.[0-3][0-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174 apache-2.0.4[0-8] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174 apache-2.0.? remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020 apache-2.0.[0-3][0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020 apache-2.0.4[0-8] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020 apache<1.3.29nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020 apache6<1.3.29nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020 gdk-pixbuf<0.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0111 openssl<0.9.6l denial-of-service http://www.openssl.org/news/secadv_20031104.txt openssl<0.9.6m denial-of-service http://www.openssl.org/news/secadv_20040317.txt isakmpd<=20030903nb1 denial-of-service http://www.rapid7.com/advisories/R7-0018.html ghostscript-gnu<7.07 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0354 ghostscript-gnu-nox11<7.07 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0354 ghostscript-gnu-x11<7.07 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0354 python22<2.2.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0150 python22-pth<2.2.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0150 squid<2.5.5 weak-acl-enforcement http://www.squid-cache.org/Advisories/SQUID-2004_1.txt ethereal<0.10.3 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00013.html mplayer<1.0rc3nb2 remote-code-execution http://www.securityfocus.com/archive/1/359025 gmplayer<1.0rc3nb2 remote-code-execution http://www.securityfocus.com/archive/1/359025 mencoder<1.0rc3nb2 remote-code-execution http://www.securityfocus.com/archive/1/359025 heimdal<0.6.1 remote-trust http://www.pdc.kth.se/heimdal/advisory/2004-04-01/ uulib<0.5.20 archive-code-execution http://www.securityfocus.com/bid/9758 racoon<20040408a weak-authentication http://www.vuxml.org/freebsd/d8769838-8814-11d8-90d1-0020ed76ef5a.html xchat<1.8.11nb7 remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html xchat-2.0.[0-7] remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html xchat-2.0.[0-7]nb* remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html xchat-2.0.8 remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html xchat-2.0.8nb1 remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html xchat-gnome<1.8.11nb7 remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html cvs<1.11.15 remote-file-write https://ccvs.cvshome.org/servlets/NewsItemView?newsItemID=102 neon<0.24.5 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0179 tla<1.2.1rc1 remote-code-execution http://marc.theaimsgroup.com/?l=openpkg-announce&m=108213423102539&w=2 cadaver<0.22.1 remote-code-execution http://marc.theaimsgroup.com/?l=openpkg-announce&m=108213423102539&w=2 lha<1.14i local-code-execution http://www2m.biglobe.ne.jp/~dolphin/lha/lha-unix.htm mplayer>=1.0rc0<1.0rc4 remote-code-execution http://www.mplayerhq.hu/homepage/design6/news.html xine-lib-1rc[0-2]* remote-file-write http://www.xinehq.de/index.php/security/XSA-2004-1 xine-lib-1rc3[ab]* remote-file-write http://www.xinehq.de/index.php/security/XSA-2004-1 rsync<2.6.1 remote-file-write http://rsync.samba.org/#security_apr04 exim<3.36nb2 remote-code-execution http://www.guninski.com/exim1.html exim>=4<4.30 remote-code-execution http://www.guninski.com/exim1.html exim-exiscan-4.[0-2]* remote-code-execution http://www.guninski.com/exim1.html pine<4.58nb4 local-symlink-race http://www.NetBSD.org/cgi-bin/query-pr-single.pl?number=22226 xine-lib-1rc[0-3]* remote-file-write http://www.xinehq.de/index.php/security/XSA-2004-3 global<4.6 remote-exec http://savannah.gnu.org/forum/forum.php?forum_id=2029 opera<7.50 remote-file-write http://www.idefense.com/application/poi/display?id=104&type=vulnerabilities&flashstatus=true lha<114.9nb2 remote-code-execution http://www.securityfocus.com/bid/10243 apache<1.3.31 weak-authentication http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0987 apache<1.3.31 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0993 apache<1.3.31 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174 apache6<1.3.31 weak-authentication http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0987 apache6<1.3.31 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0993 apache6<1.3.31 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174 kdelibs<3.2.2nb2 remote-file-write http://www.kde.org/info/security/advisory-20040517-1.txt subversion-base<1.0.3 denial-of-service http://subversion.tigris.org/servlets/ReadMsg?list=announce&msgNo=125 subversion-base<1.0.3 remote-code-execution http://subversion.tigris.org/servlets/ReadMsg?list=announce&msgNo=125 ap{2,22}-subversion<1.0.3 denial-of-service http://subversion.tigris.org/servlets/ReadMsg?list=announce&msgNo=125 ap{2,22}-subversion<1.0.3 remote-code-execution http://subversion.tigris.org/servlets/ReadMsg?list=announce&msgNo=125 neon<0.24.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0398 cvs-1.11.[0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0396 cvs-1.11.1[0-5] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0396 cadaver<0.22.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0398 ap-ssl<2.8.18 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0488 squirrelmail<1.4.3 cross-site-scripting http://www.securityfocus.com/bid/10246/ ethereal<0.10.4 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00014.html apache-2.0.49{,nb1} remote-code-execution http://www.securityfocus.com/bid/10355 roundup<0.7.3 remote-file-read http://cvs.sourceforge.net/viewcvs.py/*checkout*/roundup/roundup/CHANGES.txt?rev=1.533.2.21 cvs-1.11.[0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0416 cvs-1.11.[0-9]nb* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0416 cvs-1.11.1[0-6]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0416 subversion-base<1.0.5 denial-of-service http://www.contactor.se/~dast/svn/archive-2004-06/0331.shtml racoon<20040617a weak-authentication http://www.securitytracker.com/alerts/2004/Jun/1010495.html mit-krb5<1.3.4 remote-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-001-an_to_ln.txt imp<3.2.4 cross-site-scripting http://securityfocus.com/bid/10501/info/ gmplayer<1.0rc4nb2 remote-code-execution http://www.open-security.org/advisories/5 ethereal<0.10.5 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00015.html courier-auth<0.45 remote-code-execution http://www.securityfocus.com/bid/9845 courier-imap<3.0.0 remote-code-execution http://www.securityfocus.com/bid/9845 sqwebmail<4.0.0 remote-code-execution http://www.securityfocus.com/bid/9845 ap-ssl<2.8.19 remote-code-execution http://www.mail-archive.com/modssl-users@modssl.org/msg16853.html ap{2,22}-subversion<1.0.6 weak-acl-enforcement http://www.contactor.se/~dast/svn/archive-2004-07/0814.shtml samba<2.2.10 remote-code-execution http://www.samba.org/samba/whatsnew/samba-2.2.10.html samba-3.0.[0-4]{,a*,nb?} remote-code-execution http://www.samba.org/samba/whatsnew/samba-3.0.5.html ja-samba<2.2.9.1.0nb1 remote-code-execution http://www.samba.org/samba/whatsnew/samba-2.2.10.html acroread5<5.09 arbitrary-code-execution http://kb2.adobe.com/cps/322/322914.html png<1.2.6rc1 remote-code-execution http://scary.beasts.org/security/CESA-2004-001.txt suse{,32}_libpng-7.3{,nb1} remote-code-execution http://scary.beasts.org/security/CESA-2004-001.txt suse{,32}_libpng-9.1 remote-code-execution http://scary.beasts.org/security/CESA-2004-001.txt suse{,32}_libpng<=6.4 remote-code-execution http://scary.beasts.org/security/CESA-2004-001.txt mozilla{,-gtk2}{,-bin}<1.7.2 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0763 mozilla{,-gtk2}{,-bin}<1.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0758 MozillaFirebird{,-gtk2}{,-bin}<0.9.3 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0763 firefox{,-gtk2}{,-bin}<0.9.3 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0763 MozillaFirebird{,-gtk2}{,-bin}<0.9.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0758 firefox{,-gtk2}{,-bin}<0.9.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0758 thunderbird{,-gtk2}{,-bin}<0.7.2 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0763 thunderbird{,-gtk2}{,-bin}<0.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0758 cfengine-2.0.* remote-code-execution http://www.securityfocus.org/advisories/7045 cfengine-2.1.[0-7] remote-code-execution http://www.securityfocus.org/advisories/7045 spamassassin<2.64 denial-of-service http://marc.theaimsgroup.com/?l=spamassassin-announce&m=109168121628767&w=2 kdelibs<3.2.3nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0689 kdelibs<3.2.3nb2 local-account-compromise http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0690 kdelibs<3.2.3nb2 http-frame-spoof http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721 kdebase<3.2.3nb1 http-frame-spoof http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721 opera<7.54 remote-file-read http://www.greymagic.com/security/advisories/gm008-op/ opera<7.54 www-address-spoof http://secunia.com/advisories/12162/ rsync<2.6.2nb1 remote-file-access http://samba.org/rsync/#security_aug04 lukemftpd-[0-9]* remote-root-access ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2004-009.txt.asc tnftpd<20040810 remote-root-access ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2004-009.txt.asc demime<1.1d denial-of-service http://scifi.squawk.com/demime.html kdelibs<3.2.3nb2 www-session-fixation http://www.kde.org/info/security/advisory-20040823-1.txt fidogate<4.4.9nb1 local-file-write http://sourceforge.net/tracker/index.php?func=detail&aid=1013726&group_id=10739&atid=310739 qt3-libs<3.3.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0691 gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=0 gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=1 gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=2 gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=3 gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=4 gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=5 gaim<0.82 denial-of-service http://gaim.sourceforge.net/security/index.php?id=6 zlib<1.2.1nb2 denial-of-service http://www.openpkg.org/security/OpenPKG-SA-2004.038-zlib.html imlib2<1.1.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0802 mit-krb5<1.3.4nb2 remote-code-execution http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-002-dblfree.txt mit-krb5<1.3.4nb2 denial-of-service http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-003-asn1.txt mpg123<0.59.18nb4 remote-user-shell http://www.securityfocus.com/archive/1/374433 mpg123-esound<0.59.18nb2 remote-user-shell http://www.securityfocus.com/archive/1/374433 mpg123-nas<0.59.18nb4 remote-user-shell http://www.securityfocus.com/archive/1/374433 apache-2.0.[0-4]* denial-of-service http://issues.apache.org/bugzilla/show_bug.cgi?id=29964 apache-2.0.50 denial-of-service http://issues.apache.org/bugzilla/show_bug.cgi?id=29964 apache-2.0.[0-4]* denial-of-service http://issues.apache.org/bugzilla/show_bug.cgi?id=30134 apache-2.0.50 denial-of-service http://issues.apache.org/bugzilla/show_bug.cgi?id=30134 samba-3.0.[0-6]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0807 samba-3.0.[0-6]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0808 heimdal<0.6.3 remote-root-access http://www.pdc.kth.se/heimdal/advisory/2004-09-13/ MozillaFirebird{,-gtk2}{,-bin}<0.10 remote-code-execution http://secunia.com/advisories/12526/ firefox<0.10 remote-code-execution http://secunia.com/advisories/12526/ firefox-bin<0.10 remote-code-execution http://secunia.com/advisories/12526/ firefox-gtk2<0.10 remote-code-execution http://secunia.com/advisories/12526/ firefox-gtk2-bin<0.10 remote-code-execution http://secunia.com/advisories/12526/ mozilla<1.7.3 remote-code-execution http://secunia.com/advisories/12526/ mozilla-bin<1.7.3 remote-code-execution http://secunia.com/advisories/12526/ mozilla-gtk2<1.7.3 remote-code-execution http://secunia.com/advisories/12526/ thunderbird<0.8 remote-code-execution http://secunia.com/advisories/12526/ thunderbird-bin<0.8 remote-code-execution http://secunia.com/advisories/12526/ thunderbird-gtk2<0.8 remote-code-execution http://secunia.com/advisories/12526/ xpm<3.4knb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687 xpm<3.4knb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688 XFree86-libs<4.4.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687 XFree86-libs<4.4.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688 xorg-libs<6.7.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687 xorg-libs<6.7.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688 openmotif<2.1.30nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687 openmotif<2.1.30nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688 sudo-1.6.8 local-file-read http://www.sudo.ws/sudo/alerts/sudoedit.html apache-2.0.[0-4]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0747 apache-2.0.50 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0747 apache-2.0.50nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0747 gdk-pixbuf<0.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0753 gtk2+<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0753 gdk-pixbuf<0.22 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0782 gtk2+<2.4.10 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0782 gdk-pixbuf<0.22 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0783 gtk2+<2.4.10 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0783 gdk-pixbuf<0.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0788 gtk2+<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0788 wv<=1.0.0nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0645 apache-2.0.51 weak-acl-enforcement http://nagoya.apache.org/bugzilla/show_bug.cgi?id=31315 apache-1.3.2[5-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache-1.3.30* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache-1.3.31{,nb[1-4]} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache<1.3.33 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0940 apache6-1.3.2[5-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache6-1.3.30* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache6-1.3.31{,nb[1-4]} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache6<1.3.33 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0940 ImageMagick<6.0.6.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0827 ap{2,22}-subversion<1.0.8 metadata-leak http://subversion.tigris.org/security/CAN-2004-0749-advisory.txt squid<2.5.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0832 MozillaFirebird{,-gtk2}{,-bin}<0.10.1 local-file-write http://www.mozilla.org/press/mozilla-2004-10-01-02.html firefox<0.10.1 local-file-write http://www.mozilla.org/press/mozilla-2004-10-01-02.html firefox-bin<0.10.1 local-file-write http://www.mozilla.org/press/mozilla-2004-10-01-02.html firefox-gtk2<0.10.1 local-file-write http://www.mozilla.org/press/mozilla-2004-10-01-02.html firefox-gtk2-bin<0.10.1 local-file-write http://www.mozilla.org/press/mozilla-2004-10-01-02.html gzip-base<1.2.4b remote-code-execution http://www.securityfocus.com/bid/3712 squid<2.5.7 denial-of-service http://www.idefense.com/application/poi/display?id=152&type=vulnerabilities tiff<3.6.1nb4 remote-code-execution http://scary.beasts.org/security/CESA-2004-006.txt tiff<3.6.1nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0804 tiff<3.6.1nb4 denial-of-service http://securitytracker.com/id?1011674 ap-ssl<2.8.20 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 sox<12.17.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0557 ssmtp<2.61 remote-user-access http://lists.debian.org/debian-security-announce-2004/msg00084.html kdegraphics-3.2.* denial-of-service http://www.kde.org/info/security/advisory-20041021-1.txt kdegraphics-3.3.{0,0nb1,1} denial-of-service http://www.kde.org/info/security/advisory-20041021-1.txt samba-2.2.[1-9] denial-of-service http://us1.samba.org/samba/history/samba-2.2.11.html samba-2.2.10 denial-of-service http://us1.samba.org/samba/history/samba-2.2.11.html samba-2.2.[1-9] remote-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0815 samba-2.2.{10,11} remote-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0815 ja-samba<2.2.12.0.9.1 remote-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0815 postgresql-server-7.3.[1-7]{,nb*} local-symlink-race http://www.postgresql.org/about/news.234 postgresql73-server-7.3.[1-7]{,nb*} local-symlink-race http://www.postgresql.org/about/news.234 postgresql74-server-7.4.[1-5]{,nb*} local-symlink-race http://www.postgresql.org/about/news.234 cabextract<1.1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0916 mpg123<0.59.18nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0982 mpg123-esound<0.59.18nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0982 mpg123-nas<0.59.18nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0982 socat<1.4.0.3 privilege-escalation http://www.nosystem.com.ar/advisories/advisory-07.txt ruby-base<1.6.8nb7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0983 gnats<4 privilege-escalation http://www.securityfocus.com/archive/1/326337 mozilla<1.7.3nb2 local-file-write http://secunia.com/advisories/12956/ mozilla-bin<1.7.3nb1 local-file-write http://secunia.com/advisories/12956/ mozilla-gtk2<1.7.3nb2 local-file-write http://secunia.com/advisories/12956/ MozillaFirebird{,-gtk2}{,-bin}<1.0 local-file-write http://secunia.com/advisories/12956/ firefox<1.0 local-file-write http://secunia.com/advisories/12956/ firefox-bin<1.0 local-file-write http://secunia.com/advisories/12956/ firefox-gtk2<1.0 local-file-write http://secunia.com/advisories/12956/ firefox-gtk2-bin<1.0 local-file-write http://secunia.com/advisories/12956/ thunderbird<0.8nb1 local-file-write http://secunia.com/advisories/12956/ thunderbird-gtk2<0.8nb1 local-file-write http://secunia.com/advisories/12956/ thunderbird-bin<0.8nb1 local-file-write http://secunia.com/advisories/12956/ sudo<1.6.8pl3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1051 gnats<4.0.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0623 freeradius<1.0.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0938 freeradius<1.0.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0960 freeradius<1.0.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0961 samba<2.2.12nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0930 samba<2.2.12nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0882 samba<2.2.12nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1154 samba-3.0.[0-6]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0930 samba-3.0.[0-7]{,nb*} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0882 samba-3.0.[0-9]{,nb*} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1154 ja-samba-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0930 ja-samba<2.2.12.0.9.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0882 ja-samba<2.2.12.0.9.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1154 squirrelmail<1.4.3anb1 cross-site-scripting http://article.gmane.org/gmane.mail.squirrelmail.user/21169 ja-squirrelmail<1.4.3anb3 cross-site-scripting http://article.gmane.org/gmane.mail.squirrelmail.user/21169 snownews<1.5 unsafe-umask http://kiza.kcore.de/software/snownews/changes#150 liferea<0.6.2 unsafe-umask http://sourceforge.net/project/shownotes.php?release_id=282434 libxml2<2.6.14 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0989 libxml<1.8.17nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0989 sun-{jre,jdk}14<2.6 remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1 sun-{jre,jdk}13<1.0.12nb1 remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1 xpdf<3.00pl1 remote-code-execution http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml php-curl<4.3.2 local-file-read http://www.securityfocus.com/bid/11557 jabberd-2.0s[23]* remote-code-execution http://www.securityfocus.com/archive/1/382250 jabberd-2.0s4 remote-code-execution http://www.securityfocus.com/archive/1/382250 jabberd<1.4.2nb4 denial-of-service http://www.securityfocus.com/archive/1/375955 imlib<1.9.15 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1025 imlib<1.9.15nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1026 kdelibs<3.3.2nb1 plain-text-password-exposure http://www.kde.org/info/security/advisory-20041209-1.txt kdegraphics<3.3.2 denial-of-service http://www.kde.org/info/security/advisory-20041209-2.txt kdelibs<3.3.2nb2 cross-site-scripting http://www.kde.org/info/security/advisory-20041213-1.txt kdebase<3.3.2nb1 cross-site-scripting http://www.kde.org/info/security/advisory-20041213-1.txt phpmyadmin-2.6.0-pl2 remote-code-execution http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4 phpmyadmin-2.6.0pl2 remote-code-execution http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4 phpmyadmin-2.[4-5]* remote-file-read http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4 phpmyadmin-2.6.0 remote-file-read http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4 phpmyadmin-2.6.0pl2 remote-file-read http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4 phpmyadmin-2.6.0-pl* remote-file-read http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4 namazu<2.0.14 cross-site-scripting http://www.namazu.org/security.html.en {ap-,}php<4.3.10 remote-code-execution http://www.hardened-php.net/advisories/012004.txt {ap-,}php-5.0.2* remote-code-execution http://www.hardened-php.net/advisories/012004.txt {ap-,}php<4.3.10 local-code-execution http://www.hardened-php.net/advisories/012004.txt {ap-,}php-5.0.2* local-code-execution http://www.hardened-php.net/advisories/012004.txt cyrus-imapd-2.2.[4-8]{,nb*} remote-code-execution http://security.e-matters.de/advisories/152004.txt cyrus-imapd-2.2.[0-5]{,nb*} remote-code-execution http://security.e-matters.de/advisories/152004.txt cyrus-imapd-2.2.[0-7]{,nb*} remote-code-execution http://security.e-matters.de/advisories/152004.txt cyrus-imapd-2.2.[7-8]{,nb*} remote-code-execution http://security.e-matters.de/advisories/152004.txt cyrus-imapd-2.2.[0-9]{,nb*} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0546 cyrus-imapd-2.2.1[0-1]{,nb*} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0546 cyrus-imapd<2.1.18 remote-code-execution http://security.e-matters.de/advisories/152004.txt cyrus-imapd<2.1.18 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0546 ethereal-0.9.* remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00016.html ethereal-0.10.[0-7]{,nb*} remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00016.html tcpdump<3.8.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0989 tcpdump<3.8.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0057 tcpdump<3.8.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0183 tcpdump<3.8.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0184 mc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0226 gmc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0226 mc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0231 gmc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0231 mc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0232 gmc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0232 netpbm<9.26 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0924 pwlib<1.6.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0097 leafnode<1.9.48 denial-of-service http://leafnode.sourceforge.net/leafnode-SA-2004-01 lbreakout<2.4beta2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0158 ap-python<2.7.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0973 logcheck<1.1.1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0404 zope<2.5.2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0688 flim<1.14.3 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0422 gnome-vfs<1.0.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0494 cups<1.1.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0558 openoffice<1.1.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0752 openoffice-linux<1.1.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0752 imlib<1.9.15 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0817 apache-2.0.51* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0811 mysql-server<3.23.59 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835 mysql-server-4.0.[0-9] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835 mysql-server-4.0.[0-9]nb* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835 mysql-server-4.0.1[0-8] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835 mysql-server-4.0.1[0-8]nb* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835 mysql-server-4.1.[01] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835 mysql-server-4.1.[01]nb* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835 mysql-server<3.23.49 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836 mysql-server-4.0.[0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836 mysql-server-4.0.[0-9]nb* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836 mysql-server-4.0.1[0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836 mysql-server-4.0.1[0-9]nb* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836 mysql-server-4.0.20 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836 mysql-server-4.0.20nb* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836 mysql-server<3.23.49 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837 mysql-server-4.0.[0-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837 mysql-server-4.0.[0-9]nb* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837 mysql-server-4.0.1[0-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837 mysql-server-4.0.1[0-9]nb* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837 mysql-server-4.0.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837 mysql-server-4.0.20nb* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837 cyrus-sasl<2.1.19 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0884 cups<1.1.21 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0888 cups<1.1.21 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0889 cups<1.1.21 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0923 apache-2.0.3[5-9] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 apache-2.0.3[5-9]nb* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 apache-2.0.4[0-9] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 apache-2.0.4[0-9]nb* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 apache-2.0.5[0-2] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 apache-2.0.5[0-2]nb[1-4] weak-cryptography http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 openmotif<2.1.30nb3 denial-of-service http://www.ics.com/developers/index.php?cont=xpm_security_alert catdoc<0.91.5-2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0193 gd<2.0.22 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0941 gd<2.0.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0990 ImageMagick<6.1.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0981 lesstif<0.93.96 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687 lesstif<0.93.96 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688 lesstif<0.94.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914 xorg-libs<6.8.1nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914 XFree86-libs<4.4.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914 xpm<3.4nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914 groff<1.19.1nb2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0969 zip<2.3nb3 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1010 openssl<0.9.6mnb2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0975 mplayer<1.0rc5pl2 remote-code-execution http://www.idefense.com/application/poi/display?id=166&type=vulnerabilities mplayer<1.0rc5pl2 remote-code-execution http://www.idefense.com/application/poi/display?id=167&type=vulnerabilities mplayer<1.0rc5pl2 remote-code-execution http://www.idefense.com/application/poi/display?id=168&type=vulnerabilities cscope<15.4nb4 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0996 acroread5<5.10 remote-code-execution http://www.adobe.com/support/techdocs/331153.html a2ps<4.13.0.2nb5 unsafe-shell-escape http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1170 a2ps<4.13.0.2nb7 local-symlink-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1377 mc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1023 tiff<3.6.1nb6 buffer-overrun http://www.idefense.com/application/poi/display?id=173&type=vulnerabilities xpdf<3.00pl2 remote-code-execution http://www.idefense.com/application/poi/display?id=172&type=vulnerabilities xzgv<0.8.0.1 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0994 xine-lib-1rc[2-5]* remote-code-execution http://www.xinehq.de/index.php/security/XSA-2004-4 xine-lib<1rc6 remote-code-execution http://www.xinehq.de/index.php/security/XSA-2004-5 gpdf<2.8.1 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0888 koffice<1.3.5 integer-overflow http://kde.org/areas/koffice/releases/1.3.4-release.php pdfTexinteTexbin=4<4.43nb2 remote-code-execution http://www.exim.org/mail-archives/exim-announce/2005/msg00000.html exim-exiscan<4.43nb2 remote-code-execution http://www.exim.org/mail-archives/exim-announce/2005/msg00000.html vim<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 vim-gtk<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 vim-gtk2<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 vim-kde<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 vim-motif<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 vim-xaw<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 pcal<4.7nb1 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1289 tnftp<20050103 remote-code-execution http://tigger.uic.edu/~jlongs2/holes/tnftp.txt napshare<1.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1286 yamt<0.5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1302 cups-1.1.2[12]* denial-of-service http://www.cups.org/str.php?L1042+P0+S-1+C0+I0+E0+Q1042 dillo<0.8.3nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0012 tiff<3.6.1nb6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1308 mpg123<0.59.18nb7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1284 mpg123-esound<0.59.18nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1284 mpg123-nas<0.59.18nb6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1284 mpg123<0.59.18nb7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0991 mpg123-esound<0.59.18nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0991 mpg123-nas<0.59.18nb6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0991 hylafax<4.2.1 weak-acl-enforcement http://www.hylafax.org/4.2.1.html teTeX-bin<2.0.2nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1125 teTeX-bin<2.0.2nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0888 awstats<6.3 local-code-execution http://www.idefense.com/application/poi/display?id=185&type=vulnerabilities ImageMagick<6.1.8.8 remote-code-execution http://www.idefense.com/application/poi/display?id=184&type=vulnerabilities xpdf<3.00pl3 remote-code-execution http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities cups<1.1.23nb1 remote-code-execution http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities kdegraphics<3.3.2nb3 remote-code-execution http://www.kde.org/info/security/advisory-20050119-1.txt mysql-client<3.23.58nb3 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.0.[0-9]{,nb*} local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.0.1[0-9]* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.0.2[0-2]* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.0.23 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.1.[0-8]{,nb*} local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.1.9 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 ethereal<0.10.9 denial-of-service http://ethereal.com/appnotes/enpa-sa-00017.html ethereal<0.10.9 remote-code-execution http://ethereal.com/appnotes/enpa-sa-00017.html koffice<1.3.5nb4 remote-code-execution http://www.kde.org/info/security/advisory-20050120-1.txt squid<2.5.7nb5 buffer-overrun http://www.squid-cache.org/Advisories/SQUID-2005_1.txt squid<2.5.7nb6 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0094 squid<2.5.7nb7 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2005_2.txt squid<2.5.7nb8 denial-of-service http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-response_splitting unarj<2.65nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0947 unarj<2.65nb1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1027 suse{,32}_libtiff<9.1nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1308 suse{,32}_x11<9.1nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914 suse{,32}_gtk2<9.1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0753 suse{,32}_gtk2<9.1nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0782 suse{,32}_gtk2<9.1nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0783 suse{,32}_gtk2<9.1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0788 webmin<1.160 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0559 teTeX-bin<2.0.2nb5 remote-code-execution http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities sun-{jre,jdk}14<2.6 remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57708-1 sun-{jre,jdk}13<1.0.13 remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57708-1 evolution12<1.2.4nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0102 evolution14<1.4.6nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0102 evolution<2.0.3nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0102 enscript<1.6.3nb1 remote-code-execution http://www.securityfocus.org/advisories/7879 bind-8.4.[4-5]{,nb*} denial-of-service http://www.kb.cert.org/vuls/id/327633 bind-9.3.0 denial-of-service http://www.kb.cert.org/vuls/id/938617 squid<2.5.7nb9 cache-poisoning http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-response_splitting p5-DBI<1.46nb2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0077 f2c<20001205nb8 local-file-write http://www.debian.org/security/2005/dsa-661 squid<2.5.7nb10 buffer-overrun http://www.squid-cache.org/Advisories/SQUID-2005_3.txt zope25-Silva<0.9.2.8 privilege-escalation http://mail.zope.org/pipermail/zope-announce/2005-February/001653.html postgresql-server-7.3.[1-8]{,nb*} privilege-escalation http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php postgresql73-server-7.3.[1-8]{,nb*} privilege-escalation http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php postgresql74-server-7.4.[1-6]{,nb*} privilege-escalation http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php postgresql80-server-8.0.0* privilege-escalation http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php perl{,-thread}-5.8.{[0-4]{,nb*},5{,nb[1-7]},6{,nb[12]}} local-root-exploit http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0155 perl{,-thread}-5.8.{[0-4]{,nb*},5{,nb[1-7]},6{,nb[12]}} buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0156 gpdf<2.8.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1125 gpdf<2.8.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0064 python22<2.2.3nb5 remote-code-execution http://www.python.org/security/PSF-2005-001/ python22-pth<2.2.3nb5 remote-code-execution http://www.python.org/security/PSF-2005-001/ python23<2.3.4nb7 remote-code-execution http://www.python.org/security/PSF-2005-001/ python23-pth<2.3.4nb7 remote-code-execution http://www.python.org/security/PSF-2005-001/ python23-nth<2.3.4nb2 remote-code-execution http://www.python.org/security/PSF-2005-001/ python24<2.4nb4 remote-code-execution http://www.python.org/security/PSF-2005-001/ python24-pth<2.4nb4 remote-code-execution http://www.python.org/security/PSF-2005-001/ py{15,20,21,22,23,24,25,26,27,31}-xmlrpc<=0.9.8 remote-code-execution http://www.python.org/security/PSF-2005-001/ opera<7.54pl2 remote-code-execution http://secunia.com/advisories/13818/ opera<=7.54pl2 www-address-spoof http://secunia.com/advisories/14154/ firefox{,-bin,-gtk2,-gtk2-bin}<=1.0 www-address-spoof http://secunia.com/advisories/14163/ mozilla{,-bin,-gtk2,-gtk2-bin}<=1.7.5 www-address-spoof http://secunia.com/advisories/14163/ kdebase<=3.3.2nb1 www-address-spoof http://secunia.com/advisories/14162/ apache-2.0.5[0-2]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0942 fprot-workstation-bin<4.5.3 local-code-execution http://www.f-secure.com/security/fsc-2005-1.shtml mailman<2.1.4nb3 remote-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0202 awstats<=6.3nb3 denial-of-service http://www.securityfocus.com/archive/1/390368 awstats<=6.3nb3 remote-code-execution http://www.securityfocus.com/archive/1/390368 sympa<=4.1.2nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0073 bidwatcher<1.3.17 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0158 kdeedu<=3.3.2 privilege-escalation http://www.kde.org/info/security/advisory-20050215-1.txt emacs-21.[0-2]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs-21.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs-21.3nb[0-6] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs-nox11-21.[0-2]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs-nox11-21.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs-nox11-21.3nb[0-1] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs<20.7nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 xemacs<21.4.17 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 xemacs-nox11<21.4.17 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 xview-lib<3.2.1nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0076 clamav<0.82 denial-of-service http://www.securityfocus.com/bid/12408?ref=rss phpmyadmin<2.6.1pl1 cross-site-scripting http://sourceforge.net/tracker/index.php?func=detail&aid=1149383&group_id=23067&atid=377408 phpmyadmin<2.6.1pl1 privacy-leak http://sourceforge.net/tracker/index.php?func=detail&aid=1149381&group_id=23067&atid=377408 curl<7.12.2nb1 remote-code-execution http://www.idefense.com/application/poi/display?id=202&type=vulnerabilities curl-7.1{2.3,2.3nb1,3.0} remote-code-execution http://www.idefense.com/application/poi/display?id=202&type=vulnerabilities gaim<1.0.2 denial-of-service http://gaim.sourceforge.net/security/index.php?id=7 gaim<1.0.2 denial-of-service http://gaim.sourceforge.net/security/index.php?id=8 gaim<1.0.2 buffer-overrun http://gaim.sourceforge.net/security/index.php?id=9 gaim<1.1.3 denial-of-service http://gaim.sourceforge.net/security/index.php?id=10 gaim<1.1.3 denial-of-service http://gaim.sourceforge.net/security/index.php?id=11 gaim<1.1.4 denial-of-service http://gaim.sourceforge.net/security/index.php?id=12 unzip<5.52 privilege-escalation http://www.securityfocus.com/archive/1/391677 kdebase<3.3.2 command-injection http://www.kde.org/info/security/advisory-20050101-1.txt kdebase<3.0.5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0078 squid<2.5.8nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0446 squirrelmail<1.4.4 cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-20 ja-squirrelmail<1.4.4 cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-20 squirrelmail-1.2.6* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0152 ja-squirrelmail-1.2.6* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0152 gcpio<2.5nb1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1572 squid<2.5.8 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0173 squid<2.5.8 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2479 squid<2.5.7nb4 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0194 squid<2.5.7nb12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0718 php<3.0.19 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0594 php<3.0.19 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0595 mailman<2.1.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1177 ap-python<2.7.9 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0088 squirrelmail<1.4.4 cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-19 ja-squirrelmail<1.4.4 cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-19 squirrelmail-1.4.3* cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-14 ja-squirrelmail-1.4.3* cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-14 mailman<2.1.5 weak-password-generator http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1143 htdig<3.1.6nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0085 postgresql-lib<7.3.9 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0245 postgresql73-lib<7.3.9 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0245 postgresql74-lib<7.4.7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0245 postgresql80-lib<8.0.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0245 # intagg not installed #postgresql73-lib-7.3.[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0246 #postgresql74-lib-7.4.[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0246 #postgresql80-lib-8.0.[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0246 postgresql-lib-7.3.[0-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0247 postgresql73-lib<7.3.9nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0247 postgresql74-lib<7.4.7nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0247 postgresql80-lib<8.0.1nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0247 gftp<2.0.18 remote-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0372 gftp-gtk1<2.0.18 remote-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0372 vim-share<6.3.046 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0069 imap-uw<2004b remote-user-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0198 unace<1.2.2nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0160 unace<1.2.2nb1 no-path-validation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0161 wu-ftpd<2.6.2nb3 denial-of-service http://www.idefense.com/application/poi/display?id=207&type=vulnerabilities cups<1.1.23nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0206 ImageMagick<6.2.0.3 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0397 cyrus-sasl<2.1.19 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0373 kdenetwork<=3.1.5 local-domain-spoofing http://www.kde.org/info/security/advisory-20050228-1.txt realplayer<10.6 remote-code-execution http://service.real.com/help/faq/security/050224_player RealPlayerGold<10.0.2 remote-code-execution http://service.real.com/help/faq/security/050224_player firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 window-injection-spoofing http://www.mozilla.org/security/announce/mfsa2005-13.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 ssl-icon-spoofing http://www.mozilla.org/security/announce/mfsa2005-14.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 heap-overflow http://www.mozilla.org/security/announce/mfsa2005-15.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 dialog-spoofing http://www.mozilla.org/security/announce/mfsa2005-16.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 source-spoofing http://www.mozilla.org/security/announce/mfsa2005-17.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-18.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 data-leak http://www.mozilla.org/security/announce/mfsa2005-19.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 possible-data-leak http://www.mozilla.org/security/announce/mfsa2005-20.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 download-source-spoofing http://www.mozilla.org/security/announce/mfsa2005-23.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-26.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-27.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 local-file-delete http://www.mozilla.org/security/announce/mfsa2005-28.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 domain-name-spoofing http://www.mozilla.org/security/announce/mfsa2005-29.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 window-injection-spoofing http://www.mozilla.org/security/announce/mfsa2005-13.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 ssl-icon-spoofing http://www.mozilla.org/security/announce/mfsa2005-14.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 heap-overflow http://www.mozilla.org/security/announce/mfsa2005-15.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 source-spoofing http://www.mozilla.org/security/announce/mfsa2005-17.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-18.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 possible-data-leak http://www.mozilla.org/security/announce/mfsa2005-20.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-26.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-27.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 local-file-delete http://www.mozilla.org/security/announce/mfsa2005-28.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 domain-name-spoofing http://www.mozilla.org/security/announce/mfsa2005-29.html thunderbird{,-bin,-gtk2}<1.0.1 source-spoofing http://www.mozilla.org/security/announce/mfsa2005-17.html thunderbird{,-bin,-gtk2}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-18.html sylpheed<1.0.3 buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24250 sylpheed-claws<1.0.3 buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24250 sylpheed-gtk2-[01].* buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24250 ethereal<0.10.10 remote-code-execution http://ethereal.com/appnotes/enpa-sa-00018.html xpm<3.4knb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605 openmotif<2.1.30nb4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605 lesstif<0.94.0nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605 libexif<0.6.11nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0664 putty<0.57 remote-code-execution http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-readdir.html putty<0.57 remote-code-execution http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-string.html mysql-server<4.0.24 remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0709 mysql-server<4.0.24 remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0710 mysql-server<4.0.24 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0711 mysql-server-4.1.[0-9]{nb*,} remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0709 mysql-server-4.1.[0-9]{nb*,} remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0710 mysql-server-4.1.[0-9]{nb*,} local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0711 mysql-server-4.1.10{nb*,} remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0709 mysql-server-4.1.10{nb*,} remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0710 mysql-server-4.1.10{nb*,} local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0711 kdelibs<3.3.2nb8 denial-of-service http://www.kde.org/info/security/advisory-20050316-1.txt kdelibs<3.3.2nb8 domain-name-spoofing http://www.kde.org/info/security/advisory-20050316-2.txt kdelibs<3.3.2nb8 local-file-write http://www.kde.org/info/security/advisory-20050316-3.txt sun-{jre,jdk}14<2.7 remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57740-1 xli<1.17.0nb2 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0638 xli<1.17.0nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0639 xli<1.17.0nb4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0775 wine>20000000<20050419 insecure-temp-file http://www.securityfocus.com/archive/1/393150/2005-03-14/2005-03-20/0 ImageMagick<6.1.8 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0005 ImageMagick<6.0 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0759 ImageMagick<6.0 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0760 ImageMagick<6.1.8 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0761 ImageMagick<6.0 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0762 ipsec-tools<0.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0398 firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.2 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-30.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.2 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-31.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.2 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-32.html sylpheed<1.0.4 buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24429 sylpheed-claws<1.0.4 buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24429 sylpheed-gtk2-[01].* buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24429 gnupg<1.4.1 information-leak http://lists.gnupg.org/pipermail/gnupg-announce/2005q1/000191.html mit-krb5<1.4nb1 remote-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2005-001-telnet.txt {g,}mc<4.5.56 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0763 {g,}mc<4.5.56 remote-unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1004 {g,}mc<4.5.56 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1005 {g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1009 {g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1090 {g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1091 {g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1092 {g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1093 {g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1174 {g,}mc<4.5.56 remote-unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1175 {g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1176 horde-3.0.[0-3]* cross-site-scripting http://secunia.com/advisories/14730/ gsharutils<4.2.1nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1772 gsharutils<4.2.1nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1773 squid<2.5.9nb1 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0626 gtk2+<2.6.4nb1 denial-of-service http://secunia.com/advisories/14775/ gdk-pixbuf<0.22.0nb5 denial-of-service http://secunia.com/advisories/14776/ phpmyadmin<2.6.2rc1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-3 gaim<1.2.1 denial-of-service http://gaim.sourceforge.net/security/?id=13 gaim<1.2.1 denial-of-service http://gaim.sourceforge.net/security/?id=14 gaim<1.2.1 denial-of-service http://gaim.sourceforge.net/security/?id=15 xorg-libs<6.8.2nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605 XFree86-libs<=4.5.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605 {ap-,}php<4.3.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0524 {ap-,}php<4.3.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0525 {ap-,}php-5.0.[0123]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0524 {ap-,}php-5.0.[0123]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0525 netscape7-[0-9]* privacy-leak http://secunia.com/advisories/14804/ netscape7-[0-9]* remote-code-execution http://secunia.com/advisories/14996/ gsharutils<4.2.1nb6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0990 mysql-server<3.23.59 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0957 sun-{jre,jdk}15-* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1080 sun-{jre,jdk}14-* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1080 kdelibs-3.4.0{,nb1,nb2} buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1046 kdelibs<3.3.2nb10 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1046 gnome-vfs2-cdda-2.10.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706 gnome-vfs2<2.6.0nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706 gnome-vfs2-cdda<2.8.4nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706 gnome-vfs<1.0.5nb8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706 libcdaudio<0.99.12nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706 gld<1.5 remote-code-execution http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0005.html pine<4.62nb2 local-file-write http://secunia.com/advisories/14899/ openoffice<1.1.4nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0941 openoffice-linux<1.1.5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0941 openoffice-bin<1.1.4nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0941 postgrey<1.21 denial-of-service http://secunia.com/advisories/14958/ php-exif<4.3.11 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1042 php-exif<4.3.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1043 cvs<1.11.20 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0753 realplayer<10.6 remote-code-execution http://www.service.real.com/help/faq/security/security041905.html RealPlayerGold<10.0.4 remote-code-execution http://www.service.real.com/help/faq/security/security041905.html heimdal<0.6.4 remote-code-execution http://www.pdc.kth.se/heimdal/advisory/2005-04-20/ mplayer<1.0rc6nb2 remote-code-execution http://www.mplayerhq.hu/homepage/design7/news.html#vuln10 mplayer<1.0rc6nb2 remote-code-execution http://www.mplayerhq.hu/homepage/design7/news.html#vuln11 gmplayer<1.0rc6nb3 remote-code-execution http://www.mplayerhq.hu/homepage/design7/news.html#vuln10 gmplayer<1.0rc6nb3 remote-code-execution http://www.mplayerhq.hu/homepage/design7/news.html#vuln11 quanta-3.1.* remote-code-execution http://www.kde.org/info/security/advisory-20050420-1.txt kdewebdev<3.3.2nb1 remote-code-execution http://www.kde.org/info/security/advisory-20050420-1.txt kdewebdev-3.4.0 remote-code-execution http://www.kde.org/info/security/advisory-20050420-1.txt firefox{-bin,-gtk2,-gtk2-bin}<1.0.3 privacy-leak http://www.mozilla.org/security/announce/mfsa2005-33.html firefox{,-gtk1}<1.0.2nb1 privacy-leak http://www.mozilla.org/security/announce/mfsa2005-33.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-34.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-35.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-35.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-36.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-36.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-37.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-37.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-38.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-38.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-39.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 missing-argument-check http://www.mozilla.org/security/announce/mfsa2005-40.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 missing-argument-check http://www.mozilla.org/security/announce/mfsa2005-40.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-41.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-41.html gzip-base<1.2.4anb1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1228 gzip-base<1.2.4anb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0988 xine-lib<1.0nb2 remote-code-execution http://xinehq.de/index.php/security/XSA-2004-8 imp<3.2.8 cross-site-scripting http://secunia.com/advisories/15077/ lsh<1.4.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0826 lsh<1.4.3nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0814 ImageMagick<6.2.2 heap-overflow http://www.overflow.pl/adv/imheapoverflow.txt netscape7-[0-9]* remote-code-execution http://secunia.com/advisories/15103/ ethereal<0.10.10nb1 denial-of-service http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2005-04/0447.html tcpdump-3.9.[0-1]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1280 tcpdump-3.9.[0-1]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1279 tcpdump<3.8.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1280 tcpdump<3.8.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1279 sqwebmail-[0-9]* cross-site-scripting http://secunia.com/advisories/15119/ php-curl<4.3.11 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1392 horde<2.2.8 cross-site-scripting http://secunia.com/advisories/14730/ netscape7-[0-9]* remote-code-execution http://www.networksecurity.fi/advisories/netscape-dom.html netscape7-[0-9]* authentication-spoofing http://secunia.com/advisories/15267/ p5-Convert-UUlib<1.05 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1349 gnutls<1.2.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1431 kdewebdev<3.3.2nb2 remote-code-execution http://www.kde.org/info/security/advisory-20050504-1.txt kdewebdev-3.4.0{,nb1} remote-code-execution http://www.kde.org/info/security/advisory-20050504-1.txt nasm<0.98.39nb1 remote-code-execution https://bugzilla.redhat.com/beta/show_bug.cgi?id=152963 leafnode<1.11.2 denial-of-service http://leafnode.sourceforge.net/leafnode-SA-2005-01.txt ethereal<0.10.11 denial-of-service http://www.ethereal.com/appnotes/enpa-sa-00019.html ethereal<0.10.11 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00019.html gaim<1.3.0 buffer-overflow http://gaim.sourceforge.net/security/index.php?id=16 gaim<1.3.0 denial-of-service http://gaim.sourceforge.net/security/index.php?id=17 squid<2.5.9nb11 domain-name-spoofing http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-dns_query firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.4 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-42.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.4 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-43.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.4 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-44.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.8 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-42.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.8 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-43.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.8 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-44.html tiff<3.7.2nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1544 bugzilla<2.18.1 information-leak http://www.bugzilla.org/security/2.16.8/ libexif<0.6.12nb1 denial-of-service http://secunia.com/advisories/15259/ maradns<1.0.27 weak-rng-source http://www.maradns.org/download/patches/maradns-1.0.26-rekey_rng.patch p5-Net-SSLeay<1.25 file-permissions http://secunia.com/advisories/15207/ evolution<2.0.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0806 postgresql-server<7.3.10 privilege-escalation http://www.postgresql.org/about/news.322 postgresql73-server<7.3.10 privilege-escalation http://www.postgresql.org/about/news.322 postgresql74-server<7.4.8 privilege-escalation http://www.postgresql.org/about/news.322 postgresql80-server<8.0.3 privilege-escalation http://www.postgresql.org/about/news.322 freeradius<=1.0.2nb1 remote-code-execution http://www.securityfocus.com/bid/13540/ freeradius<=1.0.2nb1 buffer-overflow http://www.securityfocus.com/bid/13541/ mysql-server>=4.1.0<4.1.12 sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1636 ImageMagick<6.2.2.3 denial-of-service http://www.gentoo.org/security/en/glsa/glsa-200505-16.xml netscape7-[0-9]* cross-site-scripting http://secunia.com/advisories/15437/ gxine<0.4.5 remote-code-execution http://secunia.com/advisories/15451/ net-snmp<5.1.2nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1740 net-snmp-5.2.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1740 gedit<2.10.3 remote-code-execution http://secunia.com/advisories/15454/ squid<2.5.9nb2 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1345 qpopper<4.0.6 privilege-escalation http://secunia.com/advisories/15475/ bzip2<1.0.3 denial-of-service http://scary.beasts.org/security/CESA-2005-002.txt openslp<1.2.1 remote-code-execution http://www.securityfocus.com/advisories/8224 mhonarc<2.6.11 cross-site-scripting https://savannah.nongnu.org/bugs/index.php?func=detailitem&item_id=12930 clamav<0.84 osx-privilege-escalation http://www.sentinelchicken.com/advisories/clamav/ ettercap-0.7.2 remote-code-execution http://secunia.com/advisories/15535/ qmail<1.03nb49 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2005-1513 gdb>6<6.2.1nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1704 gdb<5.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1704 gdb>6<6.2.1nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1705 gdb<5.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1705 binutils<2.16.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1704 kdbg<1.2.9 privilege-escalation http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0644 mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.10 http-frame-spoof http://secunia.com/advisories/15601/ mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.10 dialog-spoofing http://secunia.com/advisories/15489/ firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.5 http-frame-spoof http://secunia.com/advisories/15601/ firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.5 dialog-spoofing http://secunia.com/advisories/15489/ leafnode<1.11.3 denial-of-service http://leafnode.sourceforge.net/leafnode-SA-2005-02.txt xmysqladmin-[0-9]* remote-shell http://www.zataz.net/adviso/xmysqladmin-05292005.txt dbus<0.23.1 local-session-hijacking http://secunia.com/advisories/14119/ gaim<1.3.1 denial-of-service http://gaim.sourceforge.net/security/index.php?id=18 gaim<1.3.1 denial-of-service http://gaim.sourceforge.net/security/index.php?id=19 libextractor<0.3.11nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0064 libextractor<0.4.2 remote-code-execution http://secunia.com/advisories/15651/ tcpdump<3.8.3nb2 denial-of-service http://secunia.com/advisories/15634/ mikmod<3.1.7 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0427 postfix<2.1.5nb5 linux-unauthorised-mail-relaying http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0337 squirrelmail<1.4.4nb1 remote-code-execution http://www.squirrelmail.org/security/issue/2005-06-15 opera<8.01 cross-site-scripting http://secunia.com/advisories/15423/ opera<8.01 remote-security-bypass http://secunia.com/secunia_research/2005-4/advisory/ opera<8.01 cross-site-scripting http://secunia.com/secunia_research/2005-5/advisory/ opera<8.01 dialog-spoofing http://secunia.com/advisories/15488/ sun-{jdk,jre}15<5.0.2 remote-user-access http://secunia.com/advisories/15671/ acroread7<7.0.1 remote-information-exposure http://www.adobe.com/support/techdocs/331710.html acroread7<7.0.1 buffer-overflow http://www.adobe.com/support/techdocs/321644.html p5-razor-agents<2.72 denial-of-service http://secunia.com/advisories/15739/ spamassassin<3.0.4 denial-of-service http://secunia.com/advisories/15704/ heimdal<0.6.5 buffer-overflow http://www.pdc.kth.se/heimdal/advisory/2005-06-20/ trac<0.8.4 remote-code-execution http://secunia.com/advisories/15752/ sudo<1.6.8pl9 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1993 gcpio<2.6nb1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1111 gcpio<2.6nb1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1229 tor<0.0.9.10 information-leak http://archives.seul.org/or/announce/Jun-2005/msg00001.html ruby18-base<1.8.2nb2 remote-security-bypass http://secunia.com/advisories/15767/ ruby1{6,8}-xmlrpc4r<1.7.16nb2 remote-security-bypass http://secunia.com/advisories/15767/ asterisk<1.0.8 remote-code-execution http://www.bindshell.net/voip/advisory-05-013.txt p5-CGI<2.94 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0615 perl{,-thread}-5.6.[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0615 perl{,-thread}-5.6.[0-9]* access-validation-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1323 realplayer-[0-9]* remote-code-execution http://service.real.com/help/faq/security/050623_player/EN/ RealPlayerGold<10.0.5 remote-code-execution http://service.real.com/help/faq/security/050623_player/EN/ clamav<0.86.1 denial-of-service http://secunia.com/advisories/15811/ clamav<0.86 denial-of-service http://secunia.com/advisories/15835/ clamav<0.86 denial-of-service http://secunia.com/advisories/15859/ dillo<0.8.5 remote-code-execution http://www.dillo.org/ChangeLog.html p5-Net-Server<0.88 denial-of-service http://www.derkeiler.com/Mailing-Lists/Securiteam/2005-04/0147.html zlib<1.2.2nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2096 net-snmp<5.2.1.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2177 bugzilla<2.18.2 information-leak http://www.bugzilla.org/security/2.18.1/ unalz<0.40 buffer-overflow http://www.kipple.pe.kr/win/unalz/ mit-krb5<1.4.2 denial-of-service http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-002-kdc.txt mit-krb5<1.4.2 remote-code-execution http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-003-recvauth.txt squirrelmail<1.4.5 remote-file-write http://www.squirrelmail.org/security/issue/2005-07-13 polsms<2.0.2 privilege-escalation http://secunia.com/advisories/16038/ elmo<1.3.2 local-file-write http://secunia.com/advisories/15977/ audit-packages<1.35 no-vulnerability-but-missing-file-format-check-support http://mail-index.netbsd.org/pkgsrc-changes/2005/06/07/0036.html centericq<=4.20.0 local-file-write http://secunia.com/advisories/15913/ phppgadmin<3.5.4 remote-information-exposure http://secunia.com/advisories/15941/ cups<1.1.21rc1 acl-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2154 firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.5 cross-site-scripting http://secunia.com/advisories/15549/ firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.5 multiple-vulnerabilities http://secunia.com/advisories/16043/ ekg<1.6nb2 local-symlink-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1916 ekg<1.6nb2 insecure-temp-files http://www.debian.org/security/2005/dsa-760 ekg<1.6nb2 shell-command-injection http://www.debian.org/security/2005/dsa-760 kdebase-3.[2-3].[0-9]{,nb*} local-information-exposure http://www.kde.org/info/security/advisory-20050718-1.txt kdebase-3.4.0{,nb*} local-information-exposure http://www.kde.org/info/security/advisory-20050718-1.txt php<4.3.11nb1 remote-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1921 php<4.3.11nb1 remote-command-execution http://www.hardened-php.net/advisory_142005.66.html fetchmail<6.2.5nb5 remote-user-shell http://fetchmail.berlios.de/fetchmail-SA-2005-01.txt kdenetwork-3.3.* remote-code-execution http://www.kde.org/info/security/advisory-20050721-1.txt kdenetwork-3.4.{0,0nb*,1} remote-code-execution http://www.kde.org/info/security/advisory-20050721-1.txt rsnapshot<1.1.7 privilege-escalation http://www.rsnapshot.org/security/2005/001.html zlib<1.2.3 denial-of-service http://secunia.com/advisories/16137/ clamav<0.86.2 denial-of-service http://secunia.com/advisories/16180/ clamav<0.86.2 buffer-overflow http://secunia.com/advisories/16180/ vim{,-gtk,-gtk2,-kde,-motif,-xaw,-share}<6.3.082 local-code-execution http://secunia.com/advisories/16206/ vim<6.3.082 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2368 ethereal<0.10.12 denial-of-service http://www.ethereal.com/appnotes/enpa-sa-00020.html ethereal<0.10.12 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00020.html p5-Compress-Zlib<1.35 denial-of-service http://secunia.com/advisories/16137/ unzip<5.52nb2 local-symlink-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2475 rsync<2.6.6 null-pointer-dereference http://lists.samba.org/archive/rsync-announce/2005/000032.html msf<2.4nb2 remote-security-bypass http://secunia.com/advisories/16318/ proftpd<1.2.10nb4 format-string http://secunia.com/advisories/16181/ jabberd-2.0s[2-8]{,nb*} buffer-overflows http://secunia.com/advisories/16291/ gopher<3.0.8 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1853 gaim<1.4.0nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2370 kadu<0.4.1 denial-of-service http://secunia.com/advisories/16238/ opera<8.02 dialog-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2405 opera<8.02 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2406 suse{,32}_base<9.1nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1849 suse{,32}_base<9.1nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2096 netpbm<10.28 local-code-execution http://secunia.com/advisories/16184/ acroread5<5.0.11 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1625 acroread5<5.0.11 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1841 apache-2.0.[0-4][0-9]* cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2088 apache-2.0.5[0-3]* cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2088 apache-2.0.54{,nb[12]} cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2088 awstats<6.4nb1 remote-command-execution http://www.idefense.com/application/poi/display?id=290&type=vulnerabilities inkscape<0.42 insecure-temp-files http://secunia.com/advisories/16343/ mysql-server<4.0.25 local-code-execution http://www.appsecinc.com/resources/alerts/mysql/2005-001.html mysql-server<4.0.25 buffer-overflow http://www.appsecinc.com/resources/alerts/mysql/2005-002.html mysql-server-4.1.{0,1,2,3,4,5,6,7,8,9,10,11,12}{,nb*} local-code-execution http://www.appsecinc.com/resources/alerts/mysql/2005-001.html mysql-server-4.1.{0,1,2,3,4,5,6,7,8,9,10,11,12}{,nb*} buffer-overflow http://www.appsecinc.com/resources/alerts/mysql/2005-002.html xpdf<3.00pl3nb1 denial-of-service http://secunia.com/advisories/16374/ kdegraphics-3.3.[0-9]{,nb*} denial-of-service http://www.kde.org/info/security/advisory-20050809-1.txt kdegraphics-3.4.0{,nb*} denial-of-service http://www.kde.org/info/security/advisory-20050809-1.txt kdegraphics-3.4.1 denial-of-service http://www.kde.org/info/security/advisory-20050809-1.txt gaim<1.4.0nb2 denial-of-service http://secunia.com/advisories/16379/ gaim<1.4.0nb2 remote-command-execution http://secunia.com/advisories/16379/ cups<1.1.23nb3 denial-of-service http://secunia.com/advisories/16380/ wine>20000000<20050524nb1 insecure-temp-files http://secunia.com/advisories/16352/ wine-20050725 insecure-temp-files http://secunia.com/advisories/16352/ xv<3.10anb10 privilege-escalation http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1725 xv<3.10anb10 privilege-escalation http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1726 xv<3.10anb10 privilege-escalation http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0665 kdeedu-3.[0-3].* privilege-escalation http://www.kde.org/info/security/advisory-20050815-1.txt kdeedu-3.4.{0*,1,2} privilege-escalation http://www.kde.org/info/security/advisory-20050815-1.txt thunderbird{,-bin,-gtk1}<1.0.5 disabled-scripting-bypass http://www.mozilla.org/security/announce/mfsa2005-46.html netscape7-7.2{,nb*} cross-site-scripting http://secunia.com/advisories/15553/ netscape8<8.0.3.3 cross-site-scripting http://secunia.com/advisories/15553/ netscape8<8.0.3.3 arbitrary-code-execution http://secunia.com/advisories/16185/ netscape7-7.2{,nb*} arbitrary-code-execution http://secunia.com/advisories/16044/ netscape8<8.0.3.3 arbitrary-code-execution http://secunia.com/advisories/16044/ netscape7-7.2{,nb*} local-security-bypass http://secunia.com/advisories/16044/ netscape8<8.0.3.3 local-security-bypass http://secunia.com/advisories/16044/ centericq<4.20.0nb2 denial-of-service http://secunia.com/advisories/16240/ centericq<4.20.0nb2 shell-command-injection http://secunia.com/advisories/16240/ evolution<2.2.2nb2 arbitrary-code-execution http://www.sitic.se/eng/advisories_and_recommendations/sa05-001.html evolution-2.2.3 arbitrary-code-execution http://www.sitic.se/eng/advisories_and_recommendations/sa05-001.html gpdf-2.10.0 denial-of-service http://secunia.com/advisories/16400/ mantis<0.19.2 cross-site-scripting http://secunia.com/advisories/16506/ mantis<0.19.2 sql-injection http://secunia.com/advisories/16506/ elm<2.5.8 remote-user-shell http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-08/0692.html pcre<6.2 arbitrary-code-execution http://secunia.com/advisories/16502/ mplayer<1.0rc7nb2 remote-code-execution http://www.sven-tantau.de/public_files/mplayer/mplayer_20050824.txt gmplayer<1.0rc7nb1 remote-code-execution http://www.sven-tantau.de/public_files/mplayer/mplayer_20050824.txt tor<0.1.0.14 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2643 cvs<1.11.20nb2 local-privilege-escalation http://secunia.com/advisories/16553/ apache-2.0.[1-4][0-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491 apache-2.0.5[0-3]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491 apache-2.0.54{,nb[123]} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491 pam-ldap-169{,nb*} authentication-bypass http://secunia.com/advisories/16518/ pam-ldap-17[0-9]{,nb*} authentication-bypass http://secunia.com/advisories/16518/ gnats<4.1.0nb1 local-file-write http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2180 apache-2.0.[1-4][0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2728 apache-2.0.5[0-3]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2728 apache-2.0.54{,nb[123]} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2728 phpmyadmin<2.6.4rc1 cross-site-scripting http://secunia.com/advisories/16605/ sqwebmail<5.0.4nb1 cross-site-scripting http://secunia.com/advisories/16539/ sqwebmail<5.0.4nb1 cross-site-scripting http://secunia.com/advisories/16600/ ntp<4.2.0nb7 listener-permissions http://secunia.com/advisories/16602/ phpldapadmin<0.9.6cnb4 authentication-bypass http://secunia.com/advisories/16611/ gopher<3.0.11 buffer-overflow http://secunia.com/advisories/16614/ phpldapadmin<0.9.6cnb4 remote-code-execution http://secunia.com/advisories/16617/ php-5.0.[0-3]{,nb*} remote-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1921 php-5.0.[0-3]{,nb*} remote-command-execution http://www.hardened-php.net/advisory_142005.66.html php-5.0.4 remote-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1921 php-5.0.4 remote-command-execution http://www.hardened-php.net/advisory_142005.66.html gnumeric<1.2.13nb3 arbitrary-code-execution http://secunia.com/advisories/16584/ gnumeric-1.4.[0-2]{,nb*} arbitrary-code-execution http://secunia.com/advisories/16584/ gnumeric-1.4.3 arbitrary-code-execution http://secunia.com/advisories/16584/ apache-2.0.[1-4][0-9]* weak-authentication http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700 apache-2.0.5[0-3]* weak-authentication http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700 apache-2.0.54{,nb[1234]} weak-authentication http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700 ap-ssl<2.8.24 weak-authentication http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700 nikto<1.35nb1 cross-site-scripting http://secunia.com/advisories/16669/ kdebase-3.[23].* local-privilege-escalation http://www.kde.org/info/security/advisory-20050905-1.txt kdebase-3.[23].* local-privilege-escalation http://www.kde.org/info/security/advisory-20050905-1.txt kdebase-3.4.[01]{,nb*} local-privilege-escalation http://www.kde.org/info/security/advisory-20050905-1.txt kdebase-3.4.2{,nb1} local-privilege-escalation http://www.kde.org/info/security/advisory-20050905-1.txt squid<2.5.10nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2794 squid<2.5.10nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2796 gg2<2.2.8 denial-of-service http://secunia.com/advisories/16241/ gg2<2.2.8 remote-command-execution http://secunia.com/advisories/16241/ openttd<0.4.0.1nb1 denial-of-service http://secunia.com/advisories/16696/ openttd<0.4.0.1nb1 remote-command-execution http://secunia.com/advisories/16696/ freeradius<1.0.5 sql-injection http://www.freeradius.org/security.html freeradius<1.0.5 denial-of-service http://www.freeradius.org/security.html gcvs<1.0nb2 local-privilege-escalation http://secunia.com/advisories/16553/ netscape7-[0-9]* remote-command-execution http://secunia.com/advisories/16766/ netscape7-[0-9]* remote-command-execution http://secunia.com/advisories/16766/ sqwebmail<5.0.4nb2 cross-site-scripting http://secunia.com/advisories/16704/ silc-server<1.0nb1 local-privilege-escalation http://secunia.com/advisories/16659/ chmlib<0.36 remote-command-execution http://morte.jedrea.com/~jedwin/projects/chmlib/ chmlib<0.36 buffer-overflow http://morte.jedrea.com/~jedwin/projects/chmlib/ snort<2.4.0nb1 denial-of-service http://marc.theaimsgroup.com/?l=vuln-dev&m=112655297606335&w=2 xchat<2.4.5 unspecified http://www.xchat.org/ imake>=3<4.4.0nb2 insecure-temp-files ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-009.txt.asc xorg-imake<6.8.2nb2 insecure-temp-files ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-009.txt.asc clamav<0.87 buffer-overflow http://secunia.com/advisories/16848/ clamav<0.87 denial-of-service http://secunia.com/advisories/16848/ gtexinfo<4.8nb1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3011 rdiff-backup<1.0.1 information-disclosure http://secunia.com/advisories/16774/ arc<5.21enb2 insecure-temp-files http://www.zataz.net/adviso/arc-09052005.txt zebedee<2.5.3 denial-of-service http://sourceforge.net/mailarchive/forum.php?thread_id=8134987&forum_id=2055 openssh<4.2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2798 python24<2.4.1 buffer-overflow http://secunia.com/advisories/16793/ python24-pth<2.4.1 buffer-overflow http://secunia.com/advisories/16793/ python23<2.3.5nb3 buffer-overflow http://secunia.com/advisories/16793/ python23-pth<2.3.5nb1 buffer-overflow http://secunia.com/advisories/16793/ python23-nth<2.3.5nb2 buffer-overflow http://secunia.com/advisories/16793/ python22<2.2.3nb6 buffer-overflow http://secunia.com/advisories/16793/ python22-pth<2.2.3nb6 buffer-overflow http://secunia.com/advisories/16793/ xorg-libs<6.8.2nb2 buffer-overflow http://secunia.com/advisories/16790/ XFree86-libs<4.4.0nb4 buffer-overflow http://secunia.com/advisories/16777/ mit-krb5<1.8.3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0488 pam-ldap<180 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2069 nss_ldap<240 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2069 opera<8.50 cross-site-scripting http://secunia.com/advisories/16645/ opera<8.50 file-spoofing http://secunia.com/advisories/16645/ bacula<1.36.3nb1 insecure-temp-files http://secunia.com/advisories/16866/ firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.7 remote-command-execution http://www.frsirt.com/english/advisories/2005/1794 ruby16-base<1.6.8nb2 access-validation-bypass http://jvn.jp/jp/JVN%2362914675/index.html ruby18-base<1.8.2nb4 access-validation-bypass http://jvn.jp/jp/JVN%2362914675/index.html hylafax<4.2.1nb1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3069 hylafax<4.2.1nb1 insecure-socket http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3070 p7zip<4.27 remote-code-execution http://secunia.com/advisories/16664/ firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.7 remote-command-execution http://www.mozilla.org/security/announce/mfsa200 firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.7 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-58.html mozilla{,-bin,-gtk2}<1.7.12 remote-command-execution http://www.mozilla.org/security/announce/mfsa2005-57.html mozilla{,-bin,-gtk2}<1.7.12 remote-command-execution http://www.mozilla.org/security/announce/mfsa2005-58.html #poppassd-4.[0-9]* local-privilege-escalation http://secunia.com/advisories/16935/ abiword<2.2.10 buffer-overflow http://www.abisource.com/changelogs/2.2.10.phtml eric3<3.7.2 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3068 {ap-,}php<4.4.0nb1 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3054 realplayer<10.0.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2710 RealPlayerGold<10.0.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2710 uim<0.4.9.1 privilege-escalation http://lists.freedesktop.org/archives/uim/2005-September/001346.html netscape7-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/16944/ thunderbird{,-bin,-gtk1}<1.0.7 multiple-vulnerabilities http://www.mozilla.org/security/announce/mfsa2005-58.html thunderbird{,-bin,-gtk1}<1.0.7 remote-command-execution http://www.mozilla.org/security/announce/mfsa2005-57.html squid<2.5.10nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2917 mpeg_encode<1.5bnb3 privilege-escalation http://secunia.com/advisories/17008/ weex<2.6.1nb1 local-code-execution http://secunia.com/advisories/17028/ apachetop<0.12.5nb1 insecure-temp-files http://www.zataz.net/adviso/apachetop-09022005.txt blender<2.37anb2 local-code-execution http://secunia.com/advisories/17013/ blender-2.41 local-code-execution http://secunia.com/advisories/17013/ bugzilla<2.18.4 information-leak http://www.bugzilla.org/security/2.18.4/ imap-uw<2004enb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2933 openssl<0.9.7h information-leak http://www.openssl.org/news/secadv_20051011.txt koffice<1.4.2 local-code-execution http://www.kde.org/info/security/advisory-20051011-1.txt phpmyadmin<2.6.4pl2 information-leak http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-4 xine-lib<1.0.3 remote-users-shell http://xinehq.de/index.php/security/XSA-2005-1 unrar<3.5.4 remote-code-execution http://www.rarlabs.com/rarnew.htm curl<7.15.0 remote-code-execution http://curl.haxx.se/mail/lib-2005-10/0061.html wget-1.10 remote-code-execution http://www.mail-archive.com/wget%40sunsite.dk/msg08300.html wget-1.10.1 remote-code-execution http://www.mail-archive.com/wget%40sunsite.dk/msg08300.html abiword<2.4.1 arbitrary-code-execution http://scary.beasts.org/security/CESA-2005-006.txt clamav<0.87.1 denial-of-service http://secunia.com/advisories/17184/ clamav<0.87.1 denial-of-service http://secunia.com/advisories/17434/ clamav<0.87.1 remote-code-execution http://www.zerodayinitiative.com/advisories/ZDI-05-002.html lynx<2.8.5.3 remote-users-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3120 snort-2.4.[0-2]{,nb*} buffer-overflow http://secunia.com/advisories/17220/ snort-mysql-2.4.[0-2]{,nb*} buffer-overflow http://secunia.com/advisories/17220/ snort-pgsql-2.4.[0-2]{,nb*} buffer-overflow http://secunia.com/advisories/17220/ graphviz<2.6 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2965 squid<2.5.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3258 ethereal<0.10.13 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00021.html sudo<1.6.8pl9nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2959 chmlib<0.37.3 remote-code-execution http://66.93.236.84/~jedwin/projects/chmlib/ mantis<1.0.0rc3 sql-injection http://secunia.com/advisories/16818/ phpmyadmin<2.6.4pl3 information-leak http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-5 netpbm<10.25 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2978 xli<1.17.0nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0775 wget<1.10 remote-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1487 wget<1.10 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1488 wget-1.9{,nb*} symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2014 wget-1.9.1{,nb*} symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2014 php<4.4.1 remote-code-execution http://www.hardened-php.net/advisory_202005.79.html php<4.4.1 remote-code-execution http://www.hardened-php.net/advisory_202005.78.html php<4.4.1 remote-code-execution http://www.hardened-php.net/advisory_202005.77.html php-5.0.[0-5]* remote-code-execution http://www.hardened-php.net/advisory_202005.79.html php-5.0.[0-5]* remote-code-execution http://www.hardened-php.net/advisory_202005.78.html php-5.0.[0-5]* remote-code-execution http://www.hardened-php.net/advisory_202005.77.html openvpn<2.0.3 denial-of-service http://secunia.com/advisories/17376/ openvpn<2.0.3 remote-code-execution http://secunia.com/advisories/17376/ ethereal<0.10.13nb1 denial-of-service http://secunia.com/advisories/17370/ chmlib<0.36 remote-code-execution http://www.idefense.com/application/poi/display?id=332&type=vulnerabilities&flashstatus=true fetchmailconf<6.2.5nb3 insecure-file-permissions http://fetchmail.berlios.de/fetchmail-SA-2005-02.txt skype<1.2.0.18 remote-code-execution http://secunia.com/advisories/17305/ python21<2.1.3nb8 remote-code-execution http://secunia.com/advisories/16914/ python21-pth<2.1.3nb7 remote-code-execution http://secunia.com/advisories/16914/ rsaref<2.0p3 buffer-overrun http://www.cert.org/advisories/CA-1999-15.html libgda<1.2.2nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2958 libwww<5.4.0nb4 denial-of-service http://secunia.com/advisories/17119/ zope-2.6.[0-9]* remote-code-execution http://secunia.com/advisories/17173/ openvmps<=1.3 remote-code-execution http://www.security.nnov.ru/Jdocument889.html libungif<4.1.3nb3 denial-of-service http://secunia.com/advisories/17436/ libungif<4.1.3nb3 remote-code-execution http://secunia.com/advisories/17436/ {ns,moz-bin,firefox-bin}-flash<7.0.25 remote-code-execution http://secunia.com/advisories/17430/ sudo<1.6.8pl9nb2 privilege-escalation http://www.sudo.ws/sudo/alerts/perl_env.html emacs-21.2.1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1232 sylpheed<2.0.4 local-code-execution http://secunia.com/advisories/17492/ spamassassin<3.0.4nb2 denial-of-service http://secunia.com/advisories/17386/ sylpheed-2.1.[0-5]* local-code-execution http://secunia.com/advisories/17492/ phpmyadmin<2.6.4pl4 http-header-injection http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-6 opera<8.51 remote-user-shell http://secunia.com/advisories/16907/ opera<8.51 remote-user-shell http://secunia.com/advisories/17437/ ipsec-tools<0.6.3 denial-of-service http://secunia.com/advisories/17668/ horde-3.0.[0-6]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3759 horde<2.2.9 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3570 micq<0.4.10.4 denial-of-service http://www.micq.org/news.shtml.en gtk2+<2.6.10nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975 gtk2+-2.8.[0-6]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975 gtk2+<2.6.10nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186 gtk2+-2.8.[0-6]{,nb*} arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186 gdk-pixbuf<0.22.0nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975 gdk-pixbuf<0.22.0nb6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2976 gdk-pixbuf<0.22.0nb6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186 acid-[0-9]* cross-site-scripting http://secunia.com/advisories/17552/ acid-[0-9]* sql-injection http://secunia.com/advisories/17552/ thttpd<2.25bnb4 insecure-temp-files http://secunia.com/advisories/17454/ rar-linux<3.5.1 format-string http://secunia.com/advisories/17524/ rar-linux<3.5.1 buffer-overflow http://secunia.com/advisories/17524/ gaim-encryption<2.39 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4693 mailman<2.1.6nb1 denial-of-service http://secunia.com/advisories/17511/ ghostscript-afpl<8.51nb1 insecure-temp-files http://secunia.com/advisories/12903/ ghostscript-esp<8.15.1nb1 insecure-temp-files http://secunia.com/advisories/12903/ ghostscript-esp-nox11<8.15.1nb1 insecure-temp-files http://secunia.com/advisories/12903/ ghostscript-gnu<8.15nb1 insecure-temp-files http://secunia.com/advisories/12903/ ghostscript-gnu-nox11<8.15nb1 insecure-temp-files http://secunia.com/advisories/12903/ ghostscript<6.01nb6 insecure-temp-files http://secunia.com/advisories/12903/ ghostscript-nox11<6.01nb6 insecure-temp-files http://secunia.com/advisories/12903/ suse{,32}_gtk2<9.1nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975 suse{,32}_gtk2<9.1nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2976 suse{,32}_gtk2<9.1nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186 sun-{jre,jdk}13<1.0.16 local-file-write http://secunia.com/advisories/17748/ sun-{jre,jdk}14<2.9 local-file-write http://secunia.com/advisories/17748/ sun-{jre,jdk}15<5.0.4 local-file-write http://secunia.com/advisories/17748/ blackdown-{jre,jdk}13-* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1080 sun-{jre,jdk}13-* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1080 fastjar<0.93nb3 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3619 inkscape-0.4[1-2]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3737 webmin<1.170nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3912 webmin<1.170nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3912 unalz<0.53 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3862 kadu<0.4.2 denial-of-service http://secunia.com/advisories/17764/ centericq<4.20.0nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3694 centericq-4.21.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3694 xpdf<3.01pl1nb2 buffer-overflow http://secunia.com/advisories/17897/ kdegraphics<3.4.2nb1 buffer-overflow http://www.kde.org/info/security/advisory-20051207-1.txt kdegraphics-3.4.3 buffer-overflow http://www.kde.org/info/security/advisory-20051207-1.txt koffice<1.4.1nb1 buffer-overflow http://www.kde.org/info/security/advisory-20051207-1.txt koffice-1.4.2{,nb1} buffer-overflow http://www.kde.org/info/security/advisory-20051207-1.txt Ffmpeg<0.4.9pre1 buffer-overflow http://secunia.com/advisories/17892/ horde<3.1.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4080 phpmyadmin<2.7.0 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-8 phpmyadmin<2.7.0pl1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-9 curl<7.15.1 unknown http://www.hardened-php.net/advisory_242005.109.html php<4.4.1 cross-site-scripting http://www.hardened-php.net/advisory_182005.77.html php-5.0.[0-5]{,nb1} cross-site-scripting http://www.hardened-php.net/advisory_182005.77.html php<4.4.1 global-variables http://www.hardened-php.net/advisory_192005.78.html php-5.0.[0-5]{,nb1} global-variables http://www.hardened-php.net/advisory_192005.78.html php<4.4.1 remote-code-execution http://www.hardened-php.net/advisory_202005.79.html php-5.0.[0-5]{,nb1} remote-code-execution http://www.hardened-php.net/advisory_202005.79.html ethereal<0.10.13nb2 remote-code-execution http://www.idefense.com/application/poi/display?id=349&type=vulnerabilities mplayer<1.0rc7nb6 buffer-overflow http://secunia.com/advisories/17892/ gmplayer<1.0rc7nb4 buffer-overflow http://secunia.com/advisories/17892/ mencoder<1.0rc7nb2 buffer-overflow http://secunia.com/advisories/17892/ gpdf<2.10.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3191 gpdf<2.10.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3192 gpdf<2.10.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3193 poppler<0.3.3nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3191 poppler-0.4.2{,nb1} arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3191 poppler<0.3.3nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3192 poppler-0.4.2{,nb1} arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3192 poppler<0.3.3nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3193 poppler-0.4.2{,nb1} arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3193 dropbear<0.46nb1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2005-4178 mantis<1.0.0rc4 cross-site-scripting http://secunia.com/advisories/18181/ horde-3.0.[0-7]* cross-site-scripting http://secunia.com/advisories/17970/ turba<2.0.5 cross-site-scripting http://secunia.com/advisories/17968/ apache-2.0.[1-4][0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352 apache-2.0.5[0-4]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352 apache-2.0.55{,nb[12]} cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352 apache<1.3.34nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352 cups<1.1.23nb4 arbitrary-code-execution http://secunia.com/advisories/17976/ opera<8.02 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2407 opera<8.51 denial-of-service http://secunia.com/advisories/17963/ libextractor<0.5.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3191 libextractor<0.5.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3192 libextractor<0.5.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3193 trac<0.9.2 sql-injection http://projects.edgewall.com/trac/wiki/ChangeLog perl<5.8.7nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3962 sun-{jre,jdk}13-* denial-of-service http://secunia.com/advisories/17478/ sun-{jre,jdk}14-* denial-of-service http://secunia.com/advisories/17478/ sun-{jre,jdk}15-* denial-of-service http://secunia.com/advisories/17478/ blackdown-{jre,jdk}13-* remote-code-execution http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/218&type=0&nav=sec.sba blackdown-{jre,jdk}13-* privilege-escalation http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57221&zone_32=category%3Asecurity blackdown-{jre,jdk}13-* remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1 blackdown-{jre,jdk}13-* remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57708-1 blackdown-{jre,jdk}13-* local-file-write http://secunia.com/advisories/17748/ blackdown-{jre,jdk}13-* denial-of-service http://secunia.com/advisories/17478/ fetchmail<6.2.5.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2005-4348 realplayer<10.0.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2629 RealPlayerGold<10.0.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2629 bugzilla<2.20 insecure-temp-files http://secunia.com/advisories/18218/ scponly<4.0 arbitrary-command-execution http://www.securityfocus.com/archive/1/383046 rssh<2.2.2 arbitrary-command-execution http://www.pizzashack.org/rssh/security.shtml rssh<2.2.3 arbitrary-command-execution http://www.securityfocus.com/archive/1/383046 rssh<2.3.0 privilege-escalation http://www.pizzashack.org/rssh/security.shtml scponly<4.2 privilege-escalation http://www.sublimation.org/scponly/ scponly<4.2 arbitrary-command-execution http://www.sublimation.org/scponly/ ethereal<0.10.14 denial-of-service http://secunia.com/advisories/18229/ kdegraphics<3.5.0nb1 buffer-overflow http://www.kde.org/info/security/advisory-20051207-2.txt koffice<1.4.2nb4 buffer-overflow http://www.kde.org/info/security/advisory-20051207-2.txt openmotif<2.2.3nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3964 mantis<1.0.0rc4nb2 sql-injection http://secunia.com/advisories/18254/ mantis<1.0.0rc4nb2 information-disclosure http://secunia.com/advisories/18254/ adodb<4.70 sql-injection http://secunia.com/advisories/17418/ adodb<4.70 information-disclosure http://secunia.com/advisories/17418/ poppler<0.4.4 arbitrary-code-execution http://scary.beasts.org/security/CESA-2005-003.txt ytalk<3.2.0 denial-of-service http://www.impul.se/ytalk/ChangeLog trac<0.9.3 cross-site-scripting http://secunia.com/advisories/18048/ blender<2.37nb3 denial-of-service http://secunia.com/advisories/18176/ blender>=2.38<2.40 denial-of-service http://secunia.com/advisories/18176/ gcpio<2.6nb2 denial-of-service http://secunia.com/advisories/18251/ gcpio<2.6nb2 arbitrary-code-execution http://secunia.com/advisories/18251/ rxvt-unicode<6.3 local-privilege-escalation http://secunia.com/advisories/18301/ pine<4.64 buffer-overflow http://www.idefense.com/intelligence/vulnerabilities/display.php?id=313 clamav<0.88 heap-overflow http://secunia.com/advisories/18379/ bitlbee<1.0 denial-of-service http://get.bitlbee.org/devel/CHANGES hylafax-4.2.3{,nb*} privilege-escalation http://secunia.com/advisories/18314/ hylafax-4.2.[0-3]{,nb*} local-privilege-escalation http://secunia.com/advisories/18314/ hylafax-4.2.[2-3]{,nb*} local-command-execution http://secunia.com/advisories/18314/ ap-auth-ldap<1.6.1 arbitrary-code-execution http://secunia.com/advisories/18382/ sudo<1.6.8pl12nb1 privilege-escalation http://secunia.com/advisories/18358/ wine>20000000<20060000 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0106 wine<0.9.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0106 tor<=0.1.1.12-alpha information-disclosure http://archives.seul.org/or/announce/Jan-2006/msg00001.html mantis<1.0.0rc5 cross-site-scripting http://secunia.com/advisories/18434/ tuxpaint<0.9.14nb6 insecure-temp-file http://secunia.com/advisories/18475/ kdelibs<3.5.0nb2 buffer-overflow http://www.kde.org/info/security/advisory-20060119-1.txt php-5.0.[0-9]{,nb*} inject-http-headers http://secunia.com/advisories/18431/ php-5.1.[0-1]{,nb*} inject-http-headers http://secunia.com/advisories/18431/ php5-mysqli>=5.1.0<5.1.2 arbitrary-code-execution http://secunia.com/advisories/18431/ php-5.0.[0-9]{,nb*} cross-site-scripting http://secunia.com/advisories/18431/ php-5.1.[0-1]{,nb*} cross-site-scripting http://secunia.com/advisories/18431/ vmware<5.5.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4459 xpdf<3.01pl2 denial-of-service http://secunia.com/advisories/18303/ xpdf<3.01pl2 arbitrary-code-execution http://secunia.com/advisories/18303/ cups<1.1.23nb8 denial-of-service http://secunia.com/advisories/18332/ cups<1.1.23nb8 arbitrary-code-execution http://secunia.com/advisories/18332/ antiword<0.37nb1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3126 sun-{jdk,jre}15<5.0.4 arbitrary-code-execution http://secunia.com/advisories/17748/ sun-{jdk,jre}14<2.9 arbitrary-code-execution http://secunia.com/advisories/17748/ sun-{jdk,jre}13<1.0.16 arbitrary-code-execution http://secunia.com/advisories/17748/ mailman-2.1.[4-6]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4153 teTeX-bin-1.[0-9]* denial-of-service http://secunia.com/advisories/17916/ teTeX-bin-2.[0-9]* denial-of-service http://secunia.com/advisories/17916/ teTeX-bin<3.0nb6 denial-of-service http://secunia.com/advisories/17916/ teTeX-bin-1.[0-9]* arbitrary-code-execution http://secunia.com/advisories/17916/ teTeX-bin-2.[0-9]* arbitrary-code-execution http://secunia.com/advisories/17916/ teTeX-bin<3.0nb6 arbitrary-code-execution http://secunia.com/advisories/17916/ teTeX-bin-1.[0-9]* denial-of-service http://secunia.com/advisories/18329/ teTeX-bin-2.[0-9]* denial-of-service http://secunia.com/advisories/18329/ teTeX-bin<3.0nb6 denial-of-service http://secunia.com/advisories/18329/ teTeX-bin-1.[0-9]* arbitrary-code-execution http://secunia.com/advisories/18329/ teTeX-bin-2.[0-9]* arbitrary-code-execution http://secunia.com/advisories/18329/ teTeX-bin<3.0nb6 arbitrary-code-execution http://secunia.com/advisories/18329/ apache-2.0.[1-4][0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357 apache-2.0.5[0-4]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357 apache-2.0.55{,nb[1234]} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357 mod-auth-pgsql-[0-9]* format-string http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3656 xine-lib<1.0.3anb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4048 xine-lib<1.0.3anb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4048 mydns-{mysql,pgsql}<1.1.0 denial-of-service http://secunia.com/advisories/18532/ adodb<4.71 sql-injection http://secunia.com/advisories/18575/ ImageMagick<6.2.6.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4601 ImageMagick<6.2.6.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0082 libast<0.6.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0224 png-1.2.[67]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0481 png-1.0.1[67]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0481 p5-Mail-Audit<1.21nb2 privilege-escalation http://secunia.com/advisories/18656/ kdegraphics<3.5.0nb2 arbitrary-code-execution http://www.kde.org/info/security/advisory-20060202-1.txt kdegraphics-3.5.1 arbitrary-code-execution http://www.kde.org/info/security/advisory-20060202-1.txt heimdal<0.7.2 privilege-escalation http://www.pdc.kth.se/heimdal/advisory/2006-02-06/ firefox{,-bin,-gtk1}-1.5 remote-code-execution http://www.mozilla.org/security/announce/mfsa2006-04.html libtool-base<1.5.18nb7 insecure-temp-files http://lists.gnu.org/archive/html/libtool/2005-12/msg00076.html php>=5<5.1.0 inject-smtp-headers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3883 php<4.4.2 inject-smtp-headers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3883 openssh<4.3.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0225 gnutls<1.2.10 denial-of-service http://secunia.com/advisories/18794/ gnutls-1.3.[0-3]{,nb*} denial-of-service http://secunia.com/advisories/18794/ libtasn1<0.2.18 denial-of-service http://secunia.com/advisories/18794/ sun-{jdk,jre}15<5.0.6 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2006-0614 sun-{jdk,jre}14<2.10 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2006-0614 sun-{jdk,jre}13<1.0.17 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2006-0614 sun-{jdk,jre}15<5.0.6 remote-code-execution http://secunia.com/advisories/18762/ adzap<20060129 denial-of-service http://secunia.com/advisories/18771/ pam-mysql<0.6.2 arbitrary-code-execution http://secunia.com/advisories/18598/ exim<3.36nb6 arbitrary-code-execution http://secunia.com/advisories/16502/ exim>=4.0<4.53 arbitrary-code-execution http://secunia.com/advisories/16502/ noweb<2.9anb3 insecure-temp-files http://secunia.com/advisories/18809/ honeyd<1.0nb2 remote-information-exposure http://www.honeyd.org/adv.2006-01 honeyd>=1.1<1.5 remote-information-exposure http://www.honeyd.org/adv.2006-01 lighttpd<1.4.9 remote-information-exposure http://secunia.com/product/4661/ gnupg<1.4.2.1 verification-bypass http://secunia.com/advisories/18845/ dovecot>0.99.99<1.0beta3 denial-of-service http://secunia.com/advisories/18870/ tin<1.8.1 buffer-overflow ftp://ftp.tin.org/pub/news/clients/tin/stable/CHANGES opera<8.52 www-address-spoof http://secunia.com/advisories/17571/ bugzilla<2.20.1 sql-injection http://www.securityfocus.com/archive/1/425584/30/0/threaded bugzilla<2.20.1 cross-site-scripting http://www.securityfocus.com/archive/1/425584/30/0/threaded bugzilla<2.20.1 information-exposure http://www.securityfocus.com/archive/1/425584/30/0/threaded postgresql73-server<7.3.14 denial-of-service http://secunia.com/advisories/18890/ postgresql74-server<7.4.12 denial-of-service http://secunia.com/advisories/18890/ postgresql80-server<8.0.7 denial-of-service http://secunia.com/advisories/18890/ postgresql81-server<8.1.3 denial-of-service http://secunia.com/advisories/18890/ postgresql81-server<8.1.3 privilege-escalation http://secunia.com/advisories/18890/ bomberclone<0.11.6nb3 remote-code-execution http://secunia.com/advisories/18914/ libextractor<0.5.10 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3624 snort<2.4.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0839 snort-mysql<2.4.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0839 snort-pgsql<2.4.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0839 monotone<0.25.2 remote-code-execution http://venge.net/monotone/NEWS gnupg<1.4.2.2 incorrect-signature-verification http://lists.gnupg.org/pipermail/gnupg-announce/2006q1/000216.html p5-Crypt-CBC<2.17 weak-encryption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0898 namazu<2.0.16 directory-traversal http://www.namazu.org/security.html.en#dir-traversal base<1.2.2 sql-injection http://sourceforge.net/forum/forum.php?forum_id=529375 drupal<4.6.6 security-bypass http://drupal.org/files/sa-2006-001/advisory.txt drupal<4.6.6 cross-site-scripting http://drupal.org/files/sa-2006-002/advisory.txt drupal<4.6.6 session-fixation http://drupal.org/files/sa-2006-003/advisory.txt drupal<4.6.6 mail-header-injection http://drupal.org/files/sa-2006-004/advisory.txt horde<3.1 information-disclosure http://secunia.com/advisories/19246/ curl-7.15.[0-2]{,nb*} buffer-overflow http://curl.haxx.se/docs/adv_20060320.html xorg-server>=6.9.0<6.9.0nb7 privilege-escalation http://lists.freedesktop.org/archives/xorg/2006-March/013992.html xorg-server>=6.9.0<6.9.0nb7 denial-of-service http://lists.freedesktop.org/archives/xorg/2006-March/013992.html freeradius<1.1.1 denial-of-service http://secunia.com/advisories/19300/ sendmail>=8.13<8.13.5nb2 remote-code-execution http://www.kb.cert.org/vuls/id/834865 sendmail<8.12.11nb2 remote-code-execution http://www.kb.cert.org/vuls/id/834865 phpmyadmin<2.8.0.2 cross-site-scripting http://www.phpmyadmin.net/home_page/downloads.php?relnotes=0 horde>=3.0<3.1.1 remote-code-execution http://lists.horde.org/archives/announce/2006/000271.html {ns,moz-bin,firefox-bin}-flash<7.0.63 remote-code-execution http://www.us-cert.gov/cas/techalerts/TA06-075A.html RealPlayerGold<10.0.7 remote-code-execution http://service.real.com/realplayer/security/03162006_player/en/ p5-CGI-Session<4.09 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1279 p5-CGI-Session<4.09 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1280 samba<3.0.22 insecure-log-files http://www.samba.org/samba/security/CAN-2006-1059.html dia>=0.87<0.94nb6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1550 mantis<1.0.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1577 mysql-server>=3.0<4.1.20 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0903 mysql-server>=5.0<5.0.20nb1 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0903 php>=5.0<5.1.2nb1 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1490 php<4.4.2nb1 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1490 ap-php>=5.0<5.1.2nb6 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1490 ap-php<4.4.2nb6 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1490 freeciv-server<2.0.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0047 lsh<1.4.3nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0353 lsh>=2.0.0<2.0.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0353 lsh<1.4.3nb4 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0353 lsh>=2.0.0<2.0.2 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0353 clamav<0.88.1 denial-of-service http://secunia.com/advisories/19534/ clamav<0.88.1 remote-code-execution http://secunia.com/advisories/19534/ phpmyadmin<2.8.0.3 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-1 mailman<2.1.8rc1 cross-site-scripting http://secunia.com/advisories/19558/ mplayer<1.0rc7nb10 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0579 gmplayer<1.0rc7nb6 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0579 mencoder<1.0rc7nb4 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0579 xscreensaver<4.16 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1294 xscreensaver<4.16 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2655 php>=5.0<5.1.2nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0996 php<4.4.2nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0996 ap-php>=5.0<5.1.2nb6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0996 ap-php<4.4.2nb6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0996 php>=5.0<5.1.2nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 php<4.4.2nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 ap-php>=5.0<5.1.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 ap-php<4.4.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 ap{,13,2,22}-php{,5,53,54}>=5.0<5.1.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 ap{,13,2,22}-php{,4}<4.4.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 php>=5.0<5.1.2nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608 php<4.4.2nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608 ap-php>=5.0<5.1.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608 ap-php<4.4.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608 ap{,13,2,22}-php{,5,53,54}>=5.0<5.1.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608 ap{,13,2,22}-php{,4}<4.4.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608 firefox{,-bin,-gtk1}>=1.5<1.5.0.2 ui-spoofing http://www.mozilla.org/security/announce/2006/mfsa2006-29.html seamonkey{,-bin,-gtk1}<1.0.1 ui-spoofing http://www.mozilla.org/security/announce/2006/mfsa2006-29.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 security-bypass http://www.mozilla.org/security/announce/2006/mfsa2006-28.html seamonkey{,-bin,-gtk1}<1.0.1 security-bypass http://www.mozilla.org/security/announce/2006/mfsa2006-28.html thunderbird{,-bin,-gtk1}<1.5.0.2 security-bypass http://www.mozilla.org/security/announce/2006/mfsa2006-28.html firefox{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html thunderbird{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html thunderbird{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html seamonkey{,-bin,-gtk1}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html mozilla{,-bin,-gtk2}<1.7.13 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html firefox{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html thunderbird{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html thunderbird{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html seamonkey{,-bin,-gtk1}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html mozilla{,-bin,-gtk2}<1.7.13 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html firefox{,-bin,-gtk1}<1.0.8 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-23.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-23.html seamonkey{,-bin,-gtk1}<1.0.1 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-23.html mozilla{,-bin,-gtk2}<1.7.13 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-23.html firefox{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html thunderbird{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html thunderbird{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html seamonkey{,-bin,-gtk1}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html mozilla{,-bin,-gtk2}<1.7.13 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-20.html seamonkey{,-bin,-gtk1}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-20.html thunderbird{,-bin,-gtk1}<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-20.html phpmyadmin<2.8.0.4 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-2 amaya<9.5 remote-code-execution http://secunia.com/advisories/19670/ cy2-digestmd5<2.1.20nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1721 xzgv<0.8.0.1nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1060 xine-ui<0.99.2nb5 remote-code-execution http://secunia.com/advisories/19671/ xine-ui-0.99.4{,nb1} remote-code-execution http://secunia.com/advisories/19671/ ethereal<0.99.0 remote-code-execution http://www.ethereal.com/docs/release-notes/ethereal-0.99.0.html trac<0.9.5 cross-site-scripting http://jvn.jp/jp/JVN%2384091359/ ja-trac<0.9.5.1 cross-site-scripting http://jvn.jp/jp/JVN%2384091359/ i2cbd<2.0_BETA3 denial-of-service http://www.draga.com/~jwise/i2cb/ adodb<4.72 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0806 squirrelmail<1.4.6 cross-site-scripting http://secunia.com/advisories/18985/ squirrelmail<1.4.6 imap-injection http://secunia.com/advisories/18985/ unrealircd<3.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1214 firefox{,-gtk1}>=1.5<1.5.0.2nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1993 firefox-bin>=1.5<1.5.0.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1993 clamav<0.88.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1989 asterisk<1.2.7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1827 cgiirc<0.5.8 remote-code-execution http://secunia.com/advisories/19922/ miredo<0.8.2 security-bypass http://www.simphalempin.com/dev/miredo/mtfl-sa-0601.shtml.en xorg-server>=6.8.0<6.9.0nb10 remote-code-execution http://lists.freedesktop.org/archives/xorg/2006-May/015136.html nagios-base<2.3 remote-code-execution https://sourceforge.net/mailarchive/forum.php?thread_id=10297806&forum_id=7890 i2cbd<=2.0_BETA4 denial-of-service http://www.draga.com/~jwise/i2cb/ crossfire-server<1.9.0nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1236 dovecot>0.99.99<1.0beta8 remote-file-listing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2414 php<4.4.2nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1990 php>=5<5.1.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1990 php>=5<5.1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1991 php>=5.1<5.1.4 unknown http://secunia.com/advisories/19927/ phpldapadmin<0.9.8.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2016 mysql-server>=4.0<4.1.19 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1516 mysql-server>=5.0<5.0.21 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1516 mysql-server>=4.0<4.1.19 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517 mysql-server>=5.0<5.0.21 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517 mysql-server>=5.0<5.0.21 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1518 nagios-base<2.3.1 remote-code-execution http://secunia.com/advisories/20123/ quagga<0.98.6 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2223 quagga>0.99<0.99.4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2223 zebra-[0-9]* information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2223 quagga<0.98.6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2224 quagga>0.99<0.99.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2224 zebra-[0-9]* security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2224 quagga<0.98.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2276 quagga>0.99<0.99.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2276 zebra-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2276 tiff<3.8.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0405 tiff<3.8.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-2024 tiff<3.8.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2025 tiff<3.8.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2026 tiff<3.8.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-2120 xine-lib<1.0.3anb8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1664 awstats<6.6 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1945 awstats<6.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2237 quake3arena<1.32c remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2236 quake3arena<1.32c information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2236 quake3server<1.32c information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2236 quake3server-[0-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2875 abcmidi<2006-04-22 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1514 openldap<2.3.22 buffer-overflow http://secunia.com/advisories/20126/ libextractor<0.5.14 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2458 freetype2<2.1.10nb3 remote-code-execution http://secunia.com/advisories/20100/ dia<0.95.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2480 cscope<15.5nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2541 binutils<2.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2362 firefox{,-bin,-gtk1}<1.5.0.5 information-exposure http://secunia.com/advisories/20244/ mozilla{,-bin,-gtk2}-[0-9]* information-exposure http://secunia.com/advisories/20256/ netscape7-[0-9]* security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1942 netscape7-[0-9]* information-exposure http://secunia.com/advisories/20255/ postgresql73-server<7.3.15 sql-injection http://secunia.com/advisories/20231/ postgresql74-server<7.4.13 sql-injection http://secunia.com/advisories/20231/ postgresql80-server<8.0.8 sql-injection http://secunia.com/advisories/20231/ postgresql81-server<8.1.4 sql-injection http://secunia.com/advisories/20231/ drupal<4.6.7 sql-injection http://drupal.org/files/sa-2006-005/advisory.txt drupal<4.6.7 arbitrary-code-execution http://drupal.org/files/sa-2006-006/advisory.txt mpg123<0.59.18nb9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1655 mpg123-esound<0.59.18nb7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1655 mpg123-nas<0.59.18nb10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1655 tor<0.1.1.20 multiple-vulnerabilities http://secunia.com/advisories/20277/ awstats<6.6nb1 security-bypass http://secunia.com/advisories/20164/ drupal-4.7.[0-1]* arbitrary-code-execution http://drupal.org/node/66763 drupal-4.7.[0-1]* cross-site-scripting http://drupal.org/node/66767 drupal<4.6.8 arbitrary-code-execution http://drupal.org/node/66763 drupal<4.6.8 cross-site-scripting http://drupal.org/node/66767 firefox{,-bin,-gtk1}<1.5.0.4 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-31.html thunderbird{,-bin,-gtk1}<1.5.0.4 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-31.html seamonkey{,-bin,-gtk1}<1.0.2 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-31.html firefox{,-bin,-gtk1}<1.5.0.4 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-32.html thunderbird{,-bin,-gtk1}<1.5.0.4 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-32.html seamonkey{,-bin,-gtk1}<1.0.2 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-32.html firefox{,-bin,-gtk1}<1.5.0.4 http-response-smuggling http://www.mozilla.org/security/announce/2006/mfsa2006-33.html thunderbird{,-bin,-gtk1}<1.5.0.4 http-response-smuggling http://www.mozilla.org/security/announce/2006/mfsa2006-33.html seamonkey{,-bin,-gtk1}<1.0.2 http-response-smuggling http://www.mozilla.org/security/announce/2006/mfsa2006-33.html firefox{,-bin,-gtk1}<1.5.0.4 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-34.html seamonkey{,-bin,-gtk1}<1.0.2 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-34.html firefox{,-bin,-gtk1}<1.5.0.4 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-35.html thunderbird{,-bin,-gtk1}<1.5.0.4 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-35.html seamonkey{,-bin,-gtk1}<1.0.2 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-35.html firefox{,-bin,-gtk1}<1.5.0.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-36.html firefox{,-bin,-gtk1}<1.5.0.4 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-37.html thunderbird{,-bin,-gtk1}<1.5.0.4 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-37.html seamonkey{,-bin,-gtk1}<1.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-37.html firefox{,-bin,-gtk1}<1.5.0.4 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-38.html thunderbird{,-bin,-gtk1}<1.5.0.4 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-38.html seamonkey{,-bin,-gtk1}<1.0.2 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-38.html thunderbird{,-bin,-gtk1}<1.5.0.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-40.html seamonkey{,-bin,-gtk1}<1.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-40.html firefox{,-bin,-gtk1}<1.5.0.4 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-41.html seamonkey{,-bin,-gtk1}<1.0.2 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-41.html firefox{,-bin,-gtk1}<1.5.0.4 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-42.html thunderbird{,-bin,-gtk1}<1.5.0.4 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-42.html seamonkey{,-bin,-gtk1}<1.0.2 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-42.html firefox{,-bin,-gtk1}<1.5.0.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-43.html seamonkey{,-bin,-gtk1}<1.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-43.html {ja-,}squirrelmail<1.4.6nb3 remote-file-read http://www.squirrelmail.org/security/issue/2006-06-01 snort{,-mysql,-pgsql}<2.4.5 security-bypass http://secunia.com/advisories/20413/ mysql-server>=4.0<4.1.20 sql-injection http://secunia.com/advisories/20365/ mysql-server>=5.0<5.0.22 sql-injection http://secunia.com/advisories/20365/ base<1.2.5 remote-file-read http://secunia.com/advisories/20300/ asterisk<1.2.9.1 denial-of-service http://www.asterisk.org/node/95 spamassassin<3.1.3 arbitrary-code-execution http://secunia.com/advisories/20430/ tiff<3.8.2nb2 arbitrary-code-execution http://secunia.com/advisories/20488/ firefox{,2}{,-bin,-gtk1}<2.0.0.8 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894 seamonkey{,-bin,-gtk1}<1.1.5 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894 mozilla{,-bin,-gtk2}-[0-9]* remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894 netscape7-[0-9]* remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894 courier-mta<0.53.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2659 gdm<2.8.0.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2452 gdm>=2.14<2.14.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2452 sge<6.0.8 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0408 sge<6.0.8 security-bypass http://secunia.com/advisories/20518/ 0verkill<0.16nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2971 php<4.4.2 arbitrary-code-execution http://pear.php.net/advisory-20051104.txt pear-5.0.[0-9]* arbitrary-code-execution http://pear.php.net/advisory-20051104.txt kadu<0.5.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0768 irssi<0.8.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0458 crossfire-server<1.9.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1010 crossfire-server<1.9.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1010 dropbear<0.48 arbitrary-code-execution http://secunia.com/advisories/18964/ p5-libapreq2<2.07 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0042 amule<2.1.2 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2691 amule<2.1.2 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2692 openttd<0.4.8rc2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1998 openttd<0.4.8rc2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1999 jabberd>=2<2.0s11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1329 unalz<0.55 input-validation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0950 ap{2,22}-py{15,20,21,22,23,24,25,26,27,31}-python<3.2.8 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1095 zoo<2.10.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1269 sylpheed<2.2.6 security-bypass http://secunia.com/advisories/20577/ kiax<0.8.51 remote-code-execution http://secunia.com/advisories/20567/ acroread7<7.0.8 unknown http://www.adobe.com/support/techdocs/327817.html sendmail<8.12.11nb3 denial-of-service http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1173 sendmail>=8.13<8.13.6nb3 denial-of-service http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1173 gd<2.0.33nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2906 arts<1.5.1nb2 local-privilege-escalation http://www.kde.org/info/security/advisory-20060614-2.txt arts>=1.5.2<1.5.3nb1 local-privilege-escalation http://www.kde.org/info/security/advisory-20060614-2.txt kdebase<3.5.1nb4 local-information-exposure http://www.kde.org/info/security/advisory-20060614-1.txt kdebase>=3.5.2<3.5.3nb1 local-information-exposure http://www.kde.org/info/security/advisory-20060614-1.txt horde>=3.0<3.1.1nb2 cross-site-scripting http://secunia.com/advisories/20661/ mutt<1.4.2.1nb7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3242 mutt>=1.5<1.5.11nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3242 chmlib<0.38 remote-file-write http://secunia.com/advisories/20734/ netpbm<10.34 denial-of-service http://secunia.com/advisories/20729/ gnupg<1.4.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3082 gnupg-devel<1.9.20nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3082 opera<9.0 remote-code-execution http://secunia.com/advisories/20787/ opera<9.0 ssl-cert-spoofing http://secunia.com/secunia_research/2006-49/advisory/ php<4.4.2nb3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3011 php>=5.0<5.1.4nb2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3011 emech<3.0.2 denial-of-service http://secunia.com/advisories/20805/ hashcash<1.21 denial-of-service http://secunia.com/advisories/20800/ gftp<2.0.18nb5 buffer-overflow http://cvs.gnome.org/viewcvs/gftp/ChangeLog?rev=1.436&view=markup gftp<2.0.18nb4 buffer-overflow http://cvs.gnome.org/viewcvs/gftp/ChangeLog?rev=1.436&view=markup xine-lib<1.0.3anb10 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2802 php4-curl<4.4.3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2563 php5-curl<5.1.5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2563 sun-{jre,jdk}1{3,4,5}-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2426 png<1.2.12 arbitrary-code-execution http://www.securityfocus.com/bid/18698 openoffice2{,-bin}<2.0.3 security-bypass http://www.openoffice.org/security/CVE-2006-2199.html openoffice2{,-bin}<2.0.3 arbitrary-code-execution http://www.openoffice.org/security/CVE-2006-2198.html openoffice2{,-bin}<2.0.3 buffer-overflow http://www.openoffice.org/security/CVE-2006-3117.html geeklog<1.4.0.3nb2 remote-code-execution http://secunia.com/advisories/20886/ webmin<1.290 remote-information-exposure http://secunia.com/advisories/20892/ phpmyadmin<2.8.1 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1804 phpmyadmin<2.8.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-4 samba<3.0.22nb2 denial-of-service http://www.samba.org/samba/security/CAN-2006-3403.html trac<0.9.6 cross-site-scripting http://secunia.com/advisories/20958/ ja-trac<0.9.6.1 cross-site-scripting http://secunia.com/advisories/20958/ trac<0.9.6 remote-information-exposure http://secunia.com/advisories/20958/ ja-trac<0.9.6.1 remote-information-exposure http://secunia.com/advisories/20958/ {ja-,}squirrelmail<1.4.7 remote-information-exposure http://www.securityfocus.com/bid/17005 geeklog<1.4.0.5 cross-site-scripting http://secunia.com/advisories/21094/ hyperestraier>=0.5.0<1.3.3 cross-site-request-forgeries http://secunia.com/advisories/21049/ ruby18-base<1.8.4nb4 security-bypass http://secunia.com/advisories/21009/ gimp>=2<2.2.12 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3404 gimp>=2.3.0<2.3.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3404 asterisk<1.2.10 denial-of-service http://secunia.com/advisories/21071/ horde>=3.0<3.1.2 cross-site-scripting http://secunia.com/advisories/20954/ zoo<2.10.1nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0855 apache-tomcat>=5.5.0<5.5.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3510 pngcrush<1.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1849 ethereal-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3627 x11vnc<0.8.2 remote-authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2450 wv2<0.2.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2197 apache<1.3.35 cross-site-scripting http://secunia.com/advisories/21172/ apache>2.0<2.0.58 cross-site-scripting http://secunia.com/advisories/21172/ freeciv-server-2.0.[0-8]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3913 libmikmod-3.2.2 arbitrary-code-execution http://secunia.com/advisories/21196/ p5-Net-Server<0.88 denial-of-service http://secunia.com/advisories/21149/ firefox{,-bin,-gtk1}<1.5.0.5 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-44.html seamonkey{,-bin,-gtk1}<1.0.3 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-44.html firefox{,-bin,-gtk1}<1.5.0.5 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-45.html seamonkey{,-bin,-gtk1}<1.0.3 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-45.html firefox{,-bin,-gtk1}<1.5.0.5 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-46.html seamonkey{,-bin,-gtk1}<1.0.3 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-46.html thunderbird{,-bin,-gtk1}<1.5.0.5 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-46.html firefox{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-47.html seamonkey{,-bin,-gtk1}<1.0.3 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-47.html thunderbird{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-47.html firefox{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-48.html seamonkey{,-bin,-gtk1}<1.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-48.html thunderbird{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-48.html seamonkey{,-bin,-gtk1}<1.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-49.html thunderbird{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-49.html firefox{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-50.html seamonkey{,-bin,-gtk1}<1.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-50.html thunderbird{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-50.html firefox{,-bin,-gtk1}<1.5.0.5 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-51.html seamonkey{,-bin,-gtk1}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-51.html thunderbird{,-bin,-gtk1}<1.5.0.5 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-51.html firefox{,-bin,-gtk1}<1.5.0.5 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-52.html seamonkey{,-bin,-gtk1}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-52.html firefox{,-bin,-gtk1}<1.5.0.5 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-53.html seamonkey{,-bin,-gtk1}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-53.html thunderbird{,-bin,-gtk1}<1.5.0.5 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-53.html firefox{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-54.html seamonkey{,-bin,-gtk1}<1.0.3 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-54.html thunderbird{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-54.html firefox{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-55.html seamonkey{,-bin,-gtk1}<1.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-55.html thunderbird{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-55.html firefox{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-56.html seamonkey{,-bin,-gtk1}<1.0.3 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-56.html thunderbird{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-56.html apache<1.3.37 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747 apache>2.0<2.0.59 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747 postfix>=2.2.0<2.2.11 tls-enforcement-bypass http://mail-index.netbsd.org/pkgsrc-changes/2006/08/01/0000.html postfix>=2.3.0<2.3.1 tls-enforcement-bypass http://mail-index.netbsd.org/pkgsrc-changes/2006/07/25/0002.html gnupg<1.4.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3746 suse{,32}_libtiff<10.0nb3 remote-code-execution http://lists.suse.com/archive/suse-security-announce/2006-Aug/0001.html suse{,32}_freetype2<10.0nb3 remote-code-execution http://lists.suse.com/archive/suse-security-announce/2006-Aug/0002.html mysql-server<4.1.21 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4031 mysql-server<4.1.21 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4226 mysql-server>5.0<5.0.24 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4031 mysql-server>5.0<5.0.25 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4226 mysql-server>5.0<5.0.25 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4227 mysql-server>5.0<5.0.36 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1420 mysql-server>5.0<5.0.40 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2583 mysql-server<4.1.22nb1 authenticated-user-table-rename http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2691 mysql-server>5.0<5.0.40 authenticated-user-table-rename http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2691 mysql-server>5.0<5.0.40 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2692 tiff<3.8.2nb3 multiple-vulnerabilities http://secunia.com/advisories/21304/ drupal<4.6.9 cross-site-scripting http://drupal.org/files/sa-2006-011/advisory.txt drupal<4.7.3 cross-site-scripting http://drupal.org/files/sa-2006-011/advisory.txt cfs<1.4.1nb6 denial-of-service http://secunia.com/advisories/21310/ hobbit<4.0b6nb10 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4003 sge-5.[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3941 php>4.0<4.4.3 remote-unknown http://secunia.com/advisories/21328/ clamav<0.88.4 remote-code-execution http://secunia.com/advisories/21374/ php>4.0<4.4.3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4020 php>5.0<5.1.4nb3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4020 lesstif>=0.78<=0.85.3 privilege-escalation http://secunia.com/advisories/21428/ mit-krb5<1.4.2nb3 privilege-escalation http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-001-setuid.txt heimdal<0.7.2nb3 privilege-escalation http://secunia.com/advisories/21436/ bomberclone<0.11.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4005 bomberclone<0.11.7 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4006 {ja-,}squirrelmail<1.4.8 remote-information-exposure http://secunia.com/advisories/21354/ {ja-,}squirrelmail<1.4.8 remote-data-manipulation http://secunia.com/advisories/21354/ ImageMagick<6.2.9.0 arbitrary-code-execution http://secunia.com/advisories/21462/ horde<3.1.3 cross-site-scripting http://secunia.com/advisories/21500/ imp<4.1.3 cross-site-scripting http://secunia.com/advisories/21533/ miredo<0.9.7 denial-of-service http://www.simphalempin.com/dev/miredo/mtfl-sa-0603.shtml.en miredo<0.9.8 unknown http://mail-index.netbsd.org/pkgsrc-changes/2006/08/15/0026.html php<4.4.4 multiple-vulnerabilities http://secunia.com/advisories/21546/ php>5.0<5.1.5 multiple-vulnerabilities http://secunia.com/advisories/21546/ binutils<2.17 arbitrary-code-execution http://secunia.com/advisories/21508/ libwmf<0.2.8.4nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3376 honeyd<1.5b denial-of-service http://secunia.com/advisories/21591/ XFree86-libs<4.4.0nb8 arbitrary-code-execution http://secunia.com/advisories/21446/ xorg-libs<6.9.0nb7 arbitrary-code-execution http://secunia.com/advisories/21450/ xorg-server<6.9.0nb12 arbitrary-code-execution http://secunia.com/advisories/21450/ libtunepimp<0.4.2nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3600 mplayer<1.0rc8 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1502 gmplayer<1.0rc8 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1502 mencoder<1.0rc8 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1502 freetype2<2.2.1nb2 arbitrary-code-execution http://secunia.com/advisories/21450/ wireshark<0.99.3 denial-of-service http://www.wireshark.org/security/wnpa-sec-2006-02.html ethereal>=0.7.9 denial-of-service http://www.wireshark.org/security/wnpa-sec-2006-02.html ImageMagick<6.2.9.1 arbitrary-code-execution http://secunia.com/advisories/21615/ asterisk<1.2.11 remote-code-execution http://secunia.com/advisories/21600/ cscope<15.5nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4262 streamripper<1.61.26 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3124 sendmail>8.13<8.13.8 denial-of-service http://secunia.com/advisories/21637/ musicbrainz<2.1.4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4197 cube-[0-9]* denial-of-service http://aluigi.altervista.org/adv/evilcube-adv.txt cube-[0-9]* remote-code-execution http://aluigi.altervista.org/adv/evilcube-adv.txt zope25-CMFPlone>2.0<2.5 remote-information-modification http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1711 tor<0.1.1.23 denial-of-service http://secunia.com/advisories/21708/ tor<0.1.1.23 bypass-security-restrictions http://secunia.com/advisories/21708/ gtetrinet<0.7.7nb8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3125 openoffice2{,-bin}<2.0.2 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4077 webmin<1.296 cross-site-scripting http://secunia.com/advisories/21690/ webmin<1.296 remote-information-disclosure http://secunia.com/advisories/21690/ gdb>6<6.2.1nb7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4146 gtar-base<1.15.1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0300 gtar-base<1.15.1nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0300 openldap-server<2.3.25 bypass-security-restrictions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4600 openldap<2.3.25 bypass-security-restrictions http://secunia.com/advisories/21721/ mailman<2.1.9rc1 denial-of-service http://secunia.com/advisories/21732/ mailman<2.1.9rc1 cross-site-scripting http://secunia.com/advisories/21732/ sendmail<8.12.11nb4 denial-of-service http://secunia.com/advisories/21637/ bind>9.3<9.3.2nb2 denial-of-service http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en openssl<0.9.7inb2 signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 xorg-libs<6.9.0nb9 arbitrary-code-execution http://www.idefense.com/intelligence/vulnerabilities/display.php?id=411 xorg-libs<6.9.0nb9 arbitrary-code-execution http://www.idefense.com/intelligence/vulnerabilities/display.php?id=412 xorg-clients<6.9.0nb9 privilege-escalation http://secunia.com/advisories/21650/ xorg-libs<6.9.0nb10 privilege-escalation http://secunia.com/advisories/21650/ xorg-server<6.9.0nb13 privilege-escalation http://secunia.com/advisories/21650/ firefox{,-bin,-gtk1}<1.5.0.7 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-57.html thunderbird{,-gtk1}<1.5.0.7 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-57.html seamonkey{,-bin,-gtk1}<1.0.5 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-57.html firefox-bin<1.5.0.7 auto-update-spoof http://www.mozilla.org/security/announce/2006/mfsa2006-58.html firefox{,-bin,-gtk1}<1.5.0.7 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-60.html thunderbird{,-gtk1}<1.5.0.7 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-60.html seamonkey{,-bin,-gtk1}<1.0.5 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-60.html firefox{,-bin,-gtk1}<1.5.0.7 frame-content-spoofing http://www.mozilla.org/security/announce/2006/mfsa2006-61.html seamonkey{,-bin,-gtk1}<1.0.5 frame-content-spoofing http://www.mozilla.org/security/announce/2006/mfsa2006-61.html firefox{,-bin,-gtk1}<1.5.0.7 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-62.html thunderbird{,-gtk1}<1.5.0.7 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-63.html seamonkey{,-bin,-gtk1}<1.0.5 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-63.html {firefox-bin,moz-bin,ns}-flash<7.0.68 remote-code-execution http://www.adobe.com/support/security/bulletins/apsb06-11.html XFree86-libs<4.4.0nb9 arbitrary-code-execution http://secunia.com/advisories/21890/ gnutls<1.4.4 signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4790 gzip-base<1.2.4bnb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4334 gzip-base<1.2.4bnb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335 gzip-base<1.2.4bnb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335 gzip-base<1.2.4bnb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4336 gzip-base<1.2.4bnb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4337 gzip-base<1.2.4bnb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4338 cabextract<1.2 buffer-overflow http://www.kyz.uklinux.net/cabextract.php openssh<4.3.1nb1 denial-of-service http://secunia.com/advisories/22091/ openssl<0.9.7inb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2006-4343 opera<9.02 signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 opera<9.02 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4819 wireshark<0.99.2 denial-of-service http://www.wireshark.org/security/wnpa-sec-2006-01.html wireshark<0.99.2 arbitrary-code-execution http://www.wireshark.org/security/wnpa-sec-2006-01.html phpmyadmin<2.9.0.1 cross-site-request-forgery http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-5 ffmpeg-0.4.* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800 mono<1.1.13.8.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5072 php-4.[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5178 php-5.[01]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5178 php<4.3.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4812 php>5.0<5.1.6nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4812 php<4.4.4nb2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4625 php>5.0<5.1.6nb2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4625 openssh<4.3.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4924 openssh+gssapi<4.4 valid-account-enumeration http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5052 openssh+gssapi<4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5051 bugzilla<2.22.1 cross-site-scripting http://www.bugzilla.org/security/2.18.5/ bugzilla<2.22.1 information-leakage http://www.bugzilla.org/security/2.18.5/ asterisk<1.2.13 remote-code-execution http://www.asterisk.org/node/109 drupal<4.7.4 cross-site-scripting http://drupal.org/files/sa-2006-024/advisory.txt drupal<4.7.4 cross-site-request-forgeries http://drupal.org/files/sa-2006-025/advisory.txt drupal<4.7.4 html-attribute-injection http://drupal.org/files/sa-2006-026/advisory.txt postgresql73-server<7.3.16 denial-of-service http://www.postgresql.org/about/news.664 postgresql74-server<7.4.14 denial-of-service http://www.postgresql.org/about/news.664 postgresql80-server<8.0.9 denial-of-service http://www.postgresql.org/about/news.664 postgresql81-server<8.1.5 denial-of-service http://www.postgresql.org/about/news.664 qt3-libs<3.3.6nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4811 qt4-libs<4.1.5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4811 sge<6.0.11 denial-of-service http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1 milter-greylist-3.0rc[45] denial-of-service http://mail-index.netbsd.org/pkgsrc-changes/2006/10/27/0006.html ingo<1.1.2 procmail-local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5449 screen<4.0.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4573 wireshark<0.99.4 denial-of-service http://www.wireshark.org/security/wnpa-sec-2006-03.html mutt<1.4.2.2nb3 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5297 mutt<1.4.2.2nb1 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5298 mutt>=1.5.0<1.5.13nb2 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5297 mutt>=1.5.0<1.5.13nb1 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5298 ruby18-base<1.8.5nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5467 php>=5.0<5.1.6nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5465 php>=4.0<4.4.4nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5465 phpmyadmin<2.9.0.3 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-6 milter-greylist<3.0rc7 denial-of-service http://mail-index.netbsd.org/pkgsrc-changes/2006/11/07/0024.html firefox{,-bin,-gtk1}<1.5.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-65.html thunderbird{,-gtk1}<1.5.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-65.html seamonkey{,-bin,-gtk1}<1.0.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-65.html firefox{,-bin,-gtk1}<1.5.0.8 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-66.html thunderbird{,-gtk1}<1.5.0.8 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-66.html seamonkey{,-bin,-gtk1}<1.0.6 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-66.html firefox{,-bin,-gtk1}<1.5.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-67.html thunderbird{,-gtk1}<1.5.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-67.html seamonkey{,-bin,-gtk1}<1.0.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-67.html libarchive<1.3.1 denial-of-service http://security.freebsd.org/advisories/FreeBSD-SA-06:24.libarchive.asc openssh<4.5.1 security-bypass http://secunia.com/advisories/22771/ trac<0.10.2 cross-site-request-forgeries http://trac.edgewall.org/ticket/4049 ja-trac<0.10.0.2 cross-site-request-forgeries http://trac.edgewall.org/ticket/4049 ja-trac<0.10.0.3 cross-site-request-forgeries http://trac.edgewall.org/ticket/4049 ja-trac>=0.10.1.1<0.10.2.1 cross-site-request-forgeries http://trac.edgewall.org/ticket/4049 png<1.2.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793 suse{,32}_libpng<10.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793 proftpd<1.3.0nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5815 gv<3.6.2nb1 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5864 gtexinfo<4.8nb6 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4810 dovecot>0.99.99<1.0rc7nb1 buffer-overflow http://www.dovecot.org/list/dovecot-news/2006-November/000023.html dovecot>=1.0rc8<1.0rc15 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5973 phpmyadmin<2.9.1.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-7 phpmyadmin<2.9.1.1 information-leakage http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-8 phpmyadmin<2.9.1.1 weak-acl-enforcement http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-9 fvwm>=2.4<2.4.19nb4 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5969 fvwm>=2.5<2.5.18nb1 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5969 imlib2<1.3.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4806 imlib2<1.3.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4807 imlib2<1.3.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4808 imlib2<1.3.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4809 openldap-client<2.3.27nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5779 openldap-server<2.3.27nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5779 gnupg<1.4.5nb1 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html gnupg2<2.0.0nb3 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html gnupg-devel<1.9.22nb1 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html gnupg-devel>=1.9.23 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html lha<114.9nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335 lha<114.9nb3 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335 lha<114.9nb3 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4337 lha<114.9nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4338 gtar-base<1.15.1nb4 overwrite-arbitrary-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6097 libgsf<1.14.3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4514 tnftpd<20040810nb1 remote-code-execution http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051009.html kdegraphics<=3.5.4 denial-of-service http://www.kde.org/info/security/advisory-20061129-1.txt kdegraphics>=3.1.0<=3.5.5 denial-of-service http://www.kde.org/info/security/advisory-20061129-1.txt links{,-gui}<2.1.0.26 remote-command-execution http://secunia.com/advisories/22905/ elinks<0.11.2 remote-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5925 kile<1.9.3 local-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6085 evince<0.6.1nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5864 {ja-,}squirrelmail<1.4.9a cross-site-scripting http://secunia.com/advisories/23195/ xine-lib<=1.1.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2200 xine-lib<1.1.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6172 xine-lib<1.1.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800 mplayer<1.0rc8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800 gmplayer<1.0rc8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800 mencoder<1.0rc8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800 koffice-1.4.[0-9]* code-execution http://www.kde.org/info/security/advisory-20061205-1.txt koffice-1.6.0 code-execution http://www.kde.org/info/security/advisory-20061205-1.txt fprot-workstation-bin<4.6.7 denial-of-service http://www.securityfocus.com/bid/21420 ruby18-base<1.8.5.20061205 denial-of-service http://www.securityfocus.com/bid/21441 gnupg<1.4.6 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000246.html gnupg2<2.0.0nb4 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000246.html gnupg-devel-[0-9]* buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000246.html ImageMagick<6.3.0.3 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5456 GraphicsMagick<1.1.7 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5456 proftpd<1.3.0a remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6171 wv<1.2.3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4513 net-snmp>=5.3<5.3.0.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-6305 kronolith<2.1.4 local-file-inclusion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6175 clamav<0.88.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6481 mantis<1.0.8 remote-information-disclosure http://secunia.com/advisories/23258/ sylpheed<2.2.6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2920 sylpheed-claws<2.2.2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2920 tor<0.1.1.26 privacy-leak http://archives.seul.org/or/announce/Dec-2006/msg00000.html dbus<0.92nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6107 dbus>=1.0<1.0.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6107 gdm<2.16.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6105 {firefox-bin,moz-bin,ns}-flash<7.0.69 inject-http-headers http://www.adobe.com/support/security/bulletins/apsb06-18.html clamav<0.88.5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4182 clamav<0.88.5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5295 libksba<0.9.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5111 libmodplug<0.8.4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4192 firefox{,-bin,-gtk1}<1.5.0.9 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-68.html firefox{,-bin,-gtk1}<1.5.0.9 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-70.html firefox{,-bin,-gtk1}<1.5.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-72.html firefox{,-bin,-gtk1}>=1.5.0.4<1.5.0.9 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-73.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-68.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-70.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-72.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-73.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 rss-referer-leak http://www.mozilla.org/security/announce/2006/mfsa2006-75.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-76.html thunderbird{,-gtk1}<1.5.0.9 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-68.html thunderbird{,-gtk1}<1.5.0.9 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-70.html thunderbird{,-gtk1}<1.5.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-72.html thunderbird{,-gtk1}<1.5.0.9 heap-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-74.html seamonkey{,-bin,-gtk1}<1.0.7 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-68.html seamonkey{,-bin,-gtk1}<1.0.7 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-70.html seamonkey{,-bin,-gtk1}<1.0.7 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-72.html seamonkey{,-bin,-gtk1}<1.0.7 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-73.html seamonkey{,-bin,-gtk1}<1.0.7 heap-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-74.html pam-ldap<183 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-5170 mono<1.2.2 source-code-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6104 sun-{jdk,jre}13<1.0.19 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102732-1 sun-{jdk,jre}14<2.13 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102732-1 sun-{jdk,jre}15<5.0.7 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102732-1 sun-{jdk,jre}13<1.0.19 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102729-1 sun-{jdk,jre}14<2.13 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102729-1 sun-{jdk,jre}15<5.0.8 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102729-1 sun-{jdk,jre}13<1.0.19 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102731-1 sun-{jdk,jre}14<2.13 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102731-1 sun-{jdk,jre}15<5.0.8 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102731-1 w3m<0.5.1nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6772 miredo<1.0.6 authentication-spoofing http://www.simphalempin.com/dev/miredo/mtfl-sa-0604.shtml.en fetchmail<6.3.6 password-disclosure http://www.fetchmail.info/fetchmail-SA-2006-02.txt fetchmail-6.3.5* denial-of-service http://www.fetchmail.info/fetchmail-SA-2006-03.txt drupal<4.7.5 cross-site-scripting http://drupal.org/files/sa-2007-001/advisory.txt drupal<4.7.5 denial-of-service http://drupal.org/files/sa-2007-002/advisory.txt bzip2<1.0.4 permissions-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0953 gtexinfo-4.8nb6 buffer-overflow http://mail-index.netbsd.org/pkgsrc-changes/2007/01/08/0037.html opera<8.10 remote-code-execution http://secunia.com/advisories/23613/ acroread7<7.0.9 cross-site-scripting http://www.adobe.com/support/security/advisories/apsa07-01.html vlc<0.8.6a arbitrary-code-execution http://www.videolan.org/sa0701.html modular-xorg-server<1.1.1nb1 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6101 modular-xorg-server<1.1.1nb1 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6102 modular-xorg-server<1.1.1nb1 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6103 xorg-server<6.9.0nb14 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6101 xorg-server<6.9.0nb14 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6102 xorg-server<6.9.0nb14 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6103 mplayer<1.0rc9nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6172 gmplayer<1.0rc9nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6172 mencoder<1.0rc9nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6172 kdenetwork<3.5.5nb1 denial-of-service http://www.kde.org/info/security/advisory-20070109-1.txt kdegraphics>=3.2.0<=3.5.5nb1 denial-of-service http://www.kde.org/info/security/advisory-20070115-1.txt koffice>=1.2<=1.6.1nb1 denial-of-service http://www.kde.org/info/security/advisory-20070115-1.txt mit-krb5<1.4.2nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6143 bind>=9.0<9.3.4 denial-of-service http://marc.theaimsgroup.com/?l=bind-announce&m=116968519321296&w=2 bind>=9.0<9.3.4 denial-of-service http://marc.theaimsgroup.com/?l=bind-announce&m=116968519300764&w=2 py{15,20,21,22,23,24,25,26,27,31}-django<0.95.1 privilege-escalation http://secunia.com/advisories/23826/ squid<2.6.7 denial-of-service http://secunia.com/advisories/23767/ rubygems<0.9.0nb2 overwrite-arbitrary-files http://www.frsirt.com/english/advisories/2007/0295 ap{,13,2,22}-auth-kerb<5.3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5989 drupal<4.7.6 remote-code-execution http://drupal.org/node/113935 bugzilla<2.22.2 cross-site-scripting http://www.bugzilla.org/security/2.20.3/ wireshark<0.99.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0456 wireshark<0.99.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0457 wireshark<0.99.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0458 wireshark<0.99.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0459 samba<3.0.24 denial-of-service http://samba.org/samba/security/CVE-2007-0452.html samba<3.0.24 solaris-buffer-overflow http://samba.org/samba/security/CVE-2007-0453.html samba<3.0.24 vfs-format-string http://samba.org/samba/security/CVE-2007-0454.html kdelibs<3.5.6nb2 cross-site-scripting http://www.kde.org/info/security/advisory-20070206-1.txt poppler<0.5.4nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0104 php>5<5.2.1 bypass-security-restrictions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0905 php>5<5.2.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906 php>5<5.2.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906 php>5<5.2.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0907 php>5<5.2.1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0908 php>5<5.2.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0909 php>5<5.2.1 unspecified-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0910 snort{,-mysql,-pgsql}<2.6.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6931 clamav<0.90 denial-of-service http://secunia.com/advisories/24187/ spamassassin<3.1.8 denial-of-service http://secunia.com/advisories/24197/ mimedefang>=2.59<=2.60 denial-of-service http://secunia.com/advisories/24133/ mimedefang>=2.59<=2.60 remote-code-execution http://secunia.com/advisories/24133/ libsoup-devel<2.2.99 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5876 gd<2.0.34 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0455 rar-bin<3.7beta1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0855 unrar<3.7.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0855 xine-ui<0.99.4nb8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0254 amarok<1.4.5nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6979 snort>=2.6.1<2.6.1.3 remote-code-execution http://www.snort.org/docs/advisory-2007-02-19.html firefox{,-bin,-gtk1}<1.5.0.10 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-01.html firefox{,-bin,-gtk1}>=2.0<2.0.0.2 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-01.html seamonkey{,-bin,-gtk1}<1.0.8 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-01.html seamonkey{,-bin,-gtk1}>=1.1<1.1.1 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-01.html firefox{,-bin,-gtk1}-1.5.0.10 ssl-buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-06.html thunderbird{,-gtk1}-1.5.0.10 ssl-buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-06.html seamonkey{,-bin,-gtk1}<1.0.8 ssl-buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-06.html seamonkey{,-bin,-gtk1}>=1.1<1.1.1 ssl-buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-06.html nss<3.11.5 ssl-buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-06.html firefox{,-bin,-gtk1}<1.5.0.10 hostname-forgery http://www.mozilla.org/security/announce/2007/mfsa2007-07.html firefox{,-bin,-gtk1}>=2.0<2.0.0.2 hostname-forgery http://www.mozilla.org/security/announce/2007/mfsa2007-07.html seamonkey{,-bin,-gtk1}<1.0.8 hostname-forgery http://www.mozilla.org/security/announce/2007/mfsa2007-07.html firefox{,-bin,-gtk1}-1.5.0.9 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-08.html firefox{,-bin,-gtk1}-2.0.0.1 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-08.html seamonkey{,-bin,-gtk1}<1.0.8 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-08.html seamonkey{,-bin,-gtk1}>=1.1<1.1.1 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-08.html firefox{,-bin,-gtk1}<1.5.0.10 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-09.html firefox{,-bin,-gtk1}>=2.0<2.0.0.2 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-09.html seamonkey{,-bin,-gtk1}<1.0.8 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-09.html seamonkey{,-bin,-gtk1}>=1.1<1.1.1 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-09.html seamonkey{,-bin,-gtk1}<1.0.8 buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-10.html seamonkey{,-bin,-gtk1}>=1.1<1.1.1 buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-10.html thunderbird{,-gtk1}<1.5.0.10 buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-10.html php<4.4.6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906 silc-server<1.0.3 denial-of-service http://silcnet.org/general/news/?item=security_20070306_1 trac<0.10.3.1 cross-site-scripting http://trac.edgewall.org/wiki/ChangeLog#a0.10.3.1 ja-trac<0.10.3.1.1 cross-site-scripting http://trac.edgewall.org/wiki/ChangeLog#a0.10.3.1 p5-CGI-Session<4.12 sql-injection http://osdir.com/ml/lang.perl.modules.cgi-session.user/2006-04/msg00004.html horde<3.1.4 cross-site-scripting http://lists.horde.org/archives/announce/2007/000315.html horde<3.1.4 arbitrary-file-removal http://lists.horde.org/archives/announce/2007/000315.html libwpd<0.8.9 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0002 phpmyadmin<2.10.0.2 denial-of-service http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-3 squid<2.6.12 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2007_1.txt zope29<2.9.4nb4 privilege-escalation http://www.zope.org/Products/Zope/Hotfix-2007-03-20/ openafs<1.4.4 privilege-escalation http://www.openafs.org/security/OPENAFS-SA-2007-001.txt asterisk<1.2.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1306 asterisk<1.2.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1561 file<4.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536 dovecot<1.0rc15nb1 access-validation-bypass http://www.dovecot.org/list/dovecot-news/2007-March/000038.html dovecot>=1.0rc16<1.0rc29 access-validation-bypass http://www.dovecot.org/list/dovecot-news/2007-March/000038.html xorg-server<1.2.0nb2 memory-corruption http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html libXfont<1.2.7nb1 memory-corruption http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html libX11<1.1.1nb1 memory-corruption http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html qt3-libs<3.3.8nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0242 qt4-libs<4.2.3nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0242 kdelibs<3.5.6nb3 information-disclosure http://www.kde.org/info/security/advisory-20070326-1.txt openoffice2<2.1.0nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0002 openoffice2<2.1.0nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0238 openoffice2<2.1.0nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0239 openoffice<2.1.0nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1466 openoffice2-bin<2.2.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0002 openoffice2-bin<2.2.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0238 openoffice2-bin<2.2.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0239 openoffice2-bin<2.2.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1466 freetype2<2.3.2nb1 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351 xmms<1.2.10nb8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0653 ipsec-tools<0.6.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1841 fetchmail<6.3.8 password-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558 lighttpd<1.4.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1870 lighttpd<1.4.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1869 opera<9.20 cross-site-scripting http://www.opera.com/support/search/view/855/ opera<9.20 unknown-impact http://www.opera.com/support/search/view/858/ bind>=9.4.0<9.4.1 denial-of-service http://www.isc.org/index.pl?/sw/bind/bind-security.php postgresql73-server<7.3.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 postgresql73-server<7.3.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556 postgresql74-server<7.4.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 postgresql74-server<7.4.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556 postgresql80-server<8.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 postgresql80-server<8.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556 postgresql81-server<8.1.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 postgresql81-server<8.1.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556 postgresql82-server<8.2.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 postgresql82-server<8.2.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556 postgresql74-server<7.4.17 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138 postgresql80-server<8.0.13 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138 postgresql81-server<8.1.9 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138 postgresql82-server<8.2.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138 php4-gd<4.4.6nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1001 php5-gd<5.2.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1001 zziplib<0.10.82nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1614 squirrelmail<=1.4.10 cross-site-scripting http://www.squirrelmail.org/security/issue/2007-05-09 squirrelmail<=1.4.10 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1262 ja-squirrelmail<=1.4.10 cross-site-scripting http://www.squirrelmail.org/security/issue/2007-05-09 ja-squirrelmail<=1.4.10 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1262 zoo<2.10.1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1669 php4-mssql<4.4.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1411 php5-mssql<5.2.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1411 samba>=3.0.23d<3.0.24nb2 privilege-elevation http://www.samba.org/samba/security/CVE-2007-2444.html samba>=3.0.0<3.0.24nb2 remote-code-execution http://www.samba.org/samba/security/CVE-2007-2446.html samba>=3.0.0<3.0.24nb2 remote-command-execution http://www.samba.org/samba/security/CVE-2007-2447.html php{4,5}-pear<1.5.4 arbitrary-code-execution http://pear.php.net/advisory-20070507.txt clamav<0.90.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1997 clamav<0.90.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2029 png<1.2.17 denial-of-service http://secunia.com/advisories/25292/ quagga<0.98.6nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1995 quagga>0.99<0.99.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1995 freetype2<2.3.2nb2 arbitrary-code-execution https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240200 freetype2>=2.3.3<2.3.4nb1 arbitrary-code-execution https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240200 ap{2,22}-modsecurity{,2}>2<2.1.1 bypass-request-rules http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1359 gimp>2.2<2.2.13nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2356 gimp-base<1.2.5nb7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2356 gimp-2.2.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2356 eggdrop<=1.6.17nb1 arbitrary-code-execution http://www.eggheads.org/bugzilla/show_bug.cgi?id=462 mutt<1.4.2.3 password-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558 mutt<1.4.2.3 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2683 ap{,2,22}-jk<1.2.23 directory-traversal http://tomcat.apache.org/connectors-doc/news/20070301.html#20070518.1 ap{,2,22}-jk>=1.2.19<=1.2.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0774 apache-tomcat<=5.5.17 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7195 apache-tomcat<5.5.22 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450 jakarta-tomcat4<=4.1.24 http-response-smuggling http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090 jakarta-tomcat5<=5.0.19 http-response-smuggling http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090 firefox{,-bin,-gtk1}<1.5.0.12 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html firefox{,-bin,-gtk1}>=2.0<2.0.0.4 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html thunderbird{,-gtk1}<1.5.0.12 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html thunderbird{,-gtk1}>=2.0<2.0.0.4 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html seamonkey{,-bin,-gtk1}<1.0.9 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html seamonkey{,-bin,-gtk1}>=1.1<1.1.2 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html thunderbird{,-gtk1}<1.5.0.12 password-exposure http://www.mozilla.org/security/announce/2007/mfsa2007-15.html thunderbird{,-gtk1}>=2.0<2.0.0.4 password-exposure http://www.mozilla.org/security/announce/2007/mfsa2007-15.html seamonkey{,-bin,-gtk1}<1.0.9 password-exposure http://www.mozilla.org/security/announce/2007/mfsa2007-15.html seamonkey{,-bin,-gtk1}>=1.1<1.1.2 password-exposure http://www.mozilla.org/security/announce/2007/mfsa2007-15.html firefox{,-bin,-gtk1}<1.5.0.12 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-16.html firefox{,-bin,-gtk1}>=2.0<2.0.0.4 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-16.html seamonkey{,-bin,-gtk1}<1.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-16.html seamonkey{,-bin,-gtk1}>=1.1<1.1.2 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-16.html clamav<0.90.3 buffer-overflows http://lurker.clamav.net/message/20070530.224918.5c64abc4.en.html apache>=2.2.4<2.2.4nb4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1862 php>5.0<5.2.3nb1 integer-overflow http://www.php.net/ChangeLog-5.php#5.2.3 php>5.0<5.2.3 denial-of-service http://www.php.net/ChangeLog-5.php#5.2.3 php>5.0<5.2.3 filtering-bypass http://www.php.net/ChangeLog-5.php#5.2.3 mplayer<1.0rc9nb7 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2948 gmplayer<1.0rc9nb2 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2948 spamassassin<3.1.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2873 spamassassin-3.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2873 file<4.21 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2799 mecab-base<0.96 buffer-overflows http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3231 gnupg<1.4.7 signature-spoof http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1263 openoffice2{,-bin}<2.2.1 arbitrary-code-execution http://www.openoffice.org/security/CVE-2007-0245.html openoffice2-bin<2.2.1 arbitrary-code-execution http://www.openoffice.org/security/CVE-2007-2754.html ktorrent<2.1.2 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1385 vlc>0.8<0.8.5nb6 format-string http://www.videolan.org/sa0702.html vlc<0.7.2nb17 format-string http://www.videolan.org/sa0702.html bitchx<1.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3360 xvidcore<1.1.2nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3329 evolution-data-server<1.10.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3257 proftpd<1.3.1rc2nb1 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2165 apache<1.3.37nb2 cross-site-scripting http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5752 apache<1.3.37nb2 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3304 apache>=2.0<2.0.59nb6 cross-site-scripting http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5752 apache>=2.0<2.0.59nb6 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1863 apache>=2.2.0<2.2.4nb6 cross-site-scripting http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5752 apache>=2.2.0<2.2.4nb6 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3304 apache>=2.2.0<2.2.4nb6 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-1863 flac123<0.0.10 arbitrary-code-execution http://www.isecpartners.com/advisories/2007-002-flactools.txt phpmyadmin<2.9.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-2 phpmyadmin<2.9.2 http-response-splitting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-1 phpmyadmin<2.10.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-4 p5-Net-DNS<0.60 domain-name-spoofing http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3377 p5-Net-DNS<0.60 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3409 gimp>2.2<2.2.15nb2 arbitrary-code-execution http://secunia.com/secunia_research/2007-63/advisory/ gimp-base<1.2.5nb6 arbitrary-code-execution http://secunia.com/secunia_research/2007-63/advisory/ gimp>2.3<2.3.18nb1 arbitrary-code-execution http://secunia.com/secunia_research/2007-63/advisory/ libarchive<1.3.1nb1 infinite-loop http://security.freebsd.org/advisories/FreeBSD-SA-07:05.libarchive.asc libarchive<1.3.1nb1 null-dereference http://security.freebsd.org/advisories/FreeBSD-SA-07:05.libarchive.asc libarchive<1.3.1nb1 arbitrary-code-execution http://security.freebsd.org/advisories/FreeBSD-SA-07:05.libarchive.asc clamav<0.91 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3725 centericq<4.21.0nb5 arbitrary-code-execution http://www.leidecker.info/advisories/07-06-07_centericq_bof.txt ipcalc<0.41 cross-site-scripting http://jodies.de/ipcalc-archive/ipcalc-0.40/ipcalc-security.html lighttpd<1.4.14 denial-of-service http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_01.txt lighttpd<1.4.15 denial-of-service http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_02.txt lighttpd<1.4.16 denial-of-service http://www.lighttpd.net/assets/2007/7/24/lighttpd_sa2007_03.txt lighttpd<1.4.16 arbitrary-code-execution http://www.lighttpd.net/assets/2007/7/24/lighttpd_sa2007_04.txt lighttpd<1.4.16 denial-of-service http://www.lighttpd.net/assets/2007/7/24/lighttpd_sa2007_05.txt lighttpd<1.4.16 arbitrary-code-execution http://www.lighttpd.net/assets/2007/7/24/lighttpd_sa2007_06.txt lighttpd<1.4.16 privacy-leak http://www.lighttpd.net/assets/2007/7/24/lighttpd_sa2007_08.txt firefox{,-bin,-gtk1}<2.0.0.5 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-18.html thunderbird{,-gtk1}<1.5.0.13 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-18.html thunderbird{,-gtk1}>=2.0<2.0.0.5 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-18.html firefox{,-bin,-gtk1}<2.0.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-19.html firefox{,-bin,-gtk1}<2.0.0.5 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-21.html firefox{,-bin,-gtk1}<2.0.0.5 unauthorized-access http://www.mozilla.org/security/announce/2007/mfsa2007-24.html seamonkey{,-bin,-gtk1}<1.1.3 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-18.html seamonkey{,-bin,-gtk1}<1.1.3 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-19.html seamonkey{,-bin,-gtk1}<1.1.3 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-21.html seamonkey{,-bin,-gtk1}<1.1.3 unauthorized-access http://www.mozilla.org/security/announce/2007/mfsa2007-24.html drupal>=5<5.2 cross-site-request-forgeries http://drupal.org/node/162360 drupal>=5<5.2 cross-site-scripting http://drupal.org/node/162361 bind>9.4.0<9.4.1pl1 weak-default-acls http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925 bind>9.4.0<9.4.1pl1 cryptographically-weak-query-ids http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926 firefox{,-bin,-gtk1}<2.0.0.6 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-26.html thunderbird{,-gtk1}<1.5.0.13 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-26.html thunderbird{,-gtk1}>=2.0<2.0.0.6 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-26.html seamonkey{,-bin,-gtk1}<1.1.4 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-26.html firefox{,-bin,-gtk1}<2.0.0.6 command-injection http://www.mozilla.org/security/announce/2007/mfsa2007-27.html thunderbird{,-gtk1}>=2.0<1.5.0.13 command-injection http://www.mozilla.org/security/announce/2007/mfsa2007-27.html thunderbird{,-gtk1}>=2.0<2.0.0.6 command-injection http://www.mozilla.org/security/announce/2007/mfsa2007-27.html seamonkey{,-bin,-gtk1}<1.1.4 command-injection http://www.mozilla.org/security/announce/2007/mfsa2007-27.html acroread-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages acroread5-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gaim-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages wmmail-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mozilla-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php>5.0<5.2.3nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2007-3806 php<4.4.7nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2007-3806 qt3-libs<3.3.8nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3388 tcpdump<3.9.7 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3798 ethereal-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages kdegraphics<3.5.7nb1 arbitrary-code-execution http://www.kde.org/info/security/advisory-20070730-1.txt koffice<1.6.3nb1 arbitrary-code-execution http://www.kde.org/info/security/advisory-20070730-1.txt py{15,20,21,22,23,24,25,26,27,31}-denyhosts<2.6nb1 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4323 squidGuard<1.2.1 acl-bypass http://www.squidguard.org/Doc/sg-2007-04-15.html rsync<2.6.9nb1 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4091 opera<9.23 arbitrary-code-execution http://www.opera.com/support/search/view/865/ links{,-gui}-2.1.0.29* remote-command-execution http://links.twibright.com/download/ChangeLog kdelibs<3.5.7nb1 url-spoofing http://www.kde.org/info/security/advisory-20070914-1.txt kdebase<3.5.7nb2 url-spoofing http://www.kde.org/info/security/advisory-20070914-1.txt xfce4-terminal<0.2.6nb1 remote-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3770 apache>=2.0<2.0.61 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 apache>=2.2.0<2.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 lighttpd<1.4.18 remote-code-execution http://www.lighttpd.net/assets/2007/9/9/lighttpd_sa_2007_12.txt bind>8<8.4.7pl1 cryptographically-weak-query-ids http://www.kb.cert.org/vuls/id/927905 bind>8<8.9.9 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages qt3-libs<3.3.8nb5 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4137 qt4-libs<4.3.2 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4137 bugzilla>3<3.0.2 unauthorised-account-creation http://www.bugzilla.org/security/3.0.1/ kdebase>=3.3.0<3.5.7nb4 local-root-shell http://www.kde.org/info/security/advisory-20070919-1.txt ImageMagick<6.3.5.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4985 ImageMagick<6.3.5.9 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4986 ImageMagick<6.3.5.9 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4987 ImageMagick<6.3.5.9 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4988 fetchmail<6.3.8nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4565 libXfont-1.3.1 buffer-overflow http://mail-index.netbsd.org/pkgsrc-changes/2007/09/24/0008.html ruby18-base<1.8.6.110nb1 access-validation-bypass http://www.isecpartners.com/advisories/2007-006-rubyssl.txt libpurple<2.2.1 denial-of-service http://www.pidgin.im/news/security/?id=23 openoffice2<2.2.1nb3 heap-overflow http://www.openoffice.org/security/cves/CVE-2007-2834.html openoffice2<2.2.1nb3 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2007-2834.html openoffice2-bin<2.3 heap-overflow http://www.openoffice.org/security/cves/CVE-2007-2834.html openoffice2-bin<2.3 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2007-2834.html openttd<0.5.3 remote-code-execution http://www.tt-forums.net/viewtopic.php?f=29&t=34077 xentools{3,30}-hvm<=3.1.0 remote-code-execution http://secunia.com/advisories/26986/ dircproxy<1.2.0beta2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5226 spamassassin<3.1.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0451 gnucash<2.0.5 local-symlink-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0007 chmlib<0.39 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0619 GConf2<2.16.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6698 drupal<5.3 arbitrary-code-execution http://drupal.org/node/184315 drupal<5.3 cross-site-scripting http://drupal.org/node/184320 drupal<5.3 cross-site-request-forgery http://drupal.org/node/184348 drupal<5.3 access-bypass http://drupal.org/node/184354 drupal<5.3 http-response-splitting http://drupal.org/node/184315 firefox{,-bin,-gtk1}<2.0.0.8 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-29.html seamonkey{,-bin,-gtk1}<1.1.5 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-29.html thunderbird{,-gtk1}>=2.0<2.0.0.8 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-29.html firefox{,-bin,-gtk1}<2.0.0.8 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-35.html seamonkey{,-bin,-gtk1}<1.1.5 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-35.html openssl<0.9.7inb5 arbitrary-code-execution http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5135 p5-XML-RSS<1.31 markup-injection-vulnerability http://search.cpan.org/src/ABH/XML-RSS-1.31/Changes mantis<1.0.8 cross-site-scripting http://www.mantisbt.org/changelog.php mantis<1.0.8 security-bypass http://www.mantisbt.org/changelog.php cups<1.2.12nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4351 libpurple<2.2.2 denial-of-service http://www.pidgin.im/news/security/?id=24 perl<5.8.8nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5116 mono<1.1.13.8.1nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5197 phpmyadmin<2.11.1.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-5 phpmyadmin<2.11.1.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-6 phpmyadmin<2.11.1.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-7 koffice<1.6.3nb4 arbitrary-code-execution http://www.kde.org/info/security/advisory-20071107-1.txt kdegraphics<3.5.7nb4 arbitrary-code-execution http://www.kde.org/info/security/advisory-20071107-1.txt kdegraphics-3.5.8 arbitrary-code-execution http://www.kde.org/info/security/advisory-20071107-1.txt samba>=3.0.0<3.0.26anb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572 samba>=3.0.0<3.0.26anb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398 openldap-server<2.3.39 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5707 flac<1.2.1 arbitrary-code-execution http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=608 apache-tomcat<5.5.25 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449 apache-tomcat<5.5.25 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450 ircservices<5.0.63 denial-of-service http://lists.ircservices.za.net/pipermail/ircservices/2007/005558.html poppler<0.6.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 poppler<0.6.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 poppler<0.6.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 wireshark<0.99.7pre2 denial-of-service http://www.wireshark.org/security/wnpa-sec-2007-03.html php>=5<5.2.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4887 net-snmp<5.4.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5846 base<1.3.9 cross-site-scripting http://sourceforge.net/project/shownotes.php?group_id=103348&release_id=555614 firefox{,-bin,-gtk1}<2.0.0.10 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-37.html firefox{,-bin,-gtk1}<2.0.0.10 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-38.html firefox{,-bin,-gtk1}<2.0.0.10 cross-site-request-forgery http://www.mozilla.org/security/announce/2007/mfsa2007-39.html wesnoth<1.2.8 arbitrary-code-execution http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289 micq-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ikiwiki<2.13 remote-file-view http://ikiwiki.info/security/#index29h2 cairo<1.4.12 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5503 seamonkey{,-bin,-gtk1}<1.1.7 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-37.html seamonkey{,-bin,-gtk1}<1.1.7 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-38.html seamonkey{,-bin,-gtk1}<1.1.7 cross-site-request-forgery http://www.mozilla.org/security/announce/2007/mfsa2007-39.html squid<2.6.17 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2007_2.txt drupal<5.4 sql-injection http://drupal.org/node/198162 ruby18-actionpack<1.13.6 www-session-fixation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6077 samba<3.0.26anb3 remote-code-execution http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6015 openoffice2<2.3.1 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2007-4575.html openoffice2-bin<2.3.1 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2007-4575.html mysql-server>5.0<5.0.51 remote-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5969 ruby18-gnome2-gtk<0.16.0nb2 format-string http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6183 exiftags<1.01 arbitrary-code-execution http://secunia.com/advisories/28110/ py{15,20,21,22,23,24,25,26,27,31}-django<0.96.1 denial-of-service http://www.djangoproject.com/weblog/2007/oct/26/security-fix/ cups<1.3.5 remote-code-execution http://www.cups.org/str.php?L2589 cups<1.3.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-{4352,5392,5393} clamav<0.92 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5759 dovecot>=1.0.rc11<1.0.9nb1 unauthorized-access http://www.dovecot.org/list/dovecot-news/2007-December/000057.html opera<9.25 cross-site-scripting http://www.opera.com/support/search/view/875/ php<4.4.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3378 php<4.4.8 denial-of-service http://www.php-security.org/MOPB/MOPB-03-2007.html libsndfile<1.0.17nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4974 postgresql80-server<8.0.15 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6600 postgresql80-server<8.0.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772 postgresql80-server<8.0.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6067 postgresql80-server<8.0.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4769 postgresql80-server<8.0.15 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6601 postgresql81-server<8.1.11 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6600 postgresql81-server<8.1.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772 postgresql81-server<8.1.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6067 postgresql81-server<8.1.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4769 postgresql81-server<8.1.11 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6601 postgresql82-server<8.2.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6600 postgresql82-server<8.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772 postgresql82-server<8.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6067 postgresql82-server<8.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4769 postgresql82-server<8.2.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6601 horde<3.1.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6018 turba<2.1.6 privilege-escalation http://lists.horde.org/archives/announce/2008/000361.html kronolith<2.1.7 privilege-escalation http://lists.horde.org/archives/announce/2008/000362.html drupal<5.6 cross-site-request-forgery http://drupal.org/node/208562 drupal<5.6 cross-site-scripting http://drupal.org/node/208564 drupal<5.6 cross-site-scripting http://drupal.org/node/208565 apache<1.3.41 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 apache<1.3.41 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 apache>=2.0.35<2.0.63 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 apache>=2.0.35<2.0.63 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 apache>=2.2.0<2.2.8 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421 apache>=2.2.0<2.2.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422 apache>=2.2.0<2.2.8 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 apache>=2.2.0<2.2.8 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 libXfont<1.3.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0006 modular-xorg-server<1.3.0nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5760 modular-xorg-server<1.3.0nb5 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5958 modular-xorg-server<1.3.0nb5 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6427 modular-xorg-server<1.3.0nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6428 modular-xorg-server<1.3.0nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6429 mplayer<1.0rc10nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-{0485,0486} mencoder<1.0rc10nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-{0485,0486} gmplayer<1.0rc10nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-{0485,0486} xine-lib<1.1.10 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1664 firefox{,-bin,-gtk1}<2.0.0.12 memory-corruption http://www.mozilla.org/security/announce/2008/mfsa2008-01.html firefox{,-bin,-gtk1}<2.0.0.12 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-03.html firefox{,-bin,-gtk1}<2.0.0.12 privacy-leak http://www.mozilla.org/security/announce/2008/mfsa2008-06.html seamonkey{,-bin,-gtk1}<1.1.8 memory-corruption http://www.mozilla.org/security/announce/2008/mfsa2008-01.html seamonkey{,-bin,-gtk1}<1.1.8 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-03.html seamonkey{,-bin,-gtk1}<1.1.8 privacy-leak http://www.mozilla.org/security/announce/2008/mfsa2008-06.html SDL_image<1.2.6nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0544 SDL_image<1.2.6nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6697 RealPlayerGold<10.0.9 buffer-overflow http://service.real.com/realplayer/security/10252007_player/en/ thunderbird{,-gtk1}>=2.0<2.0.0.12 heap-overflow http://www.mozilla.org/security/announce/2008/mfsa2008-12.html pcre<7.6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0674 blender<2.43 local-command-inject http://secunia.com/advisories/24232/ evolution<2.8.2 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1266 sylpheed<2.2.8 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1267 sylpheed-claws<2.2.8 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1267 mutt<1.5.14 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1268 GNUMail<1.1.2 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1269 courier-imap<4.0.7 remote-root-shell http://www.gentoo.org/security/en/glsa/glsa-200704-18.xml wireshark<0.99.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-01.html vlc<0.8.6dnb2 remote-user-shell http://secunia.com/advisories/29122/ xine-lib<1.1.10.1 remote-user-shell http://secunia.com/advisories/28801/ mono<1.2.5.1 buffer-overflow http://secunia.com/advisories/27493/ mono<1.2.6 cross-site-scripting http://secunia.com/advisories/27349/ mono<1.2.6 buffer-overflow http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5197 phpmyadmin<2.11.2.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-8 phpmyadmin<2.11.5 sql-injection http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-1 viewvc<1.0.5 security-bypass http://viewvc.tigris.org/source/browse/viewvc/trunk/CHANGES?rev=HEAD thunderbird{,-gtk1}>=2.0<2.0.0.12 remote-user-shell http://www.mozilla.org/security/announce/2008/mfsa2008-01.html thunderbird{,-gtk1}>=2.0<2.0.0.12 remote-user-shell http://www.mozilla.org/security/announce/2008/mfsa2008-03.html thunderbird{,-gtk1}>=2.0<2.0.0.12 directory-traversal http://www.mozilla.org/security/announce/2008/mfsa2008-05.html ghostscript>7<8.62 buffer-overflow http://scary.beasts.org/security/CESA-2008-001.html audacity<1.2.6nb1 symlink-attack http://www.gentoo.org/security/en/glsa/glsa-200803-03.xml dbus<1.0.2nb5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0595 acroread{,5,7}-[0-9]* remote-user-shell http://www.securityfocus.com/bid/22753 acroread{,5,7}-[0-9]* remote-stack-smash http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=657 acroread{,5,7}-[0-9]* remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5663 acroread{,5,7}-[0-9]* remote-user-shell http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=655 acroread{,5,7}-[0-9]* multiple-unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0655 acroread{,5,7}-[0-9]* remote-printing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0667 acroread{,5,7}-[0-9]* remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0726 opera<9.26 remote-information-disclosure http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1080 opera<9.26 remote-code-execution http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1081 opera<9.26 security-bypass http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1082 turba<2.1.7 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0807 kdepim<3.5.7 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1265 lighttpd<1.4.18nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0983 cups<1.3.6 denial-of-service http://www.cups.org/str.php?L2656 acroread{,5,7}-[0-9]* temporary-files-race http://support.novell.com/techcenter/psdb/d8c48c63359fc807624182696d3d149c.html py{15,20,21,22,23,24,25,26,27,31}-paramiko<1.7 remote-information-exposure http://www.lag.net/pipermail/paramiko/2008-January/000599.html icu<3.6nb2 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4770 icu<3.6nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4771 e2fsprogs<1.40.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5497 splitvt<1.6.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0162 sun-j{re,dk}14<2.17 unknown http://secunia.com/advisories/29239/ sun-j{re,dk}15<5.0.15 unknown http://secunia.com/advisories/29239/ sun-j{re,dk}6<6.0.5 unknown http://secunia.com/advisories/29239/ evolution<2.12.3nb2 format-string http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0072 silc-toolkit<1.1.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1227 mit-krb5<1.4.2nb6 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-006.txt mit-krb5>=1.6<1.6.3 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-006.txt horde<3.1.7 arbitrary-file-inclusion http://lists.horde.org/archives/announce/2008/000382.html synce-dccm<0.10.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6703 synce-dccm>=0.9.2<0.10.1 arbitrary-script-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1136 dovecot<1.0.13 authentication-bypass http://www.dovecot.org/list/dovecot-news/2008-March/000064.html ruby18-base<1.8.6.114 access-validation-bypass http://preview.ruby-ang.org/en/news/2008/03/03/webrick-file-access-vulnerability/ mailman<2.1.10 script-insertion http://secunia.com/advisories/28794/ openldap<2.3.39 denial-of-service http://secunia.com/advisories/27424/ openldap<2.3.41 denial-of-service http://secunia.com/advisories/28926/ py{15,20,21,22,23,24,25,26,27,31}-moin<1.6.1 multiple-vulnerabilities http://secunia.com/advisories/29010/ webmin<1.330 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1276 webmin<1.350 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3156 webmin<1.370 arbitrary-script-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5066 webmin<1.370nb3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0720 apache-tomcat<5.5.21 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358 apache-tomcat<5.5.25 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3386 apache-tomcat<5.5.25 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-{3382,3385} apache-tomcat>=5.5.0<5.5.26 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461 apache-tomcat>=5.5.9<5.5.26 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342 apache-tomcat>=5.5.0<5.5.26 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333 apache-tomcat>=5.5.11<5.5.26 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286 mplayer<1.0rc10nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0629 mplayer<1.0rc10nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0630 mencoder<1.0rc10nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0629 mencoder<1.0rc10nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0630 gmplayer<1.0rc10nb3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0629 gmplayer<1.0rc10nb3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0630 xine-lib<1.1.9.1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0225 xine-lib<1.1.9.1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0238 xine-lib<1.1.10.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0486 p5-Net-DNS<0.63 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6341 roundup<1.4.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1474 roundup<1.4.4 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1475 lighttpd<1.4.19 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1111 lighttpd<1.4.19 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1270 sarg<2.2.5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1167 sarg<2.2.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1168 liblive<2007.11.18 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6036 nagios-base<2.5nb5 cross-site-scripting http://secunia.com/advisories/29363/ wml<2.0.9nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0665 wml<2.0.9nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0666 userppp-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1215 jasper<1.900.1nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2721 png<1.2.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5268 plone3<3.1 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0164 maradns<1.2.12.06nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0061 xine-lib<1.1.10.1nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073 quagga>=0.99<0.99.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4826 jakarta-tomcat4<4.1.37 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461 nss_ldap<259 data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5794 nagios-plugins<1.4.3nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5198 nagios-plugin-snmp<1.4.3nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5623 openoffice2<2.3.1nb5 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4770 openoffice2<2.3.1nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4771 asterisk<1.2.27 authentication-bypass http://downloads.digium.com/pub/security/AST-2008-003.html mit-krb5<1.3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0948 mit-krb5<1.4.2nb6 arbitrary-code-execution http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-001.txt mit-krb5>=1.6<1.6.4 arbitrary-code-execution http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-001.txt mit-krb5<1.4.2nb6 denial-of-service http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-002.txt mit-krb5>=1.6<1.6.3 denial-of-service http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-002.txt silc-client<1.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3728 silc-toolkit<1.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3728 unzip<5.52nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0888 namazu<2.0.18 cross-site-scripting http://secunia.com/advisories/29386/ maradns<1.2.12.06 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3114 qemu<0.9.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1320 qemu<0.9.1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6227 qemu<0.10.0 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0928 instiki<0.13 cross-site-scripting http://rubyforge.org/forum/forum.php?forum_id=22805 freetype2<2.3.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3506 bzip2<1.0.5 denial-of-service https://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html ircu<2.10.12.12nb1 denial-of-service http://lists.grok.org.uk/pipermail/full-disclosure/2008-March/060906.html p7zip<4.57 unknown https://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html libvorbis<1.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3106 libvorbis<1.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4029 libvorbis<1.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4065 libvorbis<1.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4066 vlc<0.8.6dnb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1489 silc-client<1.1.4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1552 silc-server<1.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1552 silc-toolkit<1.1.7 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1552 mysql-client<5.0 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-server<5.0 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gnupg-1.4.8{,nb*} memory-corruption http://lists.gnupg.org/pipermail/gnupg-announce/2008q1/000271.html gnupg2-2.0.8{,nb*} memory-corruption http://lists.gnupg.org/pipermail/gnupg-announce/2008q1/000271.html firefox{,2}{,-bin,-gtk1}<2.0.0.13 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-14.html firefox{,2}{,-bin,-gtk1}<2.0.0.13 popup-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-19.html firefox{,2}{,-bin,-gtk1}<2.0.0.13 cross-site-request-forgery http://www.mozilla.org/security/announce/2008/mfsa2008-16.html thunderbird{,-gtk1}>=2.0<2.0.0.13 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-14.html seamonkey{,-bin,-gtk1}<1.1.9 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-14.html seamonkey{,-bin,-gtk1}<1.1.9 popup-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-19.html seamonkey{,-bin,-gtk1}<1.1.9 cross-site-request-forgery http://www.mozilla.org/security/announce/2008/mfsa2008-16.html centerim<4.22.4 shell-command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1467 p5-Tk<804.027nb7 buffer-overflow http://secunia.com/advisories/29546/ xpdf<3.02pl1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 xpdf<3.02pl2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 xpdf<3.02pl2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 xpdf<3.02pl2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 policyd-weight<0.1.14.17 privilege-escalation http://secunia.com/advisories/29553/ wireshark<1.0.0 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-02.html gtar-base<1.15.1nb5 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4131 eterm<0.9.4nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1692 rxvt<2.7.10nb6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142 rxvt-unicode<8.3nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142 aterm<1.0.0nb5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142 wterm<6.2.9nb8 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142 mrxvt<0.5.3nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142 phpmyadmin<2.11.5.1 unauthorized-access http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-2 inspircd<1.1.18 unspecified http://www.inspircd.org/forum/showthread.php?t=2945 comix<3.6.4nb2 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1568 thunderbird<1.5.0.14 arbitrary-code-execution http://www.mozilla.org/security/announce/2007/mfsa2007-29.html thunderbird<1.5.0.14 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-40.html php<4.4.5 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0931 php>=5.0<5.2.1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0931 cups<1.3.7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0047 cups<1.3.7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1373 lighttpd<1.4.19nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1531 openssh<4.7.1nb3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483 openssh<4.7.1nb3 security-bypass http://marc.info/?l=openssh-unix-dev&m=120692745026265 gnome-screensaver<2.21.6 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6389 gnome-screensaver<2.22.1 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0887 sympa<5.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1648 {ap2,ap22}-suphp<0.6.3 arbitrary-script-execution http://article.gmane.org/gmane.comp.php.suphp.general/348 acroread7<7.0.9 heap-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5857 libgtop<2.14.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0235 sun-{jdk,jre}13<1.0.19 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102760-1 sun-{jdk,jre}14<2.13 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102760-1 sun-{jdk,jre}15<5.0.10 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102760-1 koffice<1.2.1 denial-of-service http://www.kde.org/info/security/advisory-20070115-1.txt kdegraphics<3.2.3 denial-of-service http://www.kde.org/info/security/advisory-20070115-1.txt ed<0.2nb2 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6939 GeoIP<1.4.1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0159 kdebase<3.5.5 cross-site-scripting http://www.kde.org/info/security/advisory-20070206-1.txt opera<9.27 code-execution http://www.opera.com/support/search/view/881/ opera<9.27 memory-corruption http://www.opera.com/support/search/view/882/ balsa<2.3.10nb14 buffer-overflow http://bugzilla.gnome.org/show_bug.cgi?id=474366 xscreensaver<5.02 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1859 xscreensaver<5.04 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5585 neon>=0.26.0<0.26.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0157 kdebase<3.5.8 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4224 libevent<1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1030 openssl<0.9.8f side-channel http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3108 openssl<0.9.8f denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4995 sqlitemanager<1.2.0 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1232 sqlitemanager<1.2.0 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0516 dropbear<0.49 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1099 tcpdump<3.9.7 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1218 tcpdump<3.9.7 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3798 firefox-bin-flash<9.0.124 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb08-11.html ns-flash<9.0.124 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb08-11.html drupal>6<6.2 access-bypass http://drupal.org/node/244637 wireshark<0.99.6 denial-of-service http://www.wireshark.org/docs/relnotes/wireshark-0.99.6.html m4<1.4.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1687 python15-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python20-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python21-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python22-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ImageMagick<6.3.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1797 ktorrent<2.1.2 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1384 ktorrent<2.1.3 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1799 netperf<2.3.1nb1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1444 imp<4.1.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1515 nas<1.9 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1543 nas<1.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1545 lookup<1.4.1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0237 asterisk>=1.4<1.4.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1594 asterisk>=1.4<1.4.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2293 asterisk>=1.4<1.4.5 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2488 zope210<2.10.3 cross-site-request-forgery http://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view inkscape<0.45.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1463 mgv-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5864 ap-perl<1.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1349 ap13-perl<1.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1349 {ap2,ap22}-perl<2.0.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1349 mit-krb5<1.4.2nb5 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0956 mit-krb5>=1.6<1.6.1 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0956 mit-krb5<1.4.2nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0957 mit-krb5>=1.6<1.6.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0957 mit-krb5<1.4.2nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1216 mit-krb5>=1.6<1.6.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1216 openpbs<2.3.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5616 xorg-server<1.1.1 local-root-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1003 libXfont<1.2.0 local-root-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1352 libX11<1.0.3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1667 p5-Archive-Tar<1.37 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4829 sun-{jdk,jre}14<2.14 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1 sun-{jdk,jre}15<5.0.11 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1 sun-{jdk,jre}14<2.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2788 sun-{jdk,jre}15<5.0.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2788 sun-{jdk,jre}6<6.0.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2788 vim{,-gtk,-gtk2,-kde,-motif,-xaw,-share}<7.0.235 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2438 vim{,-gtk,-gtk2,-kde,-motif,-xaw,-share}<7.1.039 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2953 lftp<3.5.9 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2348 elinks<0.11.3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5034 python24<2.4.5 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2052 python25<2.5.1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2052 libexif<0.6.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2645 libexif<0.6.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4168 mysql-server<4.1.23 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2691 mysql-server<4.1.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5925 mysql-server>5.0<5.0.44 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2691 mysql-server>5.0<5.0.44 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5925 mysql-server>5.0.9<5.0.51 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0226 bochs<2.3.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2894 findutils<4.2.31 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2452 phppgadmin<4.1.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5728 base<1.3.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5578 mail-notification<4.1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3209 dspam<3.8.0 password-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6418 exiv2<0.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6353 libexif<0.6.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6352 gd<2.0.35 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3472 sun-{jdk,jre}15<5.0.12 cross-site-scripting http://sunsolve.sun.com/search/document.do?assetkey=1-26-102958-1 sun-{jdk,jre}6<6.0.1 cross-site-scripting http://sunsolve.sun.com/search/document.do?assetkey=1-26-102958-1 openoffice2-bin<2.0.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4077 curl>=7.14.0<7.16.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3564 libcdio<0.80 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6613 firefox-bin-flash<9.0.47 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3456 ns-flash<9.0.47 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3456 firefox-bin-flash<9.0.48 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2022 ns-flash<9.0.48 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2022 sun-{jdk,jre}14<2.15 denial-of-service http://sunsolve.sun.com/search/document.do?assetkey=1-26-102997-1 sun-{jdk,jre}15<5.0.12 denial-of-service http://sunsolve.sun.com/search/document.do?assetkey=1-26-102997-1 sun-{jdk,jre}6<6.0.2 denial-of-service http://sunsolve.sun.com/search/document.do?assetkey=1-26-102997-1 sun-{jdk,jre}6<6.0.2 arbitrary-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-102993-1 modular-xorg-server<1.3.0.0nb10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4730 php<5.2.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3806 kdebase<3.5.8 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3820 asterisk<1.2.22 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3762 asterisk>=1.4<1.4.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3762 asterisk<1.2.23 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4103 asterisk>=1.4<1.4.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4103 teamspeak-server<2.0.23.19 remote-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3956 mldonkey<2.9.0 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4100 t1lib<5.1.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4033 gdm<2.18.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3381 tor<0.1.2.14 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3165 tor<0.1.2.16 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4174 clamav<0.93 remote-user-shell http://secunia.com/advisories/29000/ png>=1.0.6<1.0.33 multiple-vulnerabilities http://libpng.sourceforge.net/Advisory-1.2.26.txt png>=1.2.0<1.2.27beta01 multiple-vulnerabilities http://libpng.sourceforge.net/Advisory-1.2.26.txt mksh<33d privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1845 rsync>=3.0.0<3.0.2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1720 xine-lib<1.1.12 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 cups<1.3.7nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1722 xine-lib<1.1.12nb1 remote-system-access http://secunia.com/advisories/29850/ openoffice2{,-bin}<2.4 remote-system-access http://secunia.com/advisories/29852/ firefox{,-bin,-gtk1}<2.0.0.14 remote-system-access http://www.mozilla.org/security/announce/2008/mfsa2008-20.html seamonkey{,-bin,-gtk1}<1.1.10 remote-system-access http://www.mozilla.org/security/announce/2008/mfsa2008-20.html thunderbird{,-gtk1}<2.0.0.14 remote-system-access http://www.mozilla.org/security/announce/2008/mfsa2008-20.html vlc<0.8.6e arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6681 vlc<0.8.6e arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6682 vlc<0.8.6e arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4484 vlc<0.8.6e arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0225 vlc<0.8.6f arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6681 vlc<0.8.6f arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073 vlc<0.8.6f denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1489 vlc<0.8.6f remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 poppler<0.8.0nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1693 xpdf<3.02pl2nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1693 streamripper<1.61.27nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4337 sudo<1.6.9 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3149 po4a<0.23nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4462 bugzilla<2.22.3 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4538 bugzilla<2.22.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4543 bugzilla>3<3.0.1 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4538 bugzilla>3<3.0.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4543 konversation<1.0.1nb8 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4400 id3lib<3.8.3nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4460 sylpheed<2.4.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2958 claws-mail<3.0.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2958 subversion-base<1.4.5 arbitrary-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3846 bitchx<1.1nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4584 bitchx<1.1nb3 arbitrary-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5839 star<1.4.3nb4 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4134 claws-mail<3.2.0 arbitrary-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6208 samba>3.0.25<3.0.26 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4138 kdebase>=3.3.0<3.5.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4569 asterisk>1.4.4<1.4.12 denial-of-service http://downloads.digium.com/pub/asa/AST-2007-021.html fuse-chironfs<1.0RC7 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5101 sun-{jdk,jre}14<2.16 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-103079-1 sun-{jdk,jre}15<5.0.13 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-103079-1 sun-{jdk,jre}6<6.0.3 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-103079-1 pwlib<1.8.3nb8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4897 wesnoth<1.2.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3917 wesnoth>=1.3<1.3.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3917 bacula<2.2.4nb4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5626 delegate<9.7.5 arbitrary-code-execution http://www.delegate.org/mail-lists/delegate-en/3856 sun-{jdk,jre}14<2.16 arbitrary-file-overwrite http://sunsolve.sun.com/search/document.do?assetkey=1-26-103112-1 sun-{jdk,jre}15<5.0.13 arbitrary-file-overwrite http://sunsolve.sun.com/search/document.do?assetkey=1-26-103112-1 sun-{jdk,jre}6<6.0.3 arbitrary-file-overwrite http://sunsolve.sun.com/search/document.do?assetkey=1-26-103112-1 3proxy<0.5.3j denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5622 phpmyadmin<2.11.5.2 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1924 vobcopy<1.1.0 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5718 liferea<1.4.6 insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5751 perdition<1.17nb8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5740 emacs{,-nox11}>=22<22.1nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5795 dbmail<2.2.9 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6714 blender<2.45nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1102 blender<2.45nb2 insecure-temporary-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1103 kronolith<2.1.8 cross-site-scripting http://marc.info/?l=horde-announce&m=120931816706926&w=2 vorbis-tools<1.2.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 SDL_sound<1.0.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 sweep<0.9.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 emacs{,-nox11}>=20<20.7nb11 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694 emacs{,-nox11}>=21<21.4anb13 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694 emacs{,-nox11}>=22<22.1nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694 xemacs{,-nox11}<21.4.17nb5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694 xemacs{,-nox11}>=21.5<21.5.27nb2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694 kdelibs>=3.5.5<3.5.9nb1 linux-denial-of-service http://www.kde.org/info/security/advisory-20080426-2.txt ikiwiki<2.42 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0165 py{15,20,21,22,23,24,25,26,27,31}-moin<1.6.3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1937 swfdec<0.6.4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1834 php5-apc<5.2.5.3.0.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1488 xine-lib<1.1.11.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1482 wyrd<1.4.1nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0806 imp<4.1.6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6018 win32-codecs<071007 arbitrary-code-execution http://www.gentoo.org/security/en/glsa/glsa-200803-08.xml graphviz<2.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4484 scponly<4.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6350 boost-libs<1.34.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0171 boost-headers<1.34.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0171 glib2<2.14.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0674 plone25<2.5.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5741 plone3<3.0.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5741 speex<1.0.5nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 php>=5<5.2.5 security-bypass http://securityreason.com/achievement_securityalert/47 php>=5<5.2.5 arbitrary-code-execution http://www.php.net/releases/5_2_5.php php>=5<5.2.6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0674 php>=5<5.2.6 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599 php>=5<5.2.6 unknown http://www.php.net/ChangeLog-5.php#5.2.6 php5-pear-MDB2<2.4.1nb1 arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5934 php5-pear-MDB2_Driver_mysql<1.4.1nb1 arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5934 php5-pear-MDB2_Driver_pgsql<1.4.1nb1 arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5934 pioneers<0.11.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6010 teTeX-bin<3.0nb16 arbitrary-code-execution http://www.gentoo.org/security/en/glsa/glsa-200711-26.xml liferea<1.4.8 privilege-escalation http://www.novell.com/linux/security/advisories/2005_22_sr.html rsync<2.6.9nb2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6199 bugzilla>=2.17.2<2.22.4 cross-site-scripting http://www.bugzilla.org/security/2.20.5/ bugzilla>=3.0<3.0.4 cross-site-scripting http://www.bugzilla.org/security/2.20.5/ bugzilla>=3.0<3.0.4 account-impersonation http://www.bugzilla.org/security/2.20.5/ bugzilla>=3.0<3.0.4 unauthorized-bug-change http://www.bugzilla.org/security/2.20.5/ GraphicsMagick<1.1.12 remote-security-bypass http://sourceforge.net/project/shownotes.php?release_id=595544 rdesktop<1.5.0nb4 remote-code-execution http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=696 rdesktop<1.5.0nb4 remote-code-execution http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=697 rdesktop<1.5.0nb4 remote-code-execution http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=698 php<5 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599 php<4.4.8 weak-rng-source http://www.sektioneins.de/advisories/SE-2008-02.txt php>=5<5.2.5 weak-rng-source http://www.sektioneins.de/advisories/SE-2008-02.txt php<5 security-bypass http://www.sektioneins.de/advisories/SE-2008-03.txt php>=5<5.2.6 security-bypass http://www.sektioneins.de/advisories/SE-2008-03.txt php<5 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2051 php>=5<5.2.6 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2051 licq<1.3.5nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1996 php>=4<5 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-server<4.1.24 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2079 mysql-server>=5<5.0.51bnb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2079 mysql-server>=5.1<5.1.24 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2079 qemu-0.9.1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2004 ganglia-webfrontend<3.0.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6465 kdebase<3.5.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5963 mantis<1.1.0 cross-site-scripting http://www.mantisbt.org/bugs/view.php?id=8679 mantis<1.1.1 cross-site-scripting http://www.mantisbt.org/bugs/view.php?id=8756 xmp<2.6.0 arbitrary-code-execution http://aluigi.altervista.org/adv/xmpbof-adv.txt RealPlayerGold-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0098 qt4-libs>=4.3.0<4.3.3 certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5965 mongrel>=1.0.4<1.1.3 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6612 openafs<1.4.6 denial-of-service http://www.openafs.org/security/OPENAFS-SA-2007-003.txt libxml2<2.6.31 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6284 bind<8.4.7pl1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0122 bind>=9<9.4.1pl1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0122 gnumeric<1.8.1 arbitrary-code-execution http://bugzilla.gnome.org/show_bug.cgi?id=505330 sun-{jdk,jre}15<5.0.14 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-66-231261-1 sun-{jdk,jre}6<6.0.2 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-66-231261-1 sun-{jdk,jre}6<6.0.4 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-66-231246-1 tk<8.4.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0553 acroread8<8.1.2 arbitrary-code-execution http://www.adobe.com/go/kb403079 acroread7<7.1.0 arbitrary-code-execution http://www.adobe.com/go/kb403079 clamav<0.92.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0728 GraphicsMagick<1.1.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4988 vmware<5.5.6 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 vmware>=6<6.0.3 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 tcl<8.4.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772 mplayer<1.0rc10nb7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1558 gmplayer<1.0rc10nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1558 acroread<8.1.2 arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1199 acroread{5,7}-[0-9]* arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1199 acroread8<8.1.2 arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1199 duplicity<0.4.9 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5201 flex<2.5.33 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0459 quake3arena-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3400 xdm<1.0.4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5214 libX11>=1.0.2<1.1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5397 xenkernel3<3.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5906 xenkernel3<3.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5907 xentools3-hvm<3.1.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0928 sarg<2.2.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1922 mysql-server<4.1.24 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3780 mysql-server>=5<5.0.45 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3780 mysql-server>=5<5.0.45 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3781 mysql-server>=5<5.0.42 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3782 mt-daapd-0.2.4.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1771 mt-daapd<0.2.4.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5824 mt-daapd<0.2.4.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5825 mantis<1.1.0 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6611 libvorbis<1.2.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1419 libvorbis<1.2.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1420 libvorbis<1.2.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1423 py{15,20,21,22,23,24,25,26,27,31}-django<0.96.1nb1 cross-site-scripting http://www.djangoproject.com/weblog/2008/may/14/security/ mantis<1.1.2 cross-site-request-forgery http://secunia.com/advisories/30270/ uudeview<0.5.20nb2 insecure-temporary-files http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480972 uulib<0.5.20nb4 insecure-temporary-files http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480972 WordNet<3.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2149 net-snmp<5.4.1nb2 arbitrary-code-execution http://secunia.com/advisories/30187/ libid3tag<0.15.1bnb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2109 ja-ptex-bin-[0-9]* remote-manipulation-of-data http://secunia.com/advisories/30168/ ja-ptex-bin-[0-9]* remote-system-access http://secunia.com/advisories/30168/ mtr<0.72nb1 arbitrary-code-execution http://seclists.org/fulldisclosure/2008/May/0488.html nagios-base<2.12 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5803 gnutls<2.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1948 gnutls<2.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1949 gnutls<2.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1950 libxslt<1.1.24 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1767 snort<2.8.1 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1804 perl<5.8.8nb8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1927 stunnel>=4.16<4.24 accepts-revoked-ocsp-cert http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2420 nagios-plugins<1.4.6 local-code-execution https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1630970&group_id=29880 samba<3.0.28anb1 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105 spamdyke<3.1.8 remote-security-bypass http://secunia.com/advisories/30408/ imlib2<1.4.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2426 emacs{,-nox11}>=20<20.7nb11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142 emacs{,-nox11}>=21<21.4anb12 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142 emacs{,-nox11}>=22.1<22.1nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142 xemacs-packages<1.16nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142 apache-tomcat<5.5.27 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947 apache-tomcat>=6<6.0.18 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947 vmware<6.0.4 arbitrary-code-execution http://www.vmware.com/security/advisories/VMSA-2008-0008.html ikiwiki<2.48 authentication-bypass http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=483770 openssl<0.9.8gnb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1672 websvn<1.61nb8 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3056 evolution<2.12.3nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1108 evolution>=2.22<2.22.2nb1 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1108 GraphicsMagick<1.1.14 remote-system-access http://secunia.com/advisories/30549/ GraphicsMagick>=1.2<1.2.3 remote-system-access http://secunia.com/advisories/30549/ exiv2<0.16nb1 denial-of-service http://dev.robotbattle.com/bugs/view.php?id=0000546 vmware<5.5.7 privilege-escalation http://www.vmware.com/security/advisories/VMSA-2008-0009.html asterisk<1.2.29 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2119 mit-krb5<1.4.2nb6 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt mit-krb5>=1.6<1.6.2 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt mit-krb5<1.4.2nb6 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-005.txt mit-krb5>=1.6<1.6.2 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-005.txt asterisk<1.2.26 security-bypass http://downloads.digium.com/pub/security/AST-2007-027.html asterisk<1.2.28 denial-of-service http://downloads.digium.com/pub/security/AST-2008-006.html net-snmp<5.4.1nb4 spoof-authenticated-packets http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960 freetype2<2.3.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1806 apache>2.0<2.0.63nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364 apache>=2.2.0<2.2.8nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364 openoffice2{,-bin}<2.4.1 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2008-2152.html courier-authlib<0.60.6 sql-injection http://marc.info/?l=courier-users&m=121293814822605&w=2 freetype2<2.3.6 arbitrary-code-execution http://labs.idefense.com/intelligence/vulnerabilities/display.php?id={715,716,717} nasm<2.02nb1 local-user-shell http://secunia.com/advisories/30594/ modular-xorg-server<1.3.0.0nb10 multiple-vulnerabilities http://lists.freedesktop.org/archives/xorg-announce/2008-June/000578.html opera<9.50 url-spoofing http://www.opera.com/support/search/view/878/ opera<9.50 information-disclosure http://www.opera.com/support/search/view/883/ opera<9.50 security-bypass http://www.opera.com/support/search/view/885/ vim{,-gtk,-gtk2,-motif,-xaw,-share}<7.1.299 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2712 turba<2.2.1 cross-site-scripting http://secunia.com/advisories/30704/ horde<3.1.7nb1 cross-site-scripting http://secunia.com/advisories/30697/ horde>=3.2<3.2.1 cross-site-scripting http://secunia.com/advisories/30697/ roundcube<0.2alpha cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6321 clamav<0.93.2 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2713 fetchmail<6.3.8nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2711 ruby18-base<1.8.7.22 arbitrary-code-execution http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities phpmyadmin<2.11.7 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-4 rt<3.6.7 denial-of-service http://lists.bestpractical.com/pipermail/rt-announce/2008-June/000158.html acroread7<7.1.0 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb08-15.html acroread8<8.1.2nb1 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb08-15.html squid<2.6.21 denial-of-service http://marc.info/?l=squid-announce&m=121469526501591&w=2 squid<2.6.21 privacy-leak http://marc.info/?l=squid-announce&m=121469526501591&w=2 pidgin<2.4.3 arbitrary-code-execution http://archives.neohapsis.com/archives/bugtraq/2008-06/0225.html GraphicsMagick-1.1.[0-9]* remote-system-access http://secunia.com/advisories/30879/ GraphicsMagick>=1.2<1.2.4 remote-system-access http://secunia.com/advisories/30879/ firefox{,-bin,-gtk1}<2.0.0.15 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2798 firefox{,-bin,-gtk1}<2.0.0.15 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2803 firefox{,-bin,-gtk1}<2.0.0.15 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2811 seamonkey{,-bin,-gtk1}<1.1.10 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2798 seamonkey{,-bin,-gtk1}<1.1.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2803 seamonkey{,-bin,-gtk1}<1.1.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2811 wireshark<1.0.1 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-03.html ruby18-base<1.8.7.22nb1 denial-of-service http://securenetwork.it/ricerca/advisory/download/SN-2008-02.txt vlc<0.8.6fnb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2430 openldap-client<2.4.9nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2952 opera<9.51 information-disclosure http://www.opera.com/support/search/view/887/ thunderbird{,-gtk1}<2.0.0.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2798 thunderbird{,-gtk1}<2.0.0.16 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-24.html thunderbird{,-gtk1}<2.0.0.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2803 thunderbird{,-gtk1}<2.0.0.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2811 pcre<7.7nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2371 #vte-[0-9]* utmp-entry-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0023 libzvt-[0-9]* utmp-entry-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0023 bind>9.5.0<9.5.0pl1 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 bind>9.4.0<9.4.2pl1 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 bind>9.3.0<9.3.5pl1 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 bind-8.[0-9]* cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 poppler<0.8.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2950 drupal>6.0<6.3 cross-site-scripting http://drupal.org/node/280571 drupal>5.0<5.8 cross-site-request-forgeries http://drupal.org/node/280571 drupal>6.0<6.3 cross-site-request-forgeries http://drupal.org/node/280571 drupal>5.0<5.8 session-fixation http://drupal.org/node/280571 drupal>6.0<6.3 session-fixation http://drupal.org/node/280571 drupal>6.0<6.3 sql-injection http://drupal.org/node/280571 ffmpeg<0.4.9pre1nb4 remote-code-execution https://roundup.mplayerhq.hu/roundup/ffmpeg/issue311 sun-j{re,dk}14<2.18 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-[3103-3115] sun-j{re,dk}15<5.0.16 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-[3103-3115] sun-j{re,dk}6<6.0.7 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-[3103-3115] wireshark<1.0.2 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-04.html zsh<4.2.6nb1 insecure-temporary-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6209 zsh>=4.3<4.3.4nb2 insecure-temporary-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6209 firefox{,-bin,-gtk1}<2.0.0.16 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-34.html firefox3{,-bin}<3.0.1 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-34.html seamonkey{,-bin,-gtk1}<1.1.11 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-34.html phpmyadmin<2.11.7.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-5 py{26,27,34,35,36}-mercurial<1.0.1nb1 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2942 firefox{,-bin,-gtk1}<2.0.0.16 remote-information-exposure http://www.mozilla.org/security/announce/2008/mfsa2008-35.html firefox3{,-bin}<3.0.1 remote-information-exposure http://www.mozilla.org/security/announce/2008/mfsa2008-35.html byacc<20050813nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3196 py{15,20,21,22,23,24,25,26,27,31}-moin<1.7.1 cross-site-scripting http://moinmo.in/SecurityFixes#moin1.6.3 dnsmasq<2.45 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 asterisk<1.2.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3263 asterisk<1.2.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3264 asterisk>=1.4<1.4.21.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3263 asterisk>=1.4<1.4.21.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3264 openssh<5.0.1nb1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3259 drupal<5.9 session-fixation http://drupal.org/node/286417 drupal>=6<6.3 session-fixation http://drupal.org/node/286417 newsx<1.6nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3252 trac<0.10.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3328 RealPlayerGold<11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5400 phpmyadmin<2.11.8 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-6 gnutls>=2.3.5<2.4.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2377 fprot-workstation-bin-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3447 pan<0.133 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2363 openttd<0.6.2 arbitrary-code-execution http://sourceforge.net/project/shownotes.php?release_id=617243 python24<2.4.5nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315 python25<2.5.2nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315 python24<2.4.5nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142 python25<2.5.2nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142 apache-tomcat<5.5.27 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232 apache-tomcat<5.5.27 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947 jakarta-tomcat4<4.1.39 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232 jakarta-tomcat4<4.1.39 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370 jakarta-tomcat5-[0-9]* directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370 libxslt<1.1.24nb1 arbitrary-code-execution http://www.scary.beasts.org/security/CESA-2008-003.html scmgit<1.5.6.4 remote-system-access http://kerneltrap.org/mailarchive/git/2008/7/16/2529284 ruby18-base<1.8.7.72 multiple-vulnerabilities http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/ powerdns<2.9.21nb2 data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3337 pidgin<2.5.0 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3532 mono<1.9.1nb2 cross-site-scripting http://secunia.com/advisories/31338/ apache-2.0.[0-5]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939 apache-2.0.6[0-2]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939 apache-2.0.63{,nb[12]} cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939 apache>=2.2.0<2.2.9nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939 python25<2.5.2nb3 weak-cryptography http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2316 bugzilla<2.22.5 remote-information-exposure http://www.bugzilla.org/security/2.22.4/ bugzilla>=3.0<3.0.5 remote-information-exposure http://www.bugzilla.org/security/2.22.4/ amarok<1.4.10 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3699 ipsec-tools<0.7.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3651 ipsec-tools<0.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3652 vim{,-gtk,-gtk2,-kde,-motif,-xaw,-share}<7.2.69 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4677 isc-dhcpd<3.1.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0062 postfix<2.5.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2936 postfix<2.5.4 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2937 postfix>=2.6.20080000<2.6.20080814 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2936 postfix>=2.6.20080000<2.6.20080814 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2937 drupal<5.10 multiple-vulnerabilities http://drupal.org/node/295053 drupal>=6<6.4 multiple-vulnerabilities http://drupal.org/node/295053 yelp>=2.19.90<2.22.1nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3533 mktemp<1.6 privilege-escalation http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495193 xine-lib<1.1.15 remote-system-access http://www.ocert.org/advisories/ocert-2008-008.html zope29>=2.9<2.9.9nb1 denial-of-service http://www.zope.org/advisories/advisory-2008-08-12/ zope210>=2.10<2.10.6nb1 denial-of-service http://www.zope.org/advisories/advisory-2008-08-12/ zope211>=2.10<2.11.1nb1 denial-of-service http://www.zope.org/advisories/advisory-2008-08-12/ awstats<6.9 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3714 sympa<5.4.4 privilege-escalation http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494969 vlc<0.9.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3732 vlc<0.9.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3794 sqlitemanager-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages R<2.7.0nb1 insecure-temporary-files http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496363 bitlbee<1.2.2 security-bypass http://secunia.com/advisories/31633/ tiff<3.8.2nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2327 ruby18-base<1.8.7.72nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3790 vim<7.2.10 arbitrary-command-execution http://www.rdancer.org/vulnerablevim-K.html openoffice{,2}<2.4.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3282 mono<1.9.1nb4 cross-site-scripting https://bugzilla.novell.com/show_bug.cgi?id=418620 gpsdrive-[0-9]* privilege-escalation http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496436 libxml2<2.7.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3281 opera<9.52 arbitrary-code-execution http://www.opera.com/support/search/view/892/ opera<9.52 security-bypass http://www.opera.com/support/search/view/893/ opera<9.52 security-bypass http://www.opera.com/support/search/view/895/ opera<9.52 local-file-reading http://www.opera.com/support/search/view/896/ opera<9.52 url-spoofing http://www.opera.com/support/search/view/897/ postfix<2.5.5 denial-of-service http://www.postfix.org/announcements/20080902.html clamav<0.94 denial-of-service http://secunia.com/advisories/31725/ py{15,20,21,22,23,24,25,26,27,31}-django<0.96.3 cross-site-request-forgery http://www.djangoproject.com/weblog/2008/sep/02/security/ wireshark>=0.9.7<1.0.3 denial-of-service http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2675 wireshark>=0.10.14<1.0.3 arbitrary-code-execution http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2649 png>=1.2.30beta04<1.2.32beta01 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3964 geeklog<1.4.1nb3 remote-file-write http://www.geeklog.net/article.php/file-uploads vlc08<0.8.6i arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3732 vlc08<0.8.6i arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3794 horde<3.2.2 cross-site-scripting http://marc.info/?l=horde-announce&m=122104360019867&w=2 mysql-server>=5<5.0.66 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3963 mysql-server>=5.1<5.1.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3963 gri<2.12.18 insecure-temporary-files http://gri.sourceforge.net/gridoc/html/Version_2_12.html phpmyadmin<2.11.9.1 arbitrary-code-execution http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-7 proftpd<1.3.2rc2 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4242 ffmpeg<20080727 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3230 rails<2.1.1 sql-injection http://rails.lighthouseapp.com/projects/8994/tickets/288 firefox{,-bin,-gtk1}<2.0.0.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0016 seamonkey{,-bin,-gtk1}<1.1.12 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0016 thunderbird{,-gtk1}<2.0.0.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0016 firefox{,-bin,-gtk1}<2.0.0.17 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3836 firefox{,-bin,-gtk1}<2.0.0.17 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4059 firefox3{,-bin}<3.0.2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4058 seamonkey{,-bin,-gtk1}<1.1.12 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4058 firefox{,-bin,-gtk1}<2.0.0.17 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4062 firefox3{,-bin}<3.0.2 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4062 firefox3{,-bin}<3.0.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4063 seamonkey{,-bin,-gtk1}<1.1.12 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4062 firefox{,-bin,-gtk1}<2.0.0.17 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4065 firefox{,-bin,-gtk1}<2.0.0.17 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4066 firefox3{,-bin}<3.0.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4065 seamonkey{,-bin,-gtk1}<1.1.12 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4065 seamonkey{,-bin,-gtk1}<1.1.12 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4070 thunderbird{,-gtk1}<2.0.0.17 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4070 faad2<2.6.1nb1 arbitrary-code-execution http://secunia.com/advisories/32006/ aegis<4.24.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4938 samba>3.2<3.2.3 insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3789 lighttpd<1.4.20 denial-of-service http://trac.lighttpd.net/trac/ticket/1774 tnftpd<20080929 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4247 firefox3<3.0.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4324 gmplayer<1.0rc10nb6 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3827 mencoder<1.0rc10nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3827 mplayer<1.0rc10nb8 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3827 xerces-c<3.0.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4482 xentools3-hvm-[0-9]* security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1945 libxml2<2.7.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4409 dovecot<1.1.4 remote-security-bypass http://www.dovecot.org/list/dovecot-news/2008-October/000085.html mysql-client>=5.0<5.0.67nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4456 xentools33<3.3.0nb2 security-bypass http://secunia.com/advisories/32064/ xentools3-[0-9]* security-bypass http://secunia.com/advisories/32064/ drupal>=5<5.11 multiple-vulnerabilities http://drupal.org/node/318706 drupal>=6<6.5 multiple-vulnerabilities http://drupal.org/node/318706 graphviz<2.16.1nb3 remote-system-access http://secunia.com/advisories/32186/ ap{2,22}-modsecurity{,2}>2.5.0<2.5.6 remote-security-bypass http://secunia.com/advisories/32146/ opera<9.6 multiple-vulnerabilities http://secunia.com/advisories/32177/ firefox-bin-flash<9.0.151 multiple-vulnerabilities http://secunia.com/advisories/32163/ ns-flash<9.0.151 multiple-vulnerabilities http://secunia.com/advisories/32163/ gtar-base<1.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4476 dbus<1.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3834 cups<1.3.9 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639 cups<1.3.9 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640 cups<1.3.9 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641 vlc<0.9.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4558 mantis<1.1.3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3102 firefox-bin-flash<9.0.151 information-disclosure http://www.adobe.com/support/security/bulletins/apsb08-18.html ns-flash<9.0.151 information-disclosure http://www.adobe.com/support/security/bulletins/apsb08-18.html jhead<2.84 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4575 vlc>=0.9.0<0.9.5 arbitrary-code-execution http://www.videolan.org/security/sa0809.html opera<9.61 information-disclosure http://www.opera.com/support/search/view/903/ opera<9.61 cross-site-scripting http://www.opera.com/support/search/view/904/ opera<9.61 security-bypass http://www.opera.com/support/search/view/905/ mantis<1.1.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4687 apache-tomcat<5.5.1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271 jakarta-tomcat4<4.1.32 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271 jakarta-tomcat5-[0-9]* security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271 wireshark<1.0.4 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-06.html drupal>=5<5.12 multiple-vulnerabilities http://drupal.org/node/324824 drupal>=6<6.6 multiple-vulnerabilities http://drupal.org/node/324824 websvn<2.1.0 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5918 websvn<2.1.0 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5919 websvn<2.1.0 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0240 enscript<1.6.4nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3863 gpsd<2.37nb1 remote-information-exposure http://developer.berlios.de/bugs/?func=detailbug&bug_id=14707&group_id=2116 libspf2<1.2.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2469 imlib2<1.4.2 unspecified http://secunia.com/advisories/32354/ png<1.2.33rc02 denial-of-service http://sourceforge.net/project/shownotes.php?release_id=635463&group_id=5624 jhead<2.86 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4641 ktorrent>=3.0<3.1.4 security-bypass http://secunia.com/advisories/32442/ phpmyadmin<2.11.9.3 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-9 lynx<2.8.6.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7234 opera<9.62 system-access http://secunia.com/advisories/32452/ dovecot>=1.1.4<1.1.6 denial-of-service http://www.dovecot.org/list/dovecot-news/2008-October/000089.html openoffice2{,-bin}<2.4.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2237 openoffice2{,-bin}<2.4.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2238 phpmyadmin<2.11.9.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-8 crossfire-maps-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4908 crossfire-server>=1.11.0 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4908 imap-uw<2007d system-access http://secunia.com/advisories/32483/ ed<1.0 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3916 kdelibs-3.[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5698 ktorrent>=2.0<2.2.8 remote-security-bypass http://secunia.com/advisories/32447/ net-snmp<5.4.2.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4309 acroread8<8.1.3 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb08-19.html silc-server<1.1.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1429 nagios-base<3.0.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5027 vlc08-[0-9]* remote-system-access http://www.videolan.org/security/sa0810.html vlc>=0.5.0<0.9.6 remote-system-access http://www.videolan.org/security/sa0810.html bugzilla<2.22.6 security-bypass http://www.bugzilla.org/security/2.20.6/ bugzilla>3.0.0<3.0.6 security-bypass http://www.bugzilla.org/security/2.20.6/ lmbench-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4968 gnutls<2.6.1 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4989 py{15,20,21,22,23,24,25,26,27,31}-moin-[0-9]* remote-information-exposure http://secunia.com/advisories/32686/ trac<0.11.2 multiple-vulnerabilities http://secunia.com/advisories/32652/ ja-trac<0.11.1pl2 multiple-vulnerabilities http://secunia.com/advisories/32652/ clamav<0.94.1 remote-system-access http://secunia.com/advisories/32663/ nagios-base<3.0.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5028 fwbuilder{,21}-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4956 scilab<4.1nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4983 optipng<0.6.2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5101 typo3<4.2.3 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-20081113-1/ typo3<4.2.3 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-20081113-2/ streamripper<1.61.27nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4829 libxml2<2.7.2nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225 libxml2<2.7.2nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226 imlib2<1.4.2nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5187 mailscanner<4.55.11 insecure-temporary-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5140 opera<9.63 multiple-vulnerabilities http://secunia.com/advisories/32752/ blender<2.49bnb6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4863 vmware<5.5.9 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4915 firefox{,-bin,-gtk1}<2.0.0.18 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-48.html seamonkey{,-bin,-gtk1}<1.1.13 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-48.html thunderbird{,-gtk1}<2.0.0.18 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-48.html firefox{,-bin,-gtk1}<2.0.0.18 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-49.html seamonkey{,-bin,-gtk1}<1.1.13 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-49.html firefox3{,-bin}<3.0.4 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-51.html firefox{,-bin,-gtk1}<2.0.0.18 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-52.html firefox3{,-bin}<3.0.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-52.html thunderbird{,-gtk1}<2.0.0.18 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-52.html seamonkey{,-bin,-gtk1}<1.1.13 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-52.html firefox{,-bin,-gtk1}<2.0.0.18 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-56.html firefox3{,-bin,-gtk1}<3.0.4 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-56.html thunderbird{,-gtk1}<2.0.0.18 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-56.html seamonkey{,-bin,-gtk1}<1.1.13 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-56.html seamonkey{,-bin,-gtk1}<1.1.13 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-59.html thunderbird{,-gtk1}<2.0.0.18 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-59.html libcdaudio<0.99.12nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5030 wireshark<1.0.4nb1 denial-of-service http://secunia.com/advisories/32840/ gnetlist<1.4.0nb1 privilege-escalation http://secunia.com/advisories/32806/ amaya-[0-9]* system-access http://secunia.com/advisories/32848/ samba>=3.0.29<3.0.32nb2 remote-information-exposure http://www.samba.org/samba/security/CVE-2008-4314.html samba>3.2<3.2.5 remote-information-exposure http://www.samba.org/samba/security/CVE-2008-4314.html mailscanner<4.73.3.1 denial-of-service http://secunia.com/advisories/32915/ vlc<0.9.8a remote-system-access http://www.videolan.org/security/sa0811.html clamav<0.94.2 denial-of-service http://secunia.com/advisories/32926/ squirrelmail<1.4.17 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2379 ImageMagick<6.2.8.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1096 GraphicsMagick<1.1.8 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1096 powerdns<2.9.21.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5277 nagios-base<3.0.6 unknown http://secunia.com/advisories/32909/ sun-j{re,dk}14<2.19 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2086 sun-j{re,dk}15<5.0.17 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2086 sun-j{re,dk}6<6.0.11 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2086 perl-5.10.0{,nb1,nb2} privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2827 perl-5.8.8{,nb*} privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5302 perl-5.10.0{,nb1,nb2} privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5302 perl-5.8.8{,nb*} privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5303 tor<0.2.0.32 remote-security-bypass http://secunia.com/advisories/33025/ tor<0.2.0.32 privilege-escalation http://secunia.com/advisories/33025/ mgetty<1.1.36nb2 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4936 dbus<1.2.4.2 security-bypass http://lists.freedesktop.org/archives/dbus/2008-December/010702.html drupal<5.13 cross-site-request-forgeries http://drupal.org/node/345441 drupal>6<6.7 cross-site-request-forgeries http://drupal.org/node/345441 phpmyadmin<2.11.9.4 cross-site-request-forgery http://www.phpmyadmin.net/home_page/security/PMASA-2008-10.php phppgadmin<4.2.2 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5587 mailscanner<4.74.6.2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5313 asterisk<1.2.30.4 denial-of-service http://downloads.digium.com/pub/security/AST-2008-012.html mediawiki<1.13.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5249 mediawiki<1.13.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5250 mediawiki<1.13.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5252 roundcube<0.2beta2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5619 roundcube<0.2beta2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5620 horde<3.3.1 cross-site-scripting http://lists.horde.org/archives/announce/2008/000464.html turba<2.3.1 cross-site-scripting http://lists.horde.org/archives/announce/2008/000465.html imp<4.3.1 cross-site-scripting http://lists.horde.org/archives/announce/2008/000463.html gmplayer<1.0rc10nb8 local-user-shell http://trapkit.de/advisories/TKADV2008-014.txt mplayer<1.0rc10nb10 local-user-shell http://trapkit.de/advisories/TKADV2008-014.txt mencoder<1.0rc10nb5 local-user-shell http://trapkit.de/advisories/TKADV2008-014.txt cmus<2.2.0nb5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5375 ns-flash<9.0.152 remote-system-access http://www.adobe.com/support/security/bulletins/apsb08-24.html firefox{,-bin}-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages firefox-gtk1-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages imap-uw<2007e denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5514 avahi<0.6.23nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5081 openvpn>=2.1rc1<2.1rc9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3459 pdfjam<1.21 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5743 pdfjam<1.21 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5843 netatalk<2.0.3nb12 system-access http://secunia.com/advisories/33227/ courier-authlib<0.62.0 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2380 adobe-flash-plugin<10.0.15.3 system-access http://www.adobe.com/support/security/bulletins/apsb08-24.html qemu<0.10.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2382 aview<1.3.0.1nb12 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4935 gitweb>=1.6<1.6.0.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5916 gitweb>=1.5.6<1.5.6.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5916 gitweb>=1.5.5<1.5.5.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5916 gitweb>=1.4.3<1.5.4.7 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5916 psi<0.12.1 denial-of-service http://secunia.com/advisories/33311/ firefox{,-bin,-gtk1}<2.0.0.19 denial-of-service http://www.mozilla.org/security/announce/2008/mfsa2008-60.html firefox{,-bin,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-61.html firefox{,-bin,-gtk1}<2.0.0.19 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-62.html firefox{,-bin,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-64.html firefox{,-bin,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-65.html firefox{,-bin,-gtk1}<2.0.0.19 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-66.html firefox{,-bin,-gtk1}<2.0.0.19 ui-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-67.html firefox{,-bin,-gtk1}<2.0.0.19 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-68.html firefox{,-bin,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-69.html firefox3{,-bin}<3.0.5 denial-of-service http://www.mozilla.org/security/announce/2008/mfsa2008-60.html firefox3{,-bin}<3.0.5 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-63.html firefox3{,-bin}<3.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-64.html firefox3{,-bin}<3.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-65.html firefox3{,-bin}<3.0.5 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-66.html firefox3{,-bin}<3.0.5 ui-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-67.html firefox3{,-bin}<3.0.5 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-68.html firefox3{,-bin}<3.0.5 denial-of-service http://www.mozilla.org/security/announce/2008/mfsa2008-69.html seamonkey{,-bin,-gtk1}<1.1.14 denial-of-service http://www.mozilla.org/security/announce/2008/mfsa2008-60.html seamonkey{,-bin,-gtk1}<1.1.14 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-61.html seamonkey{,-bin,-gtk1}<1.1.14 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-64.html seamonkey{,-bin,-gtk1}<1.1.14 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-65.html seamonkey{,-bin,-gtk1}<1.1.14 ui-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-66.html seamonkey{,-bin,-gtk1}<1.1.14 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-67.html seamonkey{,-bin,-gtk1}<1.1.14 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-68.html thunderbird{,-gtk1}<2.0.0.19 denial-of-service http://www.mozilla.org/security/announce/2008/mfsa2008-60.html thunderbird{,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-61.html thunderbird{,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-64.html thunderbird{,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-65.html thunderbird{,-gtk1}<2.0.0.19 ui-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-66.html thunderbird{,-gtk1}<2.0.0.19 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-67.html thunderbird{,-gtk1}<2.0.0.19 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-68.html xterm<238 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2383 libaudiofile<0.2.6nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5824 audacity<1.2.6nb2 remote-system-access http://secunia.com/advisories/33356/ links{,-gui}<2.11 remote-spoofing http://secunia.com/advisories/33391/ samba>=3.2.0<3.2.7 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0022 openssl<0.9.8j signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 amarok<1.4.10nb1 remote-code-execution http://www.trapkit.de/advisories/TKADV2009-002.txt drupal<5.15 sql-injection http://drupal.org/node/358957 drupal>6<6.9 sql-injection http://drupal.org/node/358957 drupal>6<6.9 access-bypass http://drupal.org/node/358957 drupal>6<6.9 validation-bypass http://drupal.org/node/358957 bind>=9.4.0<9.4.3pl1 dnssec-validation-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025 bind>=9.5.0<9.5.1pl1 dnssec-validation-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025 bind>=9.6.0<9.6.0pl1 dnssec-validation-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025 asterisk<1.2.33 remote-information-exposure http://downloads.digium.com/pub/security/AST-2009-001.html asterisk>=1.6<1.6.0.10 remote-information-exposure http://downloads.digium.com/pub/security/AST-2009-001.html typo3<4.2.4 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001/ py{15,20,21,22,23,24,25,26,27,31}-moin<1.8.1 cross-site-scripting http://moinmo.in/SecurityFixes#moin1.8.1 roundcube<0.2.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0413 gitweb<1.5.6.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5516 gitweb<1.5.6.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5517 ganglia-monitor-core<3.1.2 remote-system-access http://secunia.com/advisories/33506/ xdg-utils<1.1.0rc1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0386 # N/A; see https://security-tracker.debian.org/tracker/CVE-2009-0068 #xdg-utils-[0-9]* remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0068 tnftpd<20081009 cross-site-scripting http://securityreason.com/achievement_securityalert/56 libmikmod<3.2.0 remote-denial-of-service http://secunia.com/advisories/33485/ devIL>=1.6.7<1.7.7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5262 tor<0.2.0.33 remote-denial-of-service http://secunia.com/advisories/33635/ ap{,2,22}-auth-mysql>=4<4.3.9nb1 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2384 gst-plugins0.10-good<0.10.12 remote-system-access http://trapkit.de/advisories/TKADV2009-003.txt gentoo-0.11.57nb1 insecure-temporary-files http://mail-index.netbsd.org/pkgsrc-changes/2009/01/25/msg017509.html ntp<4.2.4p6 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0021 dia-python<0.97.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5984 GraphicsMagick<1.3.5 remote-denial-of-service http://secunia.com/advisories/33697/ imp<4.3.3 cross-site-scripting http://secunia.com/advisories/33719/ horde<3.3.3 cross-site-scripting http://secunia.com/advisories/33695/ ffmpeg<20080727nb7 remote-user-shell http://www.trapkit.de/advisories/TKADV2009-004.txt netsaint-base-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages netsaint-plugins-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages netsaint-plugin-cluster-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages netsaint-plugin-snmp-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages bugzilla<2.22.7 abuse-of-functionality http://www.bugzilla.org/security/2.22.6/ bugzilla<2.22.7 cross-site-request-forgery http://www.bugzilla.org/security/2.22.6/ bugzilla>3.2<3.2.2 insufficiently-random-numbers http://www.bugzilla.org/security/3.0.7/ bugzilla>3.0<3.0.8 insufficiently-random-numbers http://www.bugzilla.org/security/3.0.7/ bugzilla>3.0<3.0.7 abuse-of-functionality http://www.bugzilla.org/security/2.22.6/ bugzilla>3.0<3.0.7 cross-site-request-forgery http://www.bugzilla.org/security/2.22.6/ sudo<1.7.0 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0034 squid<2.7 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages squid>=2.7<2.7.6 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2009_1.txt squid>=3.0<3.0.13 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2009_1.txt firefox3{,-bin}<3.0.6 remote-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-01.html firefox3{,-bin}<3.0.6 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-02.html firefox3{,-bin}<3.0.6 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-03.html firefox3{,-bin}<3.0.6 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-04.html firefox3{,-bin}<3.0.6 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-05.html firefox3{,-bin}<3.0.6 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-06.html seamonkey{,-bin,-gtk1}<1.1.15 remote-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-01.html seamonkey{,-bin,-gtk1}<1.1.15 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-02.html seamonkey{,-bin,-gtk1}<1.1.15 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-03.html seamonkey{,-bin,-gtk1}<1.1.15 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-04.html seamonkey{,-bin,-gtk1}<1.1.15 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-05.html seamonkey{,-bin,-gtk1}<1.1.15 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-06.html thunderbird{,-gtk1}<2.0.0.21 remote-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-01.html proftpd>=1.3.1<1.3.2 sql-injection http://secunia.com/advisories/33842/ typo3<4.2.6 information-disclosure http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/ typo3<4.2.6 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/ net-snmp<5.4.2.1nb1 information-disclosure http://secunia.com/advisories/33884/ evolution-data-server<2.24.4.1nb2 smime-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0547 varnish<2.0.1 denial-of-service http://secunia.com/advisories/33852/ tor<0.2.0.34 denial-of-service http://archives.seul.org/or/announce/Feb-2009/msg00000.html mediawiki<1.13.4 cross-site-scripting http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_13_4/phase3/RELEASE-NOTES wireshark>=0.99.0<1.0.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-07.html wireshark>=0.99.6<1.0.6 remote-user-shell http://www.wireshark.org/security/wnpa-sec-2009-01.html boinc-[0-9]* ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0126 mpack<1.6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1425 poppler<0.10.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0755 poppler<0.10.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0756 xine-lib<1.1.16.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5239 xine-lib<1.1.16.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5240 xine-lib<1.1.16.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0385 png<1.2.35 denial-of-service http://secunia.com/advisories/33970/ djbdns<1.05nb9 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4392 p5-HTTPD-User-Manage<1.63 cross-site-scripting http://jvn.jp/en/jp/JVN30451602/index.html mldonkey>=2.8.4<3.0.0 remote-file-access https://savannah.nongnu.org/patch/?6754 ns-flash<9.0.159 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-01.html acroread-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-01.html acroread5-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-01.html acroread7<7.1.1 arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-01.html acroread8<8.1.4 arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-01.html pngcrush<1.6.14 arbitrary-code-execution http://secunia.com/advisories/33976/ apache-tomcat>=5.5.10<5.5.21 information-disclosure http://tomcat.apache.org/security-5.html opensc<0.11.7 unauthorized-access http://secunia.com/advisories/34052/ php<5.2.9 multiple-vulnerabilities http://secunia.com/advisories/34081/ trickle>=1.07 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0415 optipng<0.6.2.1 arbitrary-code-execution http://secunia.com/advisories/34035/ squid<3.2.0.11 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0801 mldonkey>=2.8.4<2.9.7nb1 information-disclosure https://savannah.nongnu.org/bugs/?25667 curl<7.18.0nb4 remote-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037 curl>=7.19.0<7.19.4 remote-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037 opera<9.64 multiple-vulnerabilities http://secunia.com/advisories/34135/ libsndfile<1.0.17nb5 arbitrary-code-execution http://secunia.com/advisories/33980/ libsndfile>1.0.17nb5<1.0.19 arbitrary-code-execution http://secunia.com/advisories/33980/ wesnoth<1.5.11 arbitrary-code-execution https://gna.org/bugs/index.php?13048 mpfr<2.4.1 buffer-overflow http://secunia.com/advisories/34063/ firefox3{,-bin}<3.0.7 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-07.html firefox3{,-bin}<3.0.7 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-08.html firefox3{,-bin}<3.0.7 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-09.html firefox3{,-bin}<3.0.7 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-10.html firefox3{,-bin}<3.0.7 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-11.html seamonkey{,-bin,-gtk1}<1.1.15 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-07.html seamonkey{,-bin,-gtk1}<1.1.15 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-08.html seamonkey{,-bin,-gtk1}<1.1.15 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-09.html seamonkey{,-bin,-gtk1}<1.1.15 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-10.html seamonkey{,-bin,-gtk1}<1.1.15 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-11.html thunderbird{,-gtk1}<2.0.0.21 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-07.html thunderbird{,-gtk1}<2.0.0.21 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-08.html thunderbird{,-gtk1}<2.0.0.21 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-09.html thunderbird{,-gtk1}<2.0.0.21 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-10.html thunderbird{,-gtk1}<2.0.0.21 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-11.html ap{2,22}-modsecurity{,2}>2.5.0<2.5.8 denial-of-service http://sourceforge.net/project/shownotes.php?release_id=667538 ap{2,22}-modsecurity{,2}>2.5.0<2.5.9 denial-of-service http://sourceforge.net/project/shownotes.php?release_id=667542 asterisk>=1.6<1.6.0.6 denial-of-service http://downloads.digium.com/pub/security/AST-2009-002.html roundup<0.8.3 query-manipulation http://issues.roundup-tracker.org/issue2550521 #postgresql8[123]-server-[0-9]* information-disclosure http://archives.postgresql.org/pgsql-hackers/2009-02/msg00861.php py{15,20,21,22,23,24,25,26,27,31}-amkCrypto<2.0.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0544 wesnoth<1.5.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0366 icu<4.0 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1036 libsoup<2.24.0 heap-based-buffer-overflow http://www.ocert.org/advisories/ocert-2008-015.html evolution<2.22.0 heap-based-buffer-overflow http://www.ocert.org/advisories/ocert-2008-015.html evolution-data-server<2.24.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0587 ejabberd<2.0.4 script-insertion-attacks http://secunia.com/advisories/34340/ lcms<1.18 denial-of-service http://scary.beasts.org/security/CESA-2009-003.html weechat<0.2.6.1 denial-of-service http://secunia.com/advisories/34304/ glib2<2.20.0 heap-based-buffer-overflow http://www.ocert.org/advisories/ocert-2008-015.html gst-plugins0.10-base<0.10.22nb1 heap-based-buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0586 firefox3{,-bin}<3.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-12.html firefox3{,-bin}<3.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-13.html seamonkey{,-bin,-gtk1}<1.1.16 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-12.html asterisk>=1.2<1.2.32 information-leak http://downloads.digium.com/pub/security/AST-2009-003.html asterisk>=1.6<1.6.0.8 information-leak http://downloads.digium.com/pub/security/AST-2009-003.html clamav<0.95 denial-of-service http://secunia.com/advisories/34566/ bugzilla>=3.2<3.2.3 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1213 mapserver<4.10.4 multiple-vulnerabilities http://secunia.com/advisories/34520/ openssl<0.9.8k denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590 eog<2.25.91 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5983 mpg123{,-esound,-nas}>=1.0<1.7.2 arbitrary-code-execution http://secunia.com/advisories/34587/ ghostscript<8.64nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0196 clamav<0.95.1 denial-of-service http://secunia.com/advisories/34612/ amaya-[0-9]* arbitrary-code-execution http://secunia.com/advisories/34531/ jakarta-tomcat4>=4.0.0<4.0.7 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5519 jakarta-tomcat4>=4.1.0<4.1.37 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5519 jakarta-tomcat5>=5.0.0<5.0.31 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5519 apache-tomcat>=5.5.0<5.5.28 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5519 lcms<1.18nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0793 tunapie<2.1.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1253 tunapie<2.1.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1254 xine-lib<1.1.16.3 arbitrary-code-execution http://trapkit.de/advisories/TKADV2009-005.txt ap13-perl<1.29nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0796 ap{2,22}-perl<2.0.4nb5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0796 unrealircd<3.2.7nb2 denial-of-service http://forums.unrealircd.com/viewtopic.php?t=6204 ntp<4.2.4p7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0159 pptp>1.7.2 information-disclosure https://bugzilla.redhat.com/show_bug.cgi?id=492090 geeklog<1.5.2.2 sql-injection http://www.geeklog.net/article.php/geeklog-1.5.2sr2 geeklog<1.5.2.3 sql-injection http://www.geeklog.net/article.php/webservices-exploit ghostscript<8.64 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6679 ghostscript<8.64nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0583 ghostscript<8.64nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0584 ghostscript<8.64nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0792 wireshark>=0.99.2<1.0.7 arbitrary-code-execution http://www.wireshark.org/security/wnpa-sec-2009-02.html compiz-fusion-plugins-main<0.6.0nb2 local-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6514 ldns<1.5.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1086 phpmyadmin<2.11.9.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1150 phpmyadmin<2.11.9.5 code-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1151 mit-krb5<1.4.2nb8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0846 mit-krb5<1.4.2nb8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0847 sun-{jdk,jre}14<2.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1093 sun-{jdk,jre}15<5.0.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1093 sun-{jdk,jre}6<6.0.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1093 sun-{jdk,jre}14<2.19 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1094 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1094 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1094 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1095 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1095 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1096 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1096 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1097 sun-{jdk,jre}14<2.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1098 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1098 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1098 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1099 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1099 sun-{jdk,jre}15<5.0.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1100 sun-{jdk,jre}6<6.0.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1100 sun-{jdk,jre}6<6.0.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1101 sun-{jdk,jre}6<6.0.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1102 sun-{jdk,jre}14<2.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1103 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1103 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1103 sun-{jdk,jre}14<2.20 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1104 sun-{jdk,jre}15<5.0.18 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1104 sun-{jdk,jre}6<6.0.13 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1104 sun-{jdk,jre}15<5.0.18 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1107 sun-{jdk,jre}6<6.0.13 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1107 xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 xpdf<3.02pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 xpdf<3.02pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 xpdf<3.02pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 poppler<0.10.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 poppler<0.10.6 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 poppler<0.10.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 poppler<0.10.6 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 poppler<0.10.6 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 poppler<0.10.6 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 poppler<0.10.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 poppler<0.10.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1187 poppler<0.10.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188 ruby18-base<1.8.7.160 password-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558 ruby18-base<1.8.7.160 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 drupal>6<6.11 cross-site-scripting http://drupal.org/node/449078 drupal<5.17 cross-site-scripting http://drupal.org/node/449078 firefox3{,-bin}<3.0.9 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-14.html firefox3{,-bin}<3.0.9 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-15.html firefox3{,-bin}<3.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-16.html firefox3{,-bin}<3.0.9 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-17.html firefox3{,-bin}<3.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-18.html firefox3{,-bin}<3.0.9 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-19.html firefox3{,-bin}<3.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-20.html firefox3{,-bin}<3.0.9 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-21.html firefox3{,-bin}<3.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-22.html firefox3{,-bin}<3.0.10 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-23.html seamonkey{,-bin,-gtk1}<1.1.16 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-14.html seamonkey{,-bin,-gtk1}<1.1.15 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-15.html seamonkey{,-bin,-gtk1}<1.1.17 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-21.html seamonkey{,-bin,-gtk1}<2.0 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-16.html seamonkey{,-bin,-gtk1}<1.1.17 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-17.html seamonkey{,-bin,-gtk1}<2.0 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-18.html seamonkey{,-bin,-gtk1}<2.0 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-19.html seamonkey{,-bin,-gtk1}<2.0 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-22.html thunderbird{,-gtk1}<2.0.0.22 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-14.html thunderbird{,-gtk1}<2.0.0.21 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-15.html thunderbird{,-gtk1}<2.0.0.22 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-17.html libmodplug<0.8.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1438 freetype2<2.3.9nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0946 gnutls>=2.5.0<2.6.6 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1416 gnutls<2.6.6 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1417 cups<1.3.10 multiple-vulnerabilities http://secunia.com/advisories/34481/ py{15,20,21,22,23,24,25,26,27,31}-moin<1.8.2 cross-site-scripting http://secunia.com/advisories/34821/ imp<4.3.4 signature-spoofing http://secunia.com/advisories/34796/ ntop<3.3.9nb1 insecure-file-permissions http://secunia.com/advisories/34793/ opensc<0.11.8 insecure-key-generation http://www.opensc-project.org/pipermail/opensc-announce/2009-May/000025.html suse{,32}_openssl<11.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590 suse{,32}_openssl<11.3 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0591 suse{,32}_openssl<11.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0789 suse{,32}_freetype2<11.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0946 acroread7<7.1.2 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-06.html acroread8<8.1.5 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-06.html Transmission<1.53 cross-site-request-forgery http://secunia.com/advisories/34969/ Transmission-1.60 cross-site-request-forgery http://secunia.com/advisories/34969/ squirrelmail<1.4.18 multiple-vulnerabilities http://secunia.com/advisories/35073/ amule<2.2.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1440 drupal>5<5.18 cross-site-scripting http://drupal.org/node/461886 drupal>6<6.12 cross-site-scripting http://drupal.org/node/461886 p5-DBD-postgresql<2.0.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0663 p5-DBD-postgresql<2.0.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1341 cyrus-sasl<2.1.23 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0688 eggdrop<1.6.19nb1 denial-of-service http://archives.neohapsis.com/archives/fulldisclosure/2009-05/0129.html kdegraphics<3.5.10nb2 remote-system-access http://secunia.com/advisories/34754/ geeklog<1.5.2.4 sql-injection http://www.geeklog.net/article.php/geeklog-1.5.2sr4 apache>=2.2.0<2.2.11nb3 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191 plone3<3.2.2 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0662 file<5.03 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1515 py{15,20,21,22,23,24,25,26,27,31}-prewikka-[0-9]* sensitive-information-exposure http://secunia.com/advisories/34928/ memcached<1.2.8 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1255 cscope<15.7a remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0148 coccinelle<0.1.9 privilege-escalation http://secunia.com/advisories/35012/ ntp>=4<4.2.4p7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1252 openssl<0.9.8knb1 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377 openssl<0.9.8knb1 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378 openssl<0.9.8knb1 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379 pango<1.24 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1194 nsd<3.2.2 remote-system-access http://secunia.com/advisories/35165/ ipsec-tools<0.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1574 prelude-manager-[0-9]* sensitive-information-exposure http://secunia.com/advisories/34987/ quagga<0.99.12 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1572 wireshark>=0.8.20<1.0.8 remote-denial-of-service http://www.wireshark.org/security/wnpa-sec-2009-03.html pidgin<2.5.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1373 pidgin<2.5.6 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1374 pidgin<2.5.6 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1375 pidgin<2.5.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1376 gst-plugins0.10-png<0.10.15nb1 arbitrary-code-execution http://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=d9544bcc44adcef769cbdf7f6453e140058a3adc xvidcore<1.2.2 arbitrary-code-execution http://secunia.com/advisories/35274/ libsndfile<1.0.20nb1 denial-of-service http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530831 ImageMagick<6.5.2.9 arbitrary-code-execution http://secunia.com/advisories/35216/ apache>=2.2<2.2.11nb4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195 base<1.4.3.1 cross-site-scripting http://secureideas.cvs.sourceforge.net/viewvc/secureideas/base-php4/docs/CHANGELOG?r1=1.349&r2=1.346 base<1.4.3.1 cross-site-request-forgery http://secureideas.cvs.sourceforge.net/viewvc/secureideas/base-php4/docs/CHANGELOG?r1=1.349&r2=1.346 base<1.4.3.1 sql-injection http://secureideas.cvs.sourceforge.net/viewvc/secureideas/base-php4/docs/CHANGELOG?r1=1.349&r2=1.346 libsndfile<1.0.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1788 libsndfile<1.0.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1791 apache-tomcat>=6<6.0.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033 apache-tomcat>=6<6.0.20 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580 apache-tomcat>=6<6.0.20 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781 apache-tomcat>=6<6.0.20 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783 apache-tomcat>=5<5.5.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033 apache-tomcat>=5<5.5.28 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580 apache-tomcat>=5<5.5.28 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781 apache-tomcat>=5<5.5.28 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783 jakarta-tomcat4-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033 jakarta-tomcat4-[0-9]* information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580 jakarta-tomcat4-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781 jakarta-tomcat4-[0-9]* information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783 wxGTK2{4,6}-[0-9]* arbitrary-code-execution http://secunia.com/advisories/35292/ wxGTK28<2.8.10nb1 arbitrary-code-execution http://secunia.com/advisories/35292/ apr-util<1.3.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023 png<1.2.37 information-disclosure http://secunia.com/advisories/35346/ suse{,32}_libpng<11.3 information-disclosure http://secunia.com/advisories/35346/ ruby18-base<1.8.7.173 denial-of-service http://www.ruby-lang.org/en/news/2009/06/09/dos-vulnerability-in-bigdecimal/ acroread7<7.1.3 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-07.html acroread8<8.1.6 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-07.html p5-Compress-Raw-Zlib<2.017 denial-of-service http://secunia.com/advisories/35422/ xfig<3.2.5b privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1962 pdflib-lite<7.0.4p4 remote-system-access http://secunia.com/advisories/35180/ suse{,32}_openssl<11.3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377 suse{,32}_openssl<11.3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378 suse{,32}_openssl<11.3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379 py{15,20,21,22,23,24,25,26,27,31}-moin<1.8.4 remote-security-bypass http://secunia.com/advisories/35407/ scmgit-base<1.6.3.3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2108 rt<3.8.4 remote-security-bypass http://secunia.com/advisories/35451/ icu<4.0.1 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0153 firefox3{,-bin}<3.0.11 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-24.html firefox3{,-bin}<3.0.11 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-25.html firefox3{,-bin}<3.0.11 sensitive-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2009-26.html firefox3{,-bin}<3.0.11 sensitive-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2009-27.html firefox3{,-bin}<3.0.11 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-28.html firefox3{,-bin}<3.0.11 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-29.html firefox3{,-bin}<3.0.11 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-30.html firefox3{,-bin}<3.0.11 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-31.html firefox3{,-bin}<3.0.11 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-32.html thunderbird{,-gtk1}<2.0.0.22 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-24.html thunderbird{,-gtk1}<2.0.0.22 sensitive-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2009-27.html thunderbird{,-gtk1}<2.0.0.22 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-29.html thunderbird{,-gtk1}<2.0.0.22 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-32.html seamonkey{,-bin,-gtk1}<1.1.17 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-24.html seamonkey{,-bin,-gtk1}<1.1.17 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-25.html seamonkey{,-bin,-gtk1}<1.1.17 sensitive-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2009-26.html seamonkey{,-bin,-gtk1}<1.1.17 sensitive-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2009-27.html seamonkey{,-bin,-gtk1}<1.1.17 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-29.html seamonkey{,-bin,-gtk1}<1.1.17 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-31.html seamonkey{,-bin,-gtk1}<1.1.17 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-32.html pcsc-lite<1.5.4 denial-of-service http://secunia.com/advisories/35500/ php5-exif<5.2.10 denial-of-service http://secunia.com/advisories/35441/ ruby18-base<1.8.7.72nb3 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0642 jakarta-tomcat{4,5}-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages tiff<3.8.2nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2285 samba>=3.0.31<3.0.34nb2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888 drupal>5<5.19 multiple-vulnerabilities http://drupal.org/node/507572 drupal>6<6.13 multiple-vulnerabilities http://drupal.org/node/507572 nagios-base<3.1.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2288 xemacs<21.4.24 remote-system-access http://secunia.com/advisories/35348/ apache>=2.2<2.2.11nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890 apache>=2.2<2.2.11nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891 tor<0.2.0.35 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2425 tor<0.2.0.35 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2426 amsn-[0-9]* ssl-cert-spoofing http://secunia.com/advisories/35621/ pidgin<2.5.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1889 wxGTK-[0-9]* remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2369 amaya<11.3.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2369 p5-IO-Socket-SSL<1.26 remote-security-bypass http://secunia.com/advisories/35703/ ruby18-actionpack<2.3.2nb1 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2422 dillo<2.1.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2294 mysql-server<5.0.67nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2446 bugzilla>=3.1.1<3.2.4 remote-security-bypass http://www.bugzilla.org/security/3.2.3/ mimetex<1.71 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1382 mimetex<1.71 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2459 isc-dhclient>=4<4.1.0p1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692 isc-dhcp-client<3.1.2p1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692 mediawiki>=1.14<1.15.1 cross-site-scripting http://secunia.com/advisories/35818/ htmldoc<1.8.27nb2 remote-system-access http://secunia.com/advisories/35780/ tiff<3.9.4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2347 xmlsec1<1.2.12 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 xml-security-c<1.5.1 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 mono<2.4.2.2 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 sun-{jdk,jre}6<6.0.15 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 libmodplug<0.8.7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1513 gst-plugins0.10-bad<0.10.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1438 gst-plugins0.10-bad<0.10.11 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1513 kdegraphics-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0945 kdelibs-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1687 kdelibs-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1690 kdelibs-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1698 kdegraphics-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1709 p5-DBD-postgresql<2.0.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0663 p5-DBD-postgresql<2.0.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1341 wireshark<1.2.1 denial-of-service http://www.wireshark.org/security/wnpa-sec-2009-04.html squid>=3.0<3.0.18 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2009_2.txt squid>=3.1<3.1.0.13 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2009_2.txt pulseaudio<0.9.14nb3 local-root-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1894 firefox3{,-bin}<3.0.12 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-34.html firefox3{,-bin}<3.0.12 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-35.html firefox3{,-bin}<3.0.12 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-36.html firefox3{,-bin}<3.0.12 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-37.html firefox3{,-bin}<3.0.12 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-39.html firefox3{,-bin}<3.0.12 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-40.html wordpress<2.8.2 cross-site-scripting http://wordpress.org/development/2009/07/wordpress-2-8-2/ bind<9.4.3pl3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696 bind>=9.5.0<9.5.1pl3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696 bind>=9.6.0<9.6.1pl1 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696 py{15,20,21,22,23,24,25,26,27,31}-django<1.0.3 remote-file-view http://www.djangoproject.com/weblog/2009/jul/28/security/ bash-completion>10<20080705 command-injection http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=259987 webkit-gtk<1.1.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2419 suse{,32}_openssl<11.3 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 suse{,32}_openssl<11.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1386 suse{,32}_libcups<11.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 suse{,32}_gtk2<11.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1194 camlimages<3.0.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2295 py{15,20,21,22,23,24,25,26,27,31}-moin<1.9.0 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2265 python24<2.4.6 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5031 python25<2.5.4 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5031 adobe-flash-plugin<10.0.32.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1862 ns-flash<9.0.246.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1862 silc-client<1.1.8 arbitrary-code-execution http://www.silcnet.org/docs/changelog/SILC%20Client%201.1.8 wordpress<2.8.3 privilege-escalation http://wordpress.org/development/2009/08/wordpress-2-8-3-security-release/ apr-util<1.3.9 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 subversion-base<1.6.4 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2411 apr<0.9.19 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 apr>=1.0<1.3.8 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 GraphicsMagick<1.3.5nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1097 openexr<1.6.1nb1 heap-based-buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1720 openexr<1.6.1nb1 heap-based-buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1721 openexr<1.6.1nb1 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1722 vlc<0.8.6inb5 remote-system-access http://archives.neohapsis.com/archives/bugtraq/2009-07/0198.html vlc>=0.9<0.9.9anb2 remote-system-access http://archives.neohapsis.com/archives/bugtraq/2009-07/0198.html vlc>=1.0<1.0.0nb1 remote-system-access http://archives.neohapsis.com/archives/bugtraq/2009-07/0198.html mplayer<1.0rc10nb14 remote-system-access http://archives.neohapsis.com/archives/bugtraq/2009-07/0198.html firefox3{,-bin}<3.0.13 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2408 firefox3{,-bin}<3.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2404 firefox3{,-bin}<3.0.13 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2654 fetchmail<6.3.11 spoofing-attacks http://www.fetchmail.info/fetchmail-SA-2009-01.txt sun-{jdk,jre}14<2.22 multiple-vulnerabilities http://secunia.com/advisories/36159/ sun-{jdk,jre}15<5.0.20 multiple-vulnerabilities http://secunia.com/advisories/36159/ sun-{jdk,jre}6<6.0.15 multiple-vulnerabilities http://secunia.com/advisories/36159/ irssi<0.8.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1959 asterisk>=1.6.1<1.6.1.2 denial-of-service http://downloads.digium.com/pub/security/AST-2009-004.html kdelibs<3.5.10nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1725 firefox3{,-bin}<3.0.12 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-38.html firefox3{,-bin}<3.0.13 www-address-spoof http://www.mozilla.org/security/announce/2009/mfsa2009-44.html firefox3{,-bin}<3.0.13 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-45.html zope29<2.9.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0668 zope210<2.10.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0668 zope211<2.11.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0668 zope3<3.3.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0668 zope29<2.9.11 authentication-bypass http://cvw.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0669 zope210<2.10.9 authentication-bypass http://cvw.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0669 zope211<2.11.4 authentication-bypass http://cvw.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0669 zope3<3.3.3 authentication-bypass http://cvw.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0669 xerces-c<2.8.0nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1885 camlimages<3.0.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2660 asterisk>=1.6.1<1.6.1.4 denial-of-service http://downloads.digium.com/pub/security/AST-2009-005.html asterisk>=1.6.0<1.6.0.13 denial-of-service http://downloads.digium.com/pub/security/AST-2009-005.html wordpress<2.8.4 bypass-security-check http://wordpress.org/development/2009/08/2-8-4-security-release/ gnutls<2.8.2 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2730 viewvc<1.0.9 cross-site-scripting http://secunia.com/advisories/36292/ squirrelmail<1.4.20rc2 cross-site-scripting http://www.squirrelmail.org/security/issue/2009-08-12 curl<7.19.6 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2417 samba-3.0.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages libxml2<2.7.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2414 libxml2<2.7.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2416 libxml<1.8.17nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2414 libxml<1.8.17nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2416 p5-Compress-Raw-Bzip2<2.0.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1884 libvorbis<1.2.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2663 ntop<4.0.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2732 isc-dhcp-server<3.1.2p1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1892 cogito-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages asterisk>=1.2<1.2.35 denial-of-service http://downloads.digium.com/pub/security/AST-2009-006.html asterisk>=1.6.0<1.6.0.15 denial-of-service http://downloads.digium.com/pub/security/AST-2009-006.html asterisk>=1.6.1<1.6.1.6 denial-of-service http://downloads.digium.com/pub/security/AST-2009-006.html libspf2<1.2.9nb1 denial-of-service http://mail-index.netbsd.org/pkgsrc-changes/2009/09/08/msg029522.html expat<2.0.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 geeklog<1.5.2.5 remote-security-bypass http://www.geeklog.net/article.php/geeklog-1.6.0sr2 geeklog<1.5.2.5 cross-site-scripting http://www.geeklog.net/article.php/geeklog-1.6.0sr1 geeklog<1.5.2.5 remote-data-manipulation http://www.geeklog.net/article.php/geeklog-1.6.0sr1 neon<0.28.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2473 neon<0.28.6 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2474 squid<2.7.6nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2855 libpurple<2.5.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2694 libpurple-2.6.0{,nb[0-9]*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3025 libpurple<2.6.0 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3026 ikiwiki<3.1415926 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2944 opera<10.0 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3047 opera<10.0 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3046 opera<10.0 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3045 opera<10.0 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3044 opera<10.0 html-form-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3048 opera<10.0 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3049 wget<1.11.4nb1 ssl-cert-spoofing http://cve.circl.lu/cve/CVE-2009-3490 qt4-libs<4.5.2nb3 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2700 openoffice2{,-bin}<2.4.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0200 openoffice2{,-bin}<2.4.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0201 openoffice3{,-bin}<3.1.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0200 openoffice3{,-bin}<3.1.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0201 dnsmasq<2.50 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2957 dnsmasq<2.50 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2958 freeradius<1.1.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3111 rails<2.3.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3086 rails<2.3.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3009 libpurple>=2.5.2<2.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3085 libpurple>=2.6.0<2.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3084 libpurple<2.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3083 libpurple<2.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2703 apache<2.0.64 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 apache>=2.2.0<2.2.12nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 apache-2.2.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 kdelibs-3.[0-9]* ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2702 cyrus-imapd<2.2.13p1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2632 dovecot-sieve<1.1.7 arbitrary-code-execution http://www.dovecot.org/list/dovecot-news/2009-September/000135.html slic-server<1.1.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7159 slic-server<1.1.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7160 seamonkey{,-bin,-gtk1}<1.1.18 ssl-cert-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-42.html seamonkey{,-bin,-gtk1}<1.1.18 heap-overflow http://www.mozilla.org/security/announce/2009/mfsa2009-43.html thunderbird{,-gtk1}<2.0.0.23 ssl-cert-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-42.html thunderbird{,-gtk1}<2.0.0.23 heap-overflow http://www.mozilla.org/security/announce/2009/mfsa2009-43.html firefox<3.5.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-47.html xulrunner<1.9.1.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-47.html firefox3<3.0.14 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-47.html firefox<3.5.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-49.html xulrunner<1.9.1.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-49.html firefox3<3.0.14 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-49.html firefox<3.5.3 privilege-escalation http://www.mozilla.org/security/announce/2009/mfsa2009-51.html xulrunner<1.9.1.3 privilege-escalation http://www.mozilla.org/security/announce/2009/mfsa2009-51.html firefox3<3.0.14 privilege-escalation http://www.mozilla.org/security/announce/2009/mfsa2009-51.html xapian-omega<1.0.16 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2947 bugzilla<3.2.5 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3165 rt<3.8.5 script-insertion http://secunia.com/advisories/36752/ wireshark<1.0.9 multiple-vulnerabilities http://www.wireshark.org/security/wnpa-sec-2009-05.html wireshark<1.2.2 multiple-vulnerabilities http://www.wireshark.org/security/wnpa-sec-2009-06.html vlc<1.0.2 arbitrary-code-execution http://secunia.com/advisories/36762/ ffmpeg<20090611nb4 heap-overflow http://secunia.com/advisories/36760/ ffmpeg<0.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4631 ffmpeg<0.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4632 ffmpeg<0.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4633 ffmpeg<0.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4634 ffmpeg<0.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4635 ffmpeg<0.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4636 ffmpeg<0.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4637 ffmpeg<0.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4638 ffmpeg<0.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4639 ffmpeg<0.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4640 php<5.2.11 multiple-vulnerabilities http://www.php.net/releases/5_2_11.php nginx<0.5.38 buffer-underflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629 nginx>=0.6<0.6.39 buffer-underflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629 nginx>=0.7<0.7.62 buffer-underflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629 nginx>=0.8<0.8.15 buffer-underflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629 nginx<0.5.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3896 nginx>=0.6<0.6.39 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3896 nginx>=0.7<0.7.62 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3896 nginx>=0.8<0.8.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3896 fprot-workstation-bin-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages drupal>5<5.20 multiple-vulnerabilities http://drupal.org/node/579482 drupal>6<6.14 multiple-vulnerabilities http://drupal.org/node/579482 newt<0.52.11 denial-of-service http://secunia.com/advisories/36810/ merkaartor<0.15 privilege-escalation http://secunia.com/advisories/36897/ nginx<0.7.63 security-restrictions-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3898 nginx>=0.8<0.8.17 security-restrictions-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3898 samba<3.0.37 information-disclosure http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2948 samba<3.0.37 denial-of-service http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906 samba<3.0.37 privilege-escalation http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813 snort<2.8.5 denial-of-service http://secunia.com/advisories/36808/ thin<1.2.4 source-address-spoofing http://secunia.com/advisories/36825/ apache>=2.0<2.0.64 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095 apache>=2.2.0<2.2.13nb3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095 apache<1.3.42 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095 tkman-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5137 horde<3.3.5 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3236 horde<3.3.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3237 glib2<2.2.21 data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3289 puppet<0.24.9 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3564 xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603 xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604 xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606 xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 aria2<1.2.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3575 py{15,20,21,22,23,24,25,26,27,31}-django<1.0.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3695 py{15,20,21,22,23,24,25,26,27,31}-django>=1.1<1.1.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3695 unbound<1.3.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3602 py{15,20,21,22,23,24,25,26,27,31}-postgresql<4.0 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2940 gd<2.0.35nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546 php5-gd<5.2.11nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546 typo3<4.2.10 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-016/ asterisk>=1.6.1<1.6.1.8 security-restrictions-bypass http://downloads.digium.com/pub/security/AST-2009-007.html wireshark<1.2.3 remote-code-execution http://www.wireshark.org/security/wnpa-sec-2009-07.html firefox3-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages firefox<3.5.4 privacy-leak http://www.mozilla.org/security/announce/2009/mfsa2009-52.html firefox<3.5.4 insecure-temp-files http://www.mozilla.org/security/announce/2009/mfsa2009-53.html firefox<3.5.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-54.html firefox<3.5.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-55.html firefox<3.5.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-56.html firefox<3.5.4 privilege-escalation http://www.mozilla.org/security/announce/2009/mfsa2009-57.html firefox<3.5.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-59.html firefox<3.5.4 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-60.html firefox<3.5.4 local-filename-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-61.html firefox<3.5.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-62.html xulrunner<1.9.1.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefox3.5.4 proftpd<1.3.3 spoofing-attacks http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3639 bftpd<2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4593 opera<10.01 multiple-vulnerabilities http://secunia.com/advisories/37182/ acroread7<7.1.4 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-15.html acroread8<8.1.7 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-15.html wordpress<2.8.5 denial-of-service http://secunia.com/advisories/37088/ squidGuard<1.4nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3700 squidGuard-[0-9]* remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3826 snort<2.8.5.1 denial-of-service http://secunia.com/advisories/37135/ p5-HTML-Parser<3.63 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3627 seamonkey-{,-bin,-gtk1}<2.0 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-55.html seamonkey-{,-bin,-gtk1}<2.0 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-56.html seamonkey-{,-bin,-gtk1}<2.0 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-62.html asterisk<1.2.35 information-disclosure http://downloads.digium.com/pub/security/AST-2009-008.html asterisk>=1.6.0<1.6.0.17 information-disclosure http://downloads.digium.com/pub/security/AST-2009-008.html asterisk>=1.6.1<1.6.1.9 information-disclosure http://downloads.digium.com/pub/security/AST-2009-008.html asterisk>=1.6.1<1.6.1.9 cross-site-scripting http://downloads.digium.com/pub/security/AST-2009-009.html roundcube<0.3 cross-site-request-forgery http://secunia.com/advisories/37235/ openssl<0.9.8l man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 sun-{jdk,jre}14-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages sun-{jdk,jre}15-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gnutls<2.10.0 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 libwww<5.4.0nb7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 opera<10.10 multiple-vulnerabilities http://secunia.com/advisories/37469/ mysql-server<5.0.88 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4019 mysql-client<5.0.88 spoofing-attacks http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4028 php<5.2.11nb2 multiple-vulnerabilities http://secunia.com/advisories/37412/ php5-pear-Mail<1.1.14nb2 security-bypass http://secunia.com/advisories/37410/ opera<10.10 arbitrary-code-execution http://secunia.com/advisories/37431/ suse{,32}_openssl<11.3 session-hijack http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html cups<1.4.3 denial-of-service http://secunia.com/advisories/37364/ gimp<2.6.8 remote-system-access http://secunia.com/advisories/37348/ qt4-libs<4.5.3 multiple-vulnerabilities http://secunia.com/advisories/37396/ mpop<1.0.19 spoofing-attacks http://secunia.com/advisories/37312/ cups<1.4.2 cross-site-scripting http://secunia.com/advisories/37308/ gimp<2.6.8 remote-system-access http://secunia.com/advisories/37232/ libexif-0.6.18 denial-of-service http://secunia.com/advisories/37378/ wordpress<2.8.6 multiple-vulnerabilities http://secunia.com/advisories/37332/ bind>=9.0<9.4.3pl5 dns-cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097 bind>=9.5<9.5.2pl2 dns-cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097 bind>=9.6<9.6.1pl3 dns-cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097 libltdl<2.2.6b privilege-escalation http://secunia.com/advisories/37414/ ruby18-actionpack<2.3.5 cross-site-scripting http://secunia.com/advisories/37446/ kdelibs<3.5.10nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689 kdelibs>4<4.3.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689 rt<3.8.6 session-hijack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3585 asterisk<1.2.37 denial-of-service http://downloads.digium.com/pub/security/AST-2009-010.html asterisk>=1.6.0<1.6.0.19 denial-of-service http://downloads.digium.com/pub/security/AST-2009-010.html asterisk>=1.6.1<1.6.1.11 denial-of-service http://downloads.digium.com/pub/security/AST-2009-010.html sun-{jre,jdk}14<2.24 multiple-vulnerabilities http://secunia.com/advisories/37231/ sun-{jre,jdk}15<5.0.22 multiple-vulnerabilities http://secunia.com/advisories/37231/ sun-{jre,jdk}6<6.0.17 multiple-vulnerabilities http://secunia.com/advisories/37231/ libvorbis<1.2.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3379 apr<1.3.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2699 vmware-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages vmware-3.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages phpmyadmin<2.11.9.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3696 phpmyadmin<2.11.9.6 code-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3697 xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188 poppler<0.11.0 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604 poppler<0.11.0 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606 poppler<0.12.1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603 poppler-glib<0.12.1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3607 poppler<0.12.1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 poppler<0.12.1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 transfig<3.2.5nb2 arbitrary-code-execution http://secunia.com/advisories/37577/ xfig<3.2.5bnb5 arbitrary-code-execution http://secunia.com/advisories/37571/ libpurple<2.6.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3615 automake<1.11.1 insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4029 automake14<1.4.6nb1 insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4029 centerim<4.22.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4776 devIL<1.7.8nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3994 ntp<4.2.4p8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563 firefox<3.5.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-65.html firefox<3.5.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-66.html firefox<3.5.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-67.html firefox<3.5.6 ntlm-authentication-hijack http://www.mozilla.org/security/announce/2009/mfsa2009-68.html firefox<3.5.6 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-69.html firefox<3.5.6 privilege-escalation http://www.mozilla.org/security/announce/2009/mfsa2009-70.html firefox<3.5.6 privacy-leak http://www.mozilla.org/security/announce/2009/mfsa2009-71.html xulrunner<1.9.1.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefox3.5.6 seamonkey<2.0.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.1 drupal>5<5.21 cross-site-scripting http://drupal.org/node/661586 drupal>6<6.15 cross-site-scripting http://drupal.org/node/661586 typolight<2.6 security-bypass http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html typolight26<2.6.7nb3 security-bypass http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html typolight27<2.7.6 security-bypass http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html typolight28<2.8rc2 security-bypass http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html coreutils<6.12nb3 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4135 wireshark<1.2.5 remote-code-execution http://www.wireshark.org/security/wnpa-sec-2009-09.html gtk2+>2<2.18.5 denial-of-service https://bugzilla.gnome.org/show_bug.cgi?id=598476 ghostscript<8.70nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4270 php<5.2.11nb2 arbitrary-file-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3557 php<5.2.11nb2 arbitrary-fifo-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3558 php<5.2.11nb2 arbitrary-file-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4017 php<5.2.12 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4142 php<5.2.12 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4143 horde<3.3.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3701 kdegraphics<4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4035 kdelibs<3.5.10nb5 security-bypass http://www.kde.org/info/security/advisory-20091027-1.txt kdelibs>4<4.3.3 security-bypass http://www.kde.org/info/security/advisory-20091027-1.txt proftpd<1.3.2c man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 acroread-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-07.html acroread5-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-07.html acroread7-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-07.html acroread8-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-07.html sunbird-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689 thunderbird{,-gtk1}-2.[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689 spamassassin>=3.2.0<3.2.5nb4 denial-of-service https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6269 qt4-libs<4.5.3nb2 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2816 qt4-libs<4.5.3nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3384 xmlsec1<1.2.14 privilege-escalation http://secunia.com/advisories/37615/ adobe-flash-plugin<10.0.42.34 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb09-19.html ns-flash<9.0.260 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb09-19.html webmin<1.500 cross-site-scripting http://secunia.com/advisories/37648/ kdegraphics-3.[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4035 ampache<3.5.3 remote-security-bypass http://secunia.com/advisories/37867/ trac<0.11.6 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4405 ja-trac<0.11.5pl1nb1 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4405 php{5,53,54,55}-jpgraph-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4422 openttd<0.7.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4007 libpurple<2.6.5 remote-information-exposure http://secunia.com/advisories/37953/ ruby18-base<1.8.7.174nb3 escape-sequence-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4492 typo3<4.3.1 authentication-bypass http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-001/ libthai<0.1.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4012 powerdns-recursor<3.1.7.2 arbitrary-code-execution http://doc.powerdns.com/powerdns-advisory-2010-01.html powerdns-recursor<3.1.7.2 spoofing-attacks http://doc.powerdns.com/powerdns-advisory-2010-02.html Transmission<1.77 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0012 openssl<0.9.8lnb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4355 tnftpd<20091122 denial-of-service http://secunia.com/advisories/38098/ cherokee<0.99.32 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4489 phpmyadmin<2.11.10 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7251 phpmyadmin<2.11.10 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7252 phpmyadmin<2.11.10 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4605 lib3ds<2.0rc1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0280 tor<0.2.1.22 sensitive-information-exposure http://secunia.com/advisories/38198/ gzip<1.3.12nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2624 gzip<1.3.12nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0001 apache-tomcat<5.5.29 arbitrary-file-deletion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693 apache-tomcat<5.5.29 insecure-partial-deploy http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901 apache-tomcat<5.5.29 unexpected-file-deletion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902 apache-tomcat>=6<6.0.21 arbitrary-file-deletion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693 apache-tomcat>=6<6.0.21 insecure-partial-deploy http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901 apache-tomcat>=6<6.0.21 unexpected-file-deletion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902 zope29<2.9.12 cross-site-scripting http://secunia.com/advisories/38007/ zope210<2.10.11 cross-site-scripting http://secunia.com/advisories/38007/ zope211<2.11.6 cross-site-scripting http://secunia.com/advisories/38007/ mit-krb5<1.4.2nb9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4212 acroread7-[0-9]* multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb10-02.html acroread7-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages acroread8-[0-9]* multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb10-02.html acroread8-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages maildrop<2.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0301 wireshark>=0.9.0<1.2.6 denial-of-service http://www.wireshark.org/security/wnpa-sec-2010-01.html wireshark>=0.9.0<1.2.6 denial-of-service http://www.wireshark.org/security/wnpa-sec-2010-02.html apache<1.3.42 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0010 ircd-hybrid<7.2.3nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4016 fuse>=2.0<2.8.2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0789 samba<3.3.10 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0787 squid<2.7.7nb2 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_1.txt squid>=3.0<3.0.23 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_1.txt squid>=3.1<3.1.0.16 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_1.txt apache-1.3.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages puppet<0.24.9 local-file-write https://bugzilla.redhat.com/show_bug.cgi?id=502881 php5-pear-DB<1.7.8 sql-injection http://secunia.com/advisories/20231/ lighttpd<1.4.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0295 fetchmail<6.3.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0562 gmime<2.2.25nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0409 gmime24<2.4.15 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0409 GraphicsMagick<1.3.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1882 asterisk>=1.6.1<1.6.1.14 denial-of-service http://downloads.digium.com/pub/security/AST-2010-001.html asterisk>=1.6.2<1.6.2.2 denial-of-service http://downloads.digium.com/pub/security/AST-2010-001.html squid<2.7.7nb3 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_2.txt squid>=3.0<3.0.24 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_2.txt mysql-server>=5.0<5.0.90 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4484 RealPlayerGold<11.0.2 multiple-vulnerabilities http://service.real.com/realplayer/security/01192010_player/en/ bugzilla-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages bugzilla<3.2.6 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3989 typo3<4.3.2 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-004/ ejabberd<2.1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0305 libmikmod<3.2.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3995 libmikmod<3.2.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3996 nss<3.12.5 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 samba<3.3.11 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0926 chrony<1.23.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0292 chrony<1.23.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0293 chrony<1.23.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0294 gnome-screensaver<2.28.2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0414 opera<10.50 man-in-the-middle-attack http://secunia.com/advisories/38546/ netpbm<10.35.72 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4274 openoffice2{,-bin}-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages py{15,20,21,22,23,24,25,26,27,31}-moin<1.8.7 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0668 py{15,20,21,22,23,24,25,26,27,31}-moin<1.8.7 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0669 adobe-flash-plugin<10.0.45.2 remote-security-bypass http://www.adobe.com/support/security/bulletins/apsb10-06.html ns-flash<9.0.262 remote-security-bypass http://www.adobe.com/support/security/bulletins/apsb10-06.html sudo>=1.6.9<1.7.2p4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0426 sudo-1.6.[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0427 openoffice2-bin-[0-9]* signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 openoffice3-bin<3.2 signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 openoffice2{,-bin}-[0-9]* remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 openoffice3{,-bin}<3.2 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 openoffice2{,-bin}-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2949 openoffice3{,-bin}<3.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2949 openoffice2{,-bin}-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2950 openoffice3{,-bin}<3.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2950 openoffice2{,-bin}-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3301 openoffice3{,-bin}<3.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3301 openoffice2{,-bin}-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3302 openoffice3{,-bin}<3.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3302 curl>=7.10.5<7.20.0 denial-of-service http://secunia.com/advisories/38427/ dillo<2.2 sensitive-information-exposure http://secunia.com/advisories/38569/ gnome-screensaver<2.28.3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0422 libpurple<2.6.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0277 libpurple<2.6.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0420 pidgin<2.6.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0423 asterisk>=1.6.1<1.6.1.17 denial-of-service http://downloads.digium.com/pub/security/AST-2010-003.html asterisk>=1.6.2<1.6.2.5 denial-of-service http://downloads.digium.com/pub/security/AST-2010-003.html thunderbird>=3<3.0.1 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-65.html thunderbird>=3<3.0.1 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-66.html thunderbird>=3<3.0.1 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-67.html firefox<3.5.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-01.html firefox>=3.5<3.5.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-02.html firefox<3.5.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-03.html firefox<3.5.8 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2010-04.html firefox<3.5.8 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2010-05.html xulrunner<1.9.1.8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefox3.5.8 seamonkey<2.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-01.html seamonkey<2.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-02.html seamonkey<2.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-03.html seamonkey<2.0.3 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2010-04.html seamonkey<2.0.3 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2010-05.html thunderbird<3.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-01.html thunderbird<3.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-03.html php<5.2.13 remote-security-bypass http://secunia.com/advisories/38708/ gnome-screensaver<2.28.1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4641 openldap-client<2.4.18 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3767 drupal>5<5.22 multiple-vulnerabilities http://drupal.org/node/731710 drupal>6<6.16 multiple-vulnerabilities http://drupal.org/node/731710 png<1.2.43 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205 cups<1.4.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0393 mediawiki<1.15.2 security-restrictions-bypass http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html opera<10.51 arbitrary-code-execution http://secunia.com/advisories/38820/ apache>=2.2<2.2.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408 apache>=2.2<2.2.15 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434 apache-2.0.[0-9]* sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434 dovecot>=1.2<1.2.11 denial-of-service http://www.dovecot.org/list/dovecot-news/2010-March/000152.html gtar-base<1.23 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0624 gcpio<2.6nb6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0624 vlc<1.0.6 arbitrary-code-execution http://secunia.com/advisories/38853/ lshell<0.9.10 security-bypass http://secunia.com/advisories/38879/ samba<3.3.12 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0728 spamass-milter<0.3.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1132 viewvc<1.0.10 cross-site-scripting http://secunia.com/advisories/38895/ unbound<1.4.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0969 ikiwiki<3.20100312 cross-site-scripting http://secunia.com/advisories/38983/ Transmission<1.92 remote-system-access http://secunia.com/advisories/39031/ seamonkey{,-bin}<1.1.19 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-49.html seamonkey{,-bin}<1.1.19 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-59.html seamonkey{,-bin}<1.1.19 ntlm-authentication-hijack http://www.mozilla.org/security/announce/2009/mfsa2009-68.html seamonkey{,-bin}<1.1.19 remote-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2010-06.html seamonkey{,-bin}<1.1.19 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-07.html m4<1.4.14 insecure-file-permissions http://secunia.com/advisories/38707/ nss<3.12.3 ssl-cert-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-42.html nss<3.12.3 heap-overflow http://www.mozilla.org/security/announce/2009/mfsa2009-43.html openssl<0.9.8mnb1 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245 spice-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages seamonkey{,-bin}-1.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages dpkg<1.14.29 remote-manipulation-data http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0396 heimdal<1.3.2 denial-of-service http://secunia.com/advisories/39037/ openssl<0.9.8mnb2 denial-of-service http://www.openssl.org/news/secadv_20100324.txt php5-xmlrpc<5.2.13nb1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0397 php53-xmlrpc<5.3.2nb1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0397 pango<1.26.2nb2 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0421 deliver-[0-9]* insecure-lock-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0439 deliver-[0-9]* insecure-lock-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1123 ctorrent-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ctorrent-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1759 sun-{jre,jdk}6<6.0.19 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0847 firefox<3.6.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2010/mfsa2010-25.html libnids<1.24 denial-of-service http://freefr.dl.sourceforge.net/project/libnids/libnids/1.24/libnids-1.24.releasenotes.txt py{15,20,21,22,23,24,25,26,27,31}-moin<1.9.3 script-insertion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0828 firefox<3.0.19 arbitrary-code-execution http://secunia.com/advisories/39240/ firefox<3.5.9 arbitrary-code-execution http://secunia.com/advisories/39136/ seamonkey{,-bin}<2.0.4 arbitrary-code-execution http://secunia.com/advisories/39243/ trac<0.11.7 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2010-5108 ja-trac<0.11.7pl1 security-bypass http://secunia.com/advisories/39123/ viewvc<1.0.11 cross-site-scripting http://secunia.com/secunia_research/2010-26/ thunderbird<3.0.4 arbitrary-code-execution http://secunia.com/advisories/39242/ expat<2.0.1nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560 typo3>=4.3.0<4.3.3 remote-code-execution http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-008/ hamlib<1.2.11 privilege-escalation http://secunia.com/advisories/39299/ kdebase<4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0436 kdebase-workspace<4.3.5nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0436 sun-{jre,jdk}6<6.0.20 arbitrary-code-execution http://www.kb.cert.org/vuls/id/886582 teTeX-bin<3.0nb24 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0739 dvipsk<5.98nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0739 nano<2.2.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1160 nano<2.2.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1161 irssi<0.8.15 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1155 irssi<0.8.15 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1156 sudo<1.7.2p6 arbitrary-command-execution http://www.sudo.ws/sudo/alerts/sudoedit_escalate2.html erlang<13.2.3nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2371 memcached<1.4.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1152 clamav<0.96 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0098 clamav<0.96 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1311 abcm2ps<5.9.12 remote-system-access http://secunia.com/advisories/39345/ mediawiki<1.15.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1150 suse{,32}_openssl<11.3 man-in-the-middle-attack http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00000.html mysql-server>=5.1<5.1.45 denial-of-service http://secunia.com/advisories/39454/ p5-Crypt-OpenSSL-DSA<0.13nb6 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0129 mit-krb5>=1.7<1.8.2 remote-system-access http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-004.txt vlc>0.5<1.0.6 arbitrary-command-execution http://www.videolan.org/security/sa1003.html libesmtp<1.0.6 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1192 libesmtp<1.0.6 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1194 apache-tomcat<5.5.30 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157 apache-tomcat>=6<6.0.27 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157 smalltalk<3.1nb6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 apache-tomcat<6.0.30 cross-site-request-forgery http://secunia.com/advisories/39261/ wordpress-2.* sensitive-information-exposure http://secunia.com/advisories/39040/ gcc44<4.4.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 gcc34<3.4.6nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 gcc3-java-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 qt4-libs<4.6.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0046 qt4-libs<4.6.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0049 qt4-libs<4.6.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0050 qt4-libs<4.6.3 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0051 qt4-libs<4.6.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0052 qt4-libs<4.6.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0054 memcached<1.4.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2415 postgresql82-server<8.2.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0442 postgresql83-server<8.3.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0442 postgresql84-server<8.4.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0442 typolight<2.6 multiple-vulnerabilities http://www.typolight.org/news/items/consolidated-security-update.html typolight26<2.6.7nb3 multiple-vulnerabilities http://www.typolight.org/news/items/consolidated-security-update.html typolight27<2.7.7 multiple-vulnerabilities http://www.typolight.org/news/items/consolidated-security-update.html typolight28<2.8.3 multiple-vulnerabilities http://www.typolight.org/news/items/consolidated-security-update.html fetchmail<6.3.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1167 wireshark<1.2.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2010-04.html dvipng<1.12nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0829 openttd<1.0.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0402 pcre<8.0.2 denial-of-service http://secunia.com/advisories/39738/ gnustep-base<1.20.0 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1620 gnustep-base<1.20.0 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1457 ghostscript<8.71 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1869 modular-xorg-server<1.6.5nb11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1166 p5-POE-Component-IRC<6.32 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3438 mysql-server>=5.0<5.0.91 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1848 mysql-server>=5.1<5.1.47 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1848 mysql-server>=5.0<5.0.91 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1849 mysql-server>=5.1<5.1.47 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1849 mysql-server>=5.0<5.0.91 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1850 mysql-server>=5.1<5.1.47 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1850 libtheora<1.1.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3389 aria2<1.9.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1512 kdenetwork4<4.3.5nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1000 kdenetwork4<4.3.5nb2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1511 libpurple<2.7.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1624 geeklog<1.6.1.1 remote-data-manipulation http://www.geeklog.net/article.php/geeklog-1.6.1sr1 mysql-client>=5.0<5.0.90 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4484 lftp<4.0.6 security-bypass http://www.ocert.org/advisories/ocert-2010-001.html postgresql82-server<8.2.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1169 postgresql82-server<8.2.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1170 postgresql83-server<8.3.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1169 postgresql83-server<8.3.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1170 postgresql84-server<8.4.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1169 postgresql84-server<8.4.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1170 mit-krb5<1.4.2nb10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321 clamav<0.96.1 denial-of-service http://secunia.com/advisories/39895/ libprelude<1.0.0 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 mediawiki<1.15.4 cross-site-scripting http://secunia.com/advisories/39922/ heimdal<1.3.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321 html2ps<1.0b6 sensitive-information-exposure http://secunia.com/advisories/39957/ exim<4.72 privilege-escalation http://secunia.com/advisories/40019/ openssl<0.9.8o multiple-vulnerabilities http://www.openssl.org/news/secadv_20100601.txt openssl>=1.0.0<1.0.0a multiple-vulnerabilities http://www.openssl.org/news/secadv_20100601.txt camlimages<3.2.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3296 sudo<1.7.2p7 command-injection http://www.sudo.ws/sudo/alerts/secure_path.html py{15,20,21,22,23,24,25,26,27,31}-moin<1.9.3 cross-site-scripting http://moinmo.in/MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg abcm2ps<5.9.13 arbitrary-code-execution http://secunia.com/advisories/40033/ gnutls<1.4.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7239 bftpd<2.9 privilege-escalation http://secunia.com/advisories/40014/ rpm<4.8.1 privilege-escalation http://secunia.com/advisories/40028/ adobe-flash-plugin<10.1 arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa10-01.html freeciv-server<2.2.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2445 openoffice3-bin<3.2.1 man-in-the-middle-attack http://www.openoffice.org/security/cves/CVE-2009-3555.html openoffice3{,-bin}<3.2.1 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2010-0395.html teTeX-bin<3.0nb24 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1440 dvipsk<5.98nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1440 php>=5.3<5.3.3 multiple-vulnerabilities http://secunia.com/advisories/39573/ php<5.2.14 multiple-vulnerabilities http://secunia.com/advisories/39675/ php>=5.3<5.3.3 multiple-vulnerabilities http://secunia.com/advisories/39675/ wireshark<1.2.9 multiple-vulnerabilities http://www.wireshark.org/security/wnpa-sec-2010-06.html ghostscript<8.71nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1628 apache>=2.2.9<2.2.15nb3 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2068 isc-dhcpd<4.1.1p1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2156 tiff<3.9.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1411 bozohttpd>=20090522<20100617 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2195 bozohttpd<20100617 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2320 samba<3.0.37nb4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2063 samba>=3.3.0<3.3.13 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2063 plone25-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2422 plone3-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2422 opera<10.54 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2421 suse{,32}_krb5<11.3 unknown-impact http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html suse{,32}_openssl<11.3 unknown-impact http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html suse{,32}_libpng<11.3 unknown-impact http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html cups<1.4.3nb6 multiple-vulnerabilities http://cups.org/articles.php?L596 python24-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 python25<2.5.5nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 python26<2.6.4nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 python26-2.6.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 python27<2.7.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 python31<3.1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 moodle<1.9.9 cross-site-scripting http://secunia.com/advisories/40248/ firefox<3.6.7 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1206 sendmail<8.14.4 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4565 w3m<0.5.2nb5 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2074 w3m-img<0.5.2nb5 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2074 unrealircd<3.2.8.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4893 adobe-flash-plugin<9.0.277.0 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-14.html adobe-flash-plugin>=10.0<10.1.53.64 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-14.html {firefox-bin,seamonkey-bin,ns}-flash<9.0.277.0 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-14.html {firefox-bin,seamonkey-bin,ns}-flash<10.1.53.64 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-14.html perl<5.10.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1168 perl<5.10.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1447 irrtoolset-nox11-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages seamonkey{,-bin}<2.0.5 multiple-vulnerabilities http://secunia.com/advisories/40326/ firefox<3.6.4 multiple-vulnerabilities http://secunia.com/advisories/40309/ thunderbird<3.0.5 multiple-vulnerabilities http://secunia.com/advisories/40323/ bugzilla<3.2.7 security-bypass http://secunia.com/advisories/40300/ konversation<1.2.3 denial-of-service http://secunia.com/advisories/38711/ xmlrpc-c-ss<1.06.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560 xmlrpc-c-ss<1.06.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 ufoai<2.3 remote-system-access http://secunia.com/advisories/40321/ squirrelmail<1.4.21 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1637 tiff<3.9.4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2067 png<1.4.3 remote-system-access http://secunia.com/advisories/40302/ suse{,32}_libpng<11.3 remote-system-access http://secunia.com/advisories/40302/ mysql-server>=5.1<5.1.48 denial-of-service http://secunia.com/advisories/40333/ mDNSResponder<108nb2 unknown-impact http://www.vuxml.org/freebsd/1cd87e2a-81e3-11df-81d8-00262d5ed8ee.html qt4-libs<4.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2621 opera<10.60 information-disclosure http://secunia.com/advisories/40375/ tiff<3.9.4nb1 denial-of-service http://secunia.com/advisories/40422/ suse{,32}_libtiff<12.1 denial-of-service http://secunia.com/advisories/40422/ py{15,20,21,22,23,24,25,26,27,31}-Paste<1.7.4 cross-site-scripting http://secunia.com/advisories/40408/ xulrunner<1.9.2.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.4 php<5.2.14 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2225 php>=5.3.0<5.3.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2225 bind>=9.0<9.4.3pl4 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 bind>=9.5<9.5.2pl1 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 bind>=9.6<9.6.1pl2 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 freeciv-server<2.3.2nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-5645 roundup<1.4.14 cross-site-scripting http://secunia.com/advisories/40433/ bogofilter<1.2.2 denial-of-service http://secunia.com/advisories/40427/ avahi<0.6.26 denial-of-service http://secunia.com/advisories/40470/ suse{,32}<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_alsa<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_aspell<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_base<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_compat<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_expat<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_fontconfig<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_freetype2<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_gdk-pixbuf<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_glx<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_gtk<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_gtk2<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_krb5<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libcups<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libidn<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libjpeg<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libpng<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libsigc++2<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libtiff<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libxml2<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_locale<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openmotif<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openssl<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_qt3<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_resmgr<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_slang<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_vmware<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_x11<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby-base19>=1.9<1.9.1-p429 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2489 gv<3.7.0 privilege-escalation http://secunia.com/advisories/40475/ ghostscript<8.71nb6 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2055 bind>=9.7.1<9.7.1pl2 denial-of-service http://www.isc.org/software/bind/advisories/cve-2010-0213 mono-xsp<2.6.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1459 pango<1.27.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0421 freetype2<2.4.0 remote-system-access http://secunia.com/advisories/40586/ postgresql8{0,1}{,-server,-client}<8.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages vte<0.24.3 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0070 vte<0.24.3 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2713 openldap-server<2.4.23 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0211 openldap-server<2.4.23 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0212 pulseaudio<0.9.21nb3 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1299 firefox<3.6.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.7 xulrunner<1.9.2.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.7 seamonkey<2.0.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.6 thunderbird>=3.1<3.1.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird31.html#thunderbird3.1.1 thunderbird<3.0.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird30.html#thunderbird3.0.6 ocaml-mysql<1.1.0 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2942 qemu<0.12.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0741 libpurple<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2528 openttd<1.0.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2534 qt4-libs<4.7.2 denial-of-service http://secunia.com/advisories/40588/ squirrelmail<1.4.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2813 php<5.2.14 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2531 php>=5.3.0<5.3.3 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2531 dovecot>=1.2<1.2.13 access-validation-bypass http://www.dovecot.org/list/dovecot-news/2010-July/000163.html apache>=2.0<2.0.64 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452 apache>=2.2<2.2.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452 typo3<4.3.4 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-012/ typo3>=4.4.0<4.4.1 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-012/ gnupg2<2.0.14nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2547 bozohttpd<20100621 remote-security-bypass http://secunia.com/advisories/40737/ mediawiki<1.15.5 multiple-vulnerabilities http://secunia.com/advisories/40740/ firefox<3.6.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2010/mfsa2010-48.html cabextract<1.3 denial-of-service http://secunia.com/advisories/40719/ gdm<2.20.11 information-disclosure https://bugzilla.gnome.org/show_bug.cgi?id=571846 socat<1.7.1.3 remote-system-access http://secunia.com/advisories/40806/ mantis<1.2.2 cross-site-scripting http://secunia.com/advisories/40812/ mapserver<5.6.4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2539 mapserver<5.6.4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2540 wireshark<1.2.10 remote-code-execution http://www.wireshark.org/security/wnpa-sec-2010-08.html citrix_ica<11.100 arbitrary-code-execution http://secunia.com/advisories/40808/ wget<1.12nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2252 mantis<1.2.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2574 freetype2<2.4.2 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1797 bugzilla-3.0* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages bugzilla>=2.19.1<3.2.8 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2756 bugzilla>=3.3.1<3.4.8 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2756 bugzilla>=3.5.1<3.6.2 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2756 bugzilla>=3.7<3.7.3 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2756 bugzilla>=2.22rc1<3.2.8 notification-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2757 bugzilla>=3.3.1<3.4.8 notification-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2757 bugzilla>=3.5.1<3.6.2 notification-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2757 bugzilla>=3.7<3.7.3 notification-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2757 bugzilla>=2.17.1<3.2.8 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2758 bugzilla>=3.3.1<3.4.8 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2758 bugzilla>=3.5.1<3.6.2 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2758 bugzilla>=3.7<3.7.3 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2758 bugzilla>=2.23.1<3.2.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2759 bugzilla>=3.3.1<3.4.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2759 bugzilla>=3.5.1<3.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2759 bugzilla>=3.7<3.7.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2759 cabextract<1.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2801 acroread8-[0-9]* remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2862 openoffice3{,-bin}<3.3 arbitrary-code-execution http://secunia.com/advisories/40775/ openssl<0.9.8onb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939 win32-codecs-[0-9]* arbitrary-code-execution http://secunia.com/advisories/40936/ win32-codecs-[0-9]* remote-system-access http://secunia.com/advisories/40934/ glpng<1.46 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1519 dbus-glib<0.88 local-security-bypass http://secunia.com/advisories/40908/ adobe-flash-plugin<9.0.280 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-16.html adobe-flash-plugin>=10.0<10.1.82.76 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-16.html {firefox-bin,seamonkey-bin,ns}-flash<9.0.280 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-16.html {firefox-bin,seamonkey-bin,ns}-flash<10.1.82.76 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-16.html drupal>5<5.23 multiple-vulnerabilities http://drupal.org/node/731710 drupal>6<6.18 multiple-vulnerabilities http://drupal.org/node/731710 opera<10.61 remote-system-access http://secunia.com/advisories/40120/ ruby18-base<1.8.7.174nb6 cross-site-scripting http://secunia.com/advisories/41003/ ruby{,-base,14,14-base,16,16-base}<1.8 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ssmtp<2.63 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7258 openjdk7-icedtea-plugin<1.13 multiple-vulnerabilities http://blog.fuseyism.com/index.php/2010/07/29/icedtea7-113-released/ phpmyadmin<2.11.10.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3055 phpmyadmin<2.11.10.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3056 PAM<1.1.1 privilege-escalation http://secunia.com/advisories/40978/ mysql-server>=5.1<5.1.49 multiple-vulnerabilities http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html libgdiplus<2.6nb1 remote-system-access http://secunia.com/advisories/40792/ quagga<0.99.17 remote-system-access http://secunia.com/advisories/41038/ squid>=3.1.5.1<3.1.7 denial-of-service http://bugs.squid-cache.org/show_bug.cgi?id=3021 kdegraphics>=4.3.0 remote-system-access http://secunia.com/advisories/40952/ fuse-encfs<1.7 multiple-vulnerabilities http://secunia.com/advisories/41158/ qt4-libs<4.7.0rc1 ssl-certificate-spoofing http://secunia.com/advisories/41236/ nss<3.12.8 ssl-certificate-spoofing http://secunia.com/advisories/41237/ firefox<3.6.11 ssl-certificate-spoofing http://secunia.com/advisories/41244/ koffice-[0-9]* arbitrary-code-execution http://secunia.com/advisories/40966/ p5-libwww<5.835 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2253 corkscrew-[0-9]* buffer-overflow http://people.freebsd.org/~niels/issues/corkscrew-20100821.txt mantis<1.2.3 cross-site-scripting http://secunia.com/advisories/41278/ zope210<2.10.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3198 zope211<2.11.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3198 squid>=3.0<3.1.8 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_3.txt xulrunner<1.9.2.9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.9 firefox<3.6.9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.9 thunderbird>=3.1<3.1.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird31.html#thunderbird3.1.3 thunderbird<3.0.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird30.html#thunderbird3.0.7 seamonkey<2.0.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.7 horde<3.3.9 cross-site-scripting http://secunia.com/advisories/41283/ sudo<1.7.4p4 local-security-bypass http://secunia.com/advisories/41316/ apache-tomcat<5.5.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227 apache-tomcat>=6<6.0.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227 mednafen<0.8.13 buffer-overflow http://secunia.com/advisories/41337/ samba>=3.3.0<3.3.14 buffer-overrun http://www.samba.org/samba/security/CVE-2010-3069.html mailscanner-[0-9]* denial-of-service http://secunia.com/advisories/41384/ adobe-flash-plugin<10.1.82.76 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884 ns-flash<10.1.82.76 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884 seamonkey-bin-flash<10.1.82.76 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884 firefox-bin-flash<10.1.82.76 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884 mailman<2.1.12nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3089 python26<2.6.6nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3492 bozohttpd<20100920 remote-file-view http://eterna.com.au/bozohttpd/ wireshark<1.4.0 denial-of-service http://secunia.com/advisories/41535/ bzip2<1.0.6 remote-system-access http://cve.circl.lu/cve/CVE-2010-0405 clamav<0.96.3 remote-system-access http://secunia.com/advisories/41503/ poppler<0.14.2nb1 remote-system-access http://secunia.com/advisories/41596/ scmgit-base<1.7.0.7 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2542 scmgit-base>=1.7.1<1.7.1.2 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2542 scmgit-base>=1.7.2<1.7.2.1 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2542 dovecot>=1.2.8<1.2.15 weak-acl-enforcement http://www.dovecot.org/list/dovecot-news/2010-October/000177.html imp<4.3.8 cross-site-scripting http://secunia.com/advisories/41627/ bind>=9.7.0<9.7.2pl2 remote-security-bypass http://www.isc.org/software/bind/advisories/cve-2010-0218 py{26,27,34,35,36}-mercurial<1.6.4 remote-spoofing http://secunia.com/advisories/41674/ ffmpeg<20100927 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429 gmplayer<1.0rc20100913nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429 mencoder<1.0rc20100913nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429 mplayer<1.0rc20100913nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429 typo3<4.4.4 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-020/ suse{,32}_openssl<11.3nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939 mysql-server<5.1.50 arbitrary-code-execution http://dev.mysql.com/doc/refman/5.1/en/news-5-1-50.html mysql-server<5.1.51 multiple-vulnerabilities http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html apr-util<1.3.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623 apr-util<1.3.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560 apr-util<1.3.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 ap{2,22}-subversion>=1.5<1.5.8 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3315 ap{2,22}-subversion>=1.6<1.6.13 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3315 xpdf<3.02pl4nb3 remote-system-access http://secunia.com/advisories/41709/ php<5.2.14nb1 denial-of-service http://secunia.com/advisories/41724/ php>=5.3.0<5.3.3nb1 denial-of-service http://secunia.com/advisories/41724/ opera<10.63 multiple-vulnerabilities http://secunia.com/advisories/41740/ kdegraphics<3.5.10nb9 remote-system-access http://secunia.com/advisories/41727/ sun-j{re,dk}6<6.0.22 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html gnome-subtitles<1.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3357 postgresql90-plperl<9.0.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql90-pltcl<9.0.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql84-plperl<8.4.5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql84-pltcl<8.4.5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql83-plperl<8.3.12 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql83-pltcl<8.3.12 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql82-plperl<8.2.18 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql82-pltcl<8.2.18 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql82{,-server,-client,-adminpack,-plperl,-plpython,-pltcl,-tsearch2}-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages monotone-server<0.48.1 denial-of-service http://secunia.com/advisories/41960/ moodle<1.9.10 multiple-vulnerabilities http://secunia.com/advisories/41980/ libpurple<2.7.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3711 firefox<3.6.12 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3765 thunderbird<3.1.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3765 cvs<1.12.13 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3846 webkit-gtk<1.2.5 multiple-vulnerabilities http://secunia.com/advisories/41871/ freetype2<2.4.3nb1 buffer-overflow http://secunia.com/advisories/41738/ suse{,32}_freetype2<11.3nb2 buffer-overflow http://secunia.com/advisories/44008/ libsmi<0.4.8nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2891 python26<2.6.6nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3493 adobe-flash-plugin<10.1.102.64 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654 ns-flash<10.1.102.64 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654 seamonkey-bin-flash<10.1.102.64 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654 firefox-bin-flash<10.1.102.64 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654 mono<2.8.1 information-disclosure http://secunia.com/advisories/41919/ suse{,32}_freetype2<11.3nb1 arbitrary-code-execution http://secunia.com/advisories/41958/ gnucash<2.2.9nb10 privilege-escalation http://secunia.com/advisories/42048/ proftpd<1.3.3c remote-system-access http://secunia.com/advisories/42052/ PAM<1.1.3 privilege-escalation http://secunia.com/advisories/42088/ bugzilla<3.2.9 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3172 bugzilla>=3.3<3.4.9 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3172 bugzilla>=3.5<3.6.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3172 bugzilla>=3.7<4.0rc1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3172 bugzilla>=2.12<3.2.9 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3764 bugzilla>=3.3<3.4.9 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3764 bugzilla>=3.5<3.6.3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3764 bugzilla>=3.7<4.0rc1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3764 bugzilla>=3.7.1<4.0rc1 cross-site-scripting http://secunia.com/advisories/41955/ isc-dhcpd>=4<4.0.2 denial-of-service http://secunia.com/advisories/42082/ isc-dhcpd>=4.1<4.1.2 denial-of-service http://secunia.com/advisories/42082/ isc-dhcpd>=4.2<4.2.0p1 denial-of-service http://secunia.com/advisories/42082/ acroread8-[0-9]* arbitrary-code-execution http://secunia.com/advisories/42095/ acroread9<9.4.1 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb10-28.html mysql-server<5.1.52 denial-of-service http://secunia.com/advisories/42097/ cups<1.4.3nb10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2941 php>=5.3.0<5.3.3nb1 sensitive-information-exposure http://secunia.com/advisories/42135/ seamonkey<2.0.9 multiple-vulnerabilities http://secunia.com/advisories/41923/ mono<2.8nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4159 wireshark<1.4.2 remote-user-shell http://www.wireshark.org/security/wnpa-sec-2010-14.html openssl<0.9.8p remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864 suse{,32}_openssl<11.3nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864 eclipse-[0-9]* cross-site-scripting http://secunia.com/advisories/42236/ ap{2,22}-fcgid<2.3.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3872 libtlen<20041113nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 apache-tomcat>=6.0.12<6.0.30 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172 horde<3.3.11 cross-site-scripting http://secunia.com/advisories/42355/ libxml2<2.7.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4008 openttd>=1.0.0<1.0.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4168 RealPlayerSP>=12.0.0<14.0.1 remote-system-access http://secunia.com/advisories/42203/ xine-lib<1.1.19 arbitrary-code-execution http://secunia.com/advisories/42359/ phpmyadmin<2.11.11.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2010-8.php mit-krb5<1.4.2nb11 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1323 suse{,32}_krb5<11.3nb1 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1323 suse{,32}_krb5<11.3nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1324 suse{,32}_krb5<11.3nb1 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4020 wordpress<3.0.2 remote-data-manipulation http://secunia.com/advisories/42431/ clamav<0.96.5 denial-of-service http://secunia.com/advisories/42426/ openssl<0.9.8q information-disclosure http://www.openssl.org/news/secadv_20101202.txt bind>=9.6<9.6.2pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613 bind>=9.6<9.6.2pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614 bind>=9.7<9.7.2pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613 bind>=9.7<9.7.2pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614 bind>=9.7<9.7.2pl3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3615 gnash<0.8.9 insecure-temp-files http://secunia.com/advisories/42416/ p5-CGI<3.50 http-response-splitting http://secunia.com/advisories/42443/ p5-CGI<3.51 http-header-injection http://secunia.com/advisories/42461/ p5-CGI-Simple<1.113 http-header-injection http://secunia.com/advisories/42460/ xenkernel3<3.1.4nb4 denial-of-service http://secunia.com/advisories/42395/ xenkernel33<3.3.2nb1 denial-of-service http://secunia.com/advisories/42395/ mit-krb5<1.4.2nb11 signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1323 p5-IO-Socket-SSL<1.35 security-bypass http://secunia.com/advisories/42508/ ImageMagick<6.6.5.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4167 thunderbird<3.1.7 multiple-vulnerabilities http://secunia.com/advisories/42519/ seamonkey<2.0.11 multiple-vulnerabilities http://secunia.com/advisories/42518/ firefox<3.6.13 multiple-vulnerabilities http://secunia.com/advisories/42517/ wordpress<3.0.3 security-bypass http://secunia.com/advisories/42553/ suse{,32}_libcups<11.3nb1 multiple-vulnerabilities http://secunia.com/advisories/40165/ suse{,32}_libcups<11.3nb1 multiple-vulnerabilities http://secunia.com/advisories/41706/ suse{,32}_libxml2<11.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4008 RealPlayerGold<11.0.2.2315 multiple-vulnerabilities http://secunia.com/advisories/38550/ phpmyadmin<2.11.11.1nb1 ui-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4480 phpmyadmin<2.11.11.1nb1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4481 dbus<1.2.4.6nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4352 xulrunner<1.9.2.13 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.13 php5-intl<5.2.15.1.1.2 integer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4409 php53-intl<5.3.4.1.1.2 integer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4409 typo3<4.4.5 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-022/ fontforge<20100501nb4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4259 echoping-[0-9]* remote-system-access http://secunia.com/advisories/42619/ xfig<3.2.5bnb9 remote-system-access https://bugzilla.redhat.com/show_bug.cgi?id=659676 mantis<1.2.4 multiple-vulnerabilities http://secunia.com/advisories/42597/ opensc<0.11.13nb1 local-system-access http://secunia.com/advisories/42658/ pcsc-lite<1.5.5nb2 remote-system-access http://secunia.com/advisories/42659/ gitweb<1.7.3.4 cross-site-scripting http://secunia.com/advisories/42645/ opera<11.0 multiple-vulnerabilities http://secunia.com/advisories/42653/ tor<0.2.1.28 remote-system-access http://secunia.com/advisories/42536/ mhonarc<2.6.16nb1 cross-site-scripting http://secunia.com/advisories/42694/ calibre<0.7.35 multiple-vulnerabilities http://secunia.com/advisories/42689/ py{15,20,21,22,23,24,25,26,27,31}-django<1.2.4 multiple-vulnerabilities http://secunia.com/advisories/42715/ libpurple>=2.7.6<2.7.9 remote-denial-of-service http://www.pidgin.im/news/security//?id=49 libxml2<2.7.8nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4494 suse{,32}_libxml2<11.3nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4494 geeklog<1.7.1.1 cross-site-scripting http://www.geeklog.net/article.php/geeklog-1.7.1sr1 wordpress<3.0.4 script-insertion http://wordpress.org/news/2010/12/3-0-4-update/ vlc<1.1.6 denial-of-service http://www.videolan.org/security/sa1007.html wireshark<1.4.2nb1 denial-of-service http://secunia.com/advisories/42767/ mediawiki<1.16.1 cross-site-scripting http://secunia.com/advisories/42810/ ap{2,22}-subversion<1.6.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4539 subversion-base<1.6.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4644 gimp<2.6.11nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4540 gimp<2.6.11nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4541 gimp<2.6.11nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4542 gimp<2.6.11nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4543 typolight28<2.8.4nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0508 contao29<2.9.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0508 php<5.2.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4645 php>=5.3.0<5.3.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4645 evince<2.30.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2640 evince<2.30.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2641 evince<2.30.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2642 evince<2.30.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2643 dpkg<1.14.31 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1679 mono>=2.8<2.8.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4225 mono-xsp>=2.8<2.8.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4225 ap{2,22}-mono>=2.8<2.8.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4225 wireshark<1.4.3 remote-user-shell http://www.wireshark.org/security/wnpa-sec-2011-02.html sudo>=1.7<1.7.4p5 security-bypass http://www.sudo.ws/sudo/alerts/runas_group_pw.html exim<4.73 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4345 asterisk<1.6.2.16.1 buffer-overflow http://downloads.digium.com/pub/security/AST-2011-001.html asterisk>=1.8<1.8.2.2 buffer-overflow http://downloads.digium.com/pub/security/AST-2011-001.html p5-Convert-UUlib<1.4 denial-of-service http://secunia.com/advisories/42998/ pango<1.28.3nb2 denial-of-service http://secunia.com/advisories/42934/ fuse>=2.0 denial-of-service http://secunia.com/advisories/42961/ maradns<1.4.06 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0520 dpkg<1.14.31 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0402 suse{,32}_openssl<11.3nb2 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4180 gif2png<2.5.4 remote-system-access http://secunia.com/advisories/42339/ freeradius>2<2.1.10 denial-of-service http://secunia.com/advisories/41621/ mupdf<0.7nb1 remote-system-access http://secunia.com/advisories/43020/ bugzilla<3.2.10 multiple-vulnerabilities http://secunia.com/advisories/43033/ webkit-gtk<1.2.6 multiple-vulnerabilities http://secunia.com/advisories/43086/ ruby1{8,9}-mail<2.2.15 remote-system-access http://secunia.com/advisories/43077/ opera<11.01 multiple-vulnerabilities http://secunia.com/advisories/43023/ awstats<7.0 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4367 isc-dhcpd<4.1.2p1 denial-of-service http://secunia.com/advisories/43006/ exim<4.74 local-privilege-escalation http://secunia.com/advisories/43101/ vlc<1.1.6nb1 remote-system-access http://www.videolan.org/security/sa1102.html moodle<2.0.2 cross-site-scripting http://secunia.com/advisories/43133/ postgresql83-datatypes>=8.3<8.3.14 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4015 postgresql84-datatypes>=8.4<8.4.7 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4015 postgresql90-datatypes>=9.0<9.0.3 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4015 openssh>=5.6<5.8 information-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0539 bind>=9.5<9.6.3 denial-of-service https://www.isc.org/announcement/bind-9-dnssec-validation-fails-new-ds-record bind>=9.7<9.7.2 denial-of-service https://www.isc.org/announcement/bind-9-dnssec-validation-fails-new-ds-record tsclient-0.[0-9]* remote-system-access http://secunia.com/advisories/43120/ plone25-[0-9]* remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0720 plone3-[0-9]* remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0720 mediawiki<1.16.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0047 openssl<0.9.8qnb1 denial-of-service http://www.openssl.org/news/secadv_20110208.txt ruby1{8,9}-actionpack<2.3.11 cross-site-request-forgeries http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails ruby1{8,9}-actionpack>=3.0<3.0.4 cross-site-request-forgeries http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails ruby19-railties<3.0.4 cross-site-request-forgeries http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails bind<9.6 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages libpurple<2.7.10 information-leak http://www.pidgin.im/news/security/?id=50 cgiirc<0.5.10 cross-site-scripting http://sourceforge.net/mailarchive/message.php?msg_id=27024589 py{15,20,21,22,23,24,25,26,27,31}-django<1.2.5 multiple-vulnerabilities http://www.djangoproject.com/weblog/2011/feb/08/security/ adobe-flash-plugin<10.2.152.26 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-02.html ns-flash<10.2.152.26 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-02.html seamonkey-bin-flash<10.2.152.26 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-02.html firefox-bin-flash<10.2.152.26 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-02.html wordpress<3.0.5 multiple-vulnerabilities http://wordpress.org/news/2011/02/wordpress-3-0-5/ ffmpeg<20110623.0.7.1 denial-of-service http://secunia.com/advisories/43197/ feh<1.11.2 privilege-escalation http://secunia.com/advisories/43221/ phpmyadmin<2.11.11.2 information-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0986 phpmyadmin<2.11.11.3 script-insertion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0987 qemu<0.11.0 restriction-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0011 apache-tomcat<5.5.33 denial-of-service http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0075.html apache-tomcat>=5.5.0<5.5.32 arbitrary-script-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013 apache-tomcat>=5.5.0<5.5.30 restriction-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718 wireshark<1.4.3nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0538 apache-tomcat>=6<6.0.32 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534 apache-tomcat>=6<6.0.30 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013 apache-tomcat>=6.0.12<6.0.30 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172 apache-tomcat>=6<6.0.30 restriction-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718 proftpd<1.3.3d multiple-vulnerabilities http://www.proftpd.org/docs/NEWS-1.3.3d acroread9<9.4.2 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-03.html sun-jre<6.0.24 multiple-vulnerabilities http://secunia.com/advisories/43262/ ruby1{8,9}-actionpack>=3.0<3.0.4 cross-site-request-forgeries http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0449 ruby1{8,9}-activerecord>=3.0<3.0.4 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0448 php5-zip<5.2.17nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0421 php5-exif<5.2.17nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0708 php53-zip<5.3.5nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0421 php53-exif<5.3.5nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0708 php>=5<5.3 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages telepathy-gabble<0.11.7 remote-hijacking http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1000 typo3<4.5 cross-site-request-forgery http://wiki.typo3.org/TYPO3_4.5#Security openldap-server<2.4.24 security-bypass http://secunia.com/advisories/43331/ asterisk<1.6.2.16.2 buffer-overflow http://downloads.digium.com/pub/security/AST-2011-002.html asterisk>=1.8<1.8.2.4 buffer-overflow http://downloads.digium.com/pub/security/AST-2011-002.html bind>=9.7.1<9.7.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0414 t1lib<5.1.2nb2 arbitrary-code-execution http://secunia.com/advisories/43491/ evince<2.32.0nb4 buffer-overflow https://bugzilla.gnome.org/show_bug.cgi?id=640923 python24-[0-9]* sensitive-information-exposure http://secunia.com/advisories/43463/ python25<2.5.5nb2 sensitive-information-exposure http://secunia.com/advisories/43463/ python26<2.6.6nb6 sensitive-information-exposure http://secunia.com/advisories/43463/ mupdf<0.8 remote-system-access http://secunia.com/advisories/42320/ rt<3.8.9 sensitive-information-exposure http://secunia.com/advisories/43438/ suse{,32}_krb5<11.3nb2 denial-of-service http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html moodle<1.9.10 multiple-vulnerabilities http://secunia.com/advisories/43427/ mailman<2.1.14.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0707 lft<3.3 unknown-impact http://secunia.com/advisories/43381/ asterisk<1.4.0 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages asterisk>=1.6<1.6.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages clamav<0.97 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1003 avahi<0.6.29 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1002 ruby18-base<1.8.7.370nb2 remote-security-bypass http://secunia.com/advisories/43420/ ruby18-base<1.8.7.334 privilege-escalation http://secunia.com/advisories/43434/ ruby19-base<1.9.2pl180 privilege-escalation http://secunia.com/advisories/43434/ suse{,32}_base<11.3nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3856 wireshark<1.4.4 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0713 wireshark<1.4.4 multiple-vulnerabilities http://www.wireshark.org/security/wnpa-sec-2011-04.html moodle<1.9.11 multiple-vulnerabilities http://secunia.com/advisories/43570/ pango<1.28.3nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0064 tor<0.2.1.30 denial-of-service http://secunia.com/advisories/43548/ firefox<3.6.14 multiple-vulnerabilities http://secunia.com/advisories/43550/ seamonkey<2.0.12 multiple-vulnerabilities http://secunia.com/advisories/43550/ thunderbird<3.1.8 multiple-vulnerabilities http://secunia.com/advisories/43586/ weechat<0.3.4 spoofing-attack http://secunia.com/advisories/43543/ ap{2,22}-subversion<1.6.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0715 moodle<1.9.10 multiple-vulnerabilities http://secunia.com/advisories/43427/ openafs<1.4.14 multiple-vulnerabilities http://secunia.com/advisories/43407/ py{24,25,26,27,31}-moin<1.9.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1058 postfix<2.7.3 command-injection http://www.kb.cert.org/vuls/id/555316 postfix>=2.8.20100000<2.8.20110115 command-injection http://www.kb.cert.org/vuls/id/555316 TeXmacs-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3394 patch<2.7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4651 tiff<3.9.4nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0192 suse{,32}_libtiff<11.3nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5022 suse{,32}_libtiff<11.3nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3087 suse{,32}_libtiff<11.3nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0192 suse{,32}_libtiff<11.3nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1167 xulrunner<1.9.2.15 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.14 apache-tomcat>=6<6.0.32 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534 unixodbc<2.3.0nb1 remote-system-access http://secunia.com/advisories/43679/ webkit-gtk<1.2.7 multiple-vulnerabilities http://gitorious.org/webkitgtk/stable/blobs/master/WebKit/gtk/NEWS sun-{jre,jdk}6<6.0.24 multiple-vulnerabilities http://secunia.com/advisories/43262/ nagios-base<3.3.1 cross-site-scripting http://secunia.com/advisories/43287/ libpurple<2.7.11 denial-of-service http://secunia.com/advisories/43695/ py{24,25,26,27,31}-feedparser<5.0.1 multiple-vulnerabilities http://secunia.com/advisories/43730/ adobe-flash-plugin<10.2.152.33 remote-system-access http://www.adobe.com/support/security/advisories/apsa11-01.html php5-shmop<5.2.17nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1092 php53-shmop<5.3.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1092 php>=5.3<5.3.6 format-string http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1153 samba-3.0.[0-9]* memory-corruption http://samba.org/samba/security/CVE-2011-0719.html samba>=3.3.0<3.3.15 memory-corruption http://samba.org/samba/security/CVE-2011-0719.html samba>=3.5.0<3.5.7 memory-corruption http://samba.org/samba/security/CVE-2011-0719.html php{5,53}-pear<1.9.2 privilege-escalation http://pear.php.net/advisory-20110228.txt php{5,53}-pear<1.9.2nb2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1144 cups<1.4.5 multiple-vulnerabilities http://www.cups.org/articles.php?L597 libzip<0.10 denial-of-service http://secunia.com/advisories/43621/ xenkernel33<3.3.2nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1166 xenkernel3<3.1.4nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1166 openslp<1.2.1nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3609 quagga<0.99.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1674 quagga<0.99.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1675 moodle<2.0.2 multiple-vulnerabilities http://secunia.com/advisories/43570/ vlc<1.1.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=2010-3275 vlc<1.1.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=2010-3276 suse{,32}_gtk2<11.3nb3 denial-of-service http://lists.opensuse.org/opensuse-updates/2011-03/msg00019.html suse{,32}_base<11.3nb4 arbitrary-code-execution https://hermes.opensuse.org/messages/7712778 loggerhead<1.18.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0728 python23-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python24-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python25<2.5.5nb3 sensitive-information-disclosure http://secunia.com/advisories/43831/ python26<2.6.6nb7 sensitive-information-disclosure http://secunia.com/advisories/43831/ python27<2.7.1nb1 sensitive-information-disclosure http://secunia.com/advisories/43831/ tiff<3.9.4nb3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1167 suse{,32}_openssl<11.3nb3 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0014 fengoffice<1.7.5 cross-site-scripting http://secunia.com/advisories/43912/ xmlsec1<1.2.17 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1425 gdm>=2.28.0<2.32.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0727 suse{,32}_krb5<11.3nb3 arbitrary-code-execution http://secunia.com/advisories/44027/ xymon<4.3.2 cross-site-scripting http://secunia.com/advisories/44036/ perl<5.12.2nb2 remote-security-bypass http://secunia.com/advisories/43921/ erlang<14.1.2 remote-system-access http://secunia.com/advisories/43898/ pure-ftpd<1.0.30 remote-data-manipulation http://secunia.com/advisories/43988/ ruby1{8,9}-rack<1.1.2 remote-security-bypass http://groups.google.com/group/rack-devel/browse_thread/thread/a1ec9e7880118867 ruby1{8,9}-rack>=1.2.0<1.2.2 remote-security-bypass http://groups.google.com/group/rack-devel/browse_thread/thread/a1ec9e7880118867 ruby1{8,9}-actionpack>=3.0<3.0.6 cross-site-scripting http://weblog.rubyonrails.org/2011/4/6/rails-3-0-6-has-been-released xrdb<1.0.9 privilege-escalation http://secunia.com/advisories/44040/ libvpx<0.9.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4489 isc-dhclient<4.2.1p1 remote-system-access http://secunia.com/advisories/44037/ libmodplug<0.8.8.2 remote-system-access http://secunia.com/advisories/44054/ roundcube<0.5.1 remote-security-bypass http://secunia.com/advisories/44050/ rsync<3.0.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1097 wordpress<3.1.1 multiple-vulnerabilities http://secunia.com/advisories/44038/ suse{,32}_gtk2<11.3nb2 local-security-bypass http://secunia.com/advisories/43933/ dhcpcd<5.2.12 remote-system-access http://secunia.com/advisories/44070/ tinyproxy<1.8.3 remote-security-bypass http://secunia.com/advisories/43948/ ikiwiki<3.20110328 script-insertion http://secunia.com/advisories/44137/ kdelibs4<4.5.5nb2 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1168 xulrunner<1.9.2.16 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-11.html firefox<3.6.16 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-11.html vlc<1.1.8nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1684 mediawiki<1.16.3 multiple-vulnerabilities http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-April/000096.html mediawiki<1.16.4 cross-site-scripting http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-April/000097.html mediawiki<1.16.5 cross-site-scripting http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-May/000098.html mit-krb5<1.8.3nb5 denial-of-service http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2011-004.txt vsftpd<2.3.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0762 php<5.3.6nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1148 opera<11.10 denial-of-service http://www.securityfocus.com/bid/46872 rt<3.8.11 multiple-vulnerabilities http://secunia.com/advisories/44189/ wireshark<1.4.5 remote-user-shell http://www.wireshark.org/security/wnpa-sec-2011-06.html adobe-flash-plugin<10.2.159.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0611 ns-flash<10.2.159.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0611 seamonkey-bin-flash<10.2.159.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0611 firefox-bin-flash<10.2.159.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0611 kdenetwork4<4.5.5nb3 remote-system-access http://secunia.com/advisories/44124/ xfce4-thunar>=1.1<1.2.1 remote-system-access http://secunia.com/advisories/44104/ p5-Jifty-DBI<0.68 remote-data-manipulation http://secunia.com/advisories/44224/ p5-Mojolicious<1.16 sensitive-information-exposure http://secunia.com/advisories/44051/ rdesktop<1.7.0 remote-system-access http://secunia.com/advisories/44200/ webmin<1.550 privilege-escalation http://secunia.com/advisories/44263/ wordpress<3.1.2 remote-security-bypass http://secunia.com/advisories/44372/ suse{,32}_base<12.1 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2011-1071.html suse{,32}_base<12.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1659 php>=5.3<5.3.13nb2 arbitrary-code-execution http://secunia.com/advisories/44335/ ffmpeg<20110626.0.6.3 denial-of-service http://secunia.com/advisories/44378/ xulrunner<1.9.2.17 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.17 firefox<3.6.17 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.17 firefox>=4<4.0.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox40.html#firefox4.0.1 seamonkey<2.0.14 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.14 thunderbird<3.1.10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird31.html#thunderbird3.1.10 xulrunner>=2<2.0.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox40.html#firefox4.0.1 bind>=9.8.0<9.8.0pl1 denial-of-service https://www.isc.org/CVE-2011-1907 mysql-server<5.0.91 multiple-vulnerabilities http://dev.mysql.com/doc/refman/5.0/en/news-5-0-91.html mysql-server<5.0.92 multiple-vulnerabilities http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html mysql-server<5.0.93 denial-of-service http://dev.mysql.com/doc/refman/5.0/en/news-5-0-93.html postfix<2.8.3 denial-of-service http://www.postfix.org/CVE-2011-1720.html ampache-[0-9]* cross-site-scripting http://secunia.com/advisories/44497/ xentools33<3.3.2nb7 multiple-vulnerabilities http://secunia.com/advisories/44502/ xentools41<4.1.0nb4 multiple-vulnerabilities http://secunia.com/advisories/44502/ suse{,32}_gtk2<11.3nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4352 exim<4.76 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1407 exim<4.76 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1764 php<5.1.3 multiple-vulnerabilities http://secunia.com/advisories/18694/ wordpress<3.1.3 remote-system-access http://secunia.com/advisories/44409/ apr<0.9.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419 apr>=1.0<1.4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419 openssh<5.8.2 sensitive-information-exposure http://secunia.com/advisories/44347/ horde>=4<4.0.2 multiple-vulnerabilities http://secunia.com/advisories/44408/ simgear-[0-9]* denial-of-service http://secunia.com/advisories/44434/ vino<2.28.3 denial-of-service http://secunia.com/advisories/44463/ libmodplug<0.8.8.3 remote-system-access http://secunia.com/advisories/44388/ cyrus-imapd<2.3.16nb4 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1926 cyrus-imapd>=2.4<2.4.7 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1926 adobe-flash-plugin<10.3.181.14 multiple-vulnerabilities http://secunia.com/advisories/44590/ ns-flash<10.3.181.14 multiple-vulnerabilities http://secunia.com/advisories/44590/ seamonkey-bin-flash<10.3.181.14 multiple-vulnerabilities http://secunia.com/advisories/44590/ firefox-bin-flash<10.3.181.14 multiple-vulnerabilities http://secunia.com/advisories/44590/ tor<0.2.1.29 multiple-vulnerabilities http://secunia.com/advisories/42907/ openssh<5.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5161 p5-Jifty-DBI<0.68 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2011-1933s p5-libwww<6.00 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0633 dovecot<1.2.17 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1929 dovecot>=2<2.0.13 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1929 viewvc<1.1.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5024 apr<1.4.4nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1928 openssl<0.9.8qnb3 sensitive-information-exposure http://secunia.com/advisories/44572/ opera<11.11 arbitrary-code-execution http://secunia.com/advisories/44611/ moodle<2.0.3 multiple-vulnerabilities http://secunia.com/advisories/44630/ qemu<0.15.0 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1751 php53-pdo_mysql<5.3.6 sql-injection http://bugs.php.net/bug.php?id=47802 php5-pdo_mysql-[0-9]* sql-injection http://bugs.php.net/bug.php?id=47802 dirmngr<1.1.0nb2 denial-of-service http://secunia.com/advisories/44680/ bind<9.6.3.1 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-1910 bind>=9.7.0<9.7.3pl1 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-1910 bind>=9.8.0<9.8.0pl2 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-1910 drupal<6.21 multiple-vulnerabilities http://drupal.org/node/1168756 ruby18-base<1.8.7.334nb3 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0188 ruby19-base<1.9.2pl180nb1 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0188 rssh<2.3.3 remote-security-bypass http://www.pizzashack.org/rssh/security.shtml fetchmail<6.3.20 denial-of-service http://www.fetchmail.info/fetchmail-SA-2011-01.txt wireshark<1.4.7 denial-of-service http://www.wireshark.org/security/wnpa-sec-2011-08.html ejabberd<2.1.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1753 jabberd<1.4.2nb9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1754 jabberd>=2<2.2.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1755 libxml2<2.7.8nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1944 plone25-[0-9]* cross-site-scripting http://plone.org/products/plone/security/advisories/CVE-2011-1948 plone3-[0-9]* cross-site-scripting http://plone.org/products/plone/security/advisories/CVE-2011-1948 plone25-[0-9]* cross-site-scripting http://plone.org/products/plone/security/advisories/CVE-2011-1949 plone3-[0-9]* cross-site-scripting http://plone.org/products/plone/security/advisories/CVE-2011-1949 ap{2,22}-subversion<1.6.17 denial-of-service http://subversion.apache.org/security/CVE-2011-1752-advisory.txt ap{2,22}-subversion>=1.5.0<1.6.17 denial-of-service http://subversion.apache.org/security/CVE-2011-1783-advisory.txt ap{2,22}-subversion>=1.5.0<1.6.17 denial-of-service http://subversion.apache.org/security/CVE-2011-1921-advisory.txt unbound<1.4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4008 cherokee<1.2.99 cross-site-request-forgery http://secunia.com/advisories/44821/ asterisk>=1.8<1.8.4.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2216 adobe-flash-plugin<10.3.181.22 cross-site-scripting http://www.adobe.com/support/security/bulletins/apsb11-13.html lua-expat<1.2.0 denial-of-service http://secunia.com/advisories/44866/ prosody<0.8.1 denial-of-service http://secunia.com/advisories/44852/ sun-{jre,jdk}6<6.0.26 multiple-vulnerabilities http://secunia.com/advisories/44784/ p5-Data-FormValidator-[0-9]* sensitive-information-exposure http://secunia.com/advisories/44832/ ruby1{8,9}-actionpack>=3.0<3.0.8 cross-site-scripting http://secunia.com/advisories/44789/ ruby1{8,9}-activesupport>=3.0<3.0.8 cross-site-scripting http://secunia.com/advisories/44789/ asterisk<1.6.2.17.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-003.html asterisk>=1.8<1.8.3.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-003.html asterisk<1.6.2.17.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-004.html asterisk>=1.8<1.8.3.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-004.html asterisk<1.6.2.17.3 denial-of-service http://downloads.digium.com/pub/security/AST-2011-005.html asterisk>=1.8<1.8.3.3 denial-of-service http://downloads.digium.com/pub/security/AST-2011-005.html asterisk<1.6.2.17.3 privilege-escalation http://downloads.digium.com/pub/security/AST-2011-006.html asterisk>=1.8<1.8.3.3 privilege-escalation http://downloads.digium.com/pub/security/AST-2011-006.html asterisk>=1.8<1.8.4.2 denial-of-service http://downloads.digium.com/pub/security/AST-2011-007.html tiff<3.9.5 multiple-vulnerabilities http://www.remotesensing.org/libtiff/v3.9.5.html dbus<1.2.4.6nb4 denial-of-service http://secunia.com/advisories/44896/ open-vm-tools-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/43798/ vte<0.26.2nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2198 php<5.2.17nb4 filename-injection http://svn.php.net/viewvc?view=revision&revision=312103 php>=5.3<5.3.6nb2 filename-injection http://svn.php.net/viewvc?view=revision&revision=312103 vlc<1.1.10 remote-system-access http://secunia.com/advisories/44412/ png>=1.2.23<1.5.3rc02 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2501 pngcrush<1.7.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2501 perl<5.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0761 erlang<14.1.3 denial-of-service http://www.erlang.org/download/otp_src_R14B03.readme php<5.2.17nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938 php>=5.3<5.3.6nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938 adobe-flash-plugin<10.3.181.26 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb11-18.html suse{,32}_openssl<11.3nb4 sensitive-information-disclosure http://support.novell.com/security/cve/CVE-2011-1945.html tomboy<1.2.1nb5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4005 opera<11.50 denial-of-service http://www.securityfocus.com/bid/48262 ruby1{8,9}-actionpack<2.3.12 cross-site-scripting http://secunia.com/advisories/44789/ ruby1{8,9}-activesupport<2.3.12 cross-site-scripting http://secunia.com/advisories/44789/ fabric<1.1.0 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2185 firefox>=4<5.0 sensitive-information-exposure http://secunia.com/advisories/44972/ groff<1.20.1nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5044 postgresql84-pgcrypto<8.4.9 weak-authentication http://www.openwall.com/lists/announce/2011/06/21/1 postgresql90-pgcrypto<9.0.5 weak-authentication http://www.openwall.com/lists/announce/2011/06/21/1 php>=5.3<5.3.6nb4 weak-authentication http://www.openwall.com/lists/announce/2011/06/21/1 john<1.7.6nb1 weak-authentication http://www.openwall.com/lists/announce/2011/06/21/1 firefox<3.6.18 multiple-vulnerabilities http://secunia.com/advisories/44982/ thunderbird<3.1.11 multiple-vulnerabilities http://secunia.com/advisories/44982/ libreoffice3-bin<3.3.3 arbitrary-code-execution http://www.kb.cert.org/vuls/id/953183 asterisk>=1.6<1.6.2.18.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-008.html asterisk>=1.8<1.8.4.3 denial-of-service http://downloads.digium.com/pub/security/AST-2011-008.html asterisk>=1.8<1.8.4.3 denial-of-service http://downloads.digium.com/pub/security/AST-2011-009.html asterisk>=1.6.2.15<1.6.2.18.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-010.html asterisk>=1.8<1.8.4.3 denial-of-service http://downloads.digium.com/pub/security/AST-2011-010.html curl>=7.10.6<7.21.7 spoofing-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2192 suse{,32}_libcurl<12.1 spoofing-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2192 pidgin<2.9.0 denial-of-service http://www.pidgin.im/news/security/?id=52 seamonkey<2.2 sensitive-information-exposure http://secunia.com/advisories/45007/ apache-tomcat>=5.5<5.5.34 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204 apache-tomcat>=6<6.0.33 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204 opera<11.50 multiple-vulnerabilities http://secunia.com/advisories/45060/ plone3-[0-9]* privilege-escalation http://plone.org/products/plone/security/advisories/20110622 drupal-5.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages wordpress<3.1.4 remote-security-bypass http://secunia.com/advisories/45099/ wireshark<1.4.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2011-09.html asterisk>=1.6.2<1.6.2.18.2 information-leak http://downloads.digium.com/pub/security/AST-2011-011.html asterisk>=1.8<1.8.4.4 information-leak http://downloads.digium.com/pub/security/AST-2011-011.html amaya<11.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6005 {firefox-bin,seamonkey-bin,ns}-flash-9.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages bind<9.6.3.1.ESV.4pl3 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-2464 bind>=9.7.0<9.7.3pl3 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-2464 bind>=9.8.0<9.8.0pl4 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-2464 bind>=9.8.0<9.8.0pl4 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-2465 mit-krb5-appl<1.0.1nb1 remote-system-access http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2011-005.txt qemu<0.15.0 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2212 qemu<0.15.0 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2527 xml-security-c<1.6.1 denial-of-service http://secunia.com/advisories/45151/ zope210<2.10.13 privilege-escalation http://plone.org/products/plone/security/advisories/20110622 zope211<2.11.8 privilege-escalation http://plone.org/products/plone/security/advisories/20110622 freetype2<2.4.4nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0226 suse{,32}_freetype2<11.3nb3 remote-system-access http://support.novell.com/security/cve/CVE-2011-0226.html squirrelmail<1.4.22 multiple-vulnerabilities http://secunia.com/advisories/45197/ libsndfile<1.0.24nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2696 vlc<1.1.10nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2587 vlc<1.1.10nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2588 apache-tomcat<5.5.34 denial-of-service http://secunia.com/advisories/45232/ apache-tomcat>=6<6.0.33 denial-of-service http://secunia.com/advisories/45232/ foomatic-filters>=4<4.0.6nb1 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2964 foomatic-filters<4 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2697 ioquake3<1.36.20200125 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2764 phpmyadmin<3 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages clamav<0.97.2 denial-of-service http://secunia.com/advisories/45382/ kdeutils-[0-9]* directory-traversal http://secunia.com/advisories/45378/ kdeutils4-[0-9]* directory-traversal http://secunia.com/advisories/45378/ freeradius-2.1.11 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2701 opensaml<2.4.3 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1411 sun-{jre,jdk}6-[0-9]* arbitrary-code-execution http://secunia.com/advisories/45173/ suse{,32}_libxml2<11.3nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2011-1944.html samba<3.3.16 cross-site-request-forgery http://samba.org/samba/security/CVE-2011-2522.html samba<3.3.16 cross-site-scripting http://samba.org/samba/security/CVE-2011-2694.html samba>=3.5.0<3.5.10 cross-site-request-forgery http://samba.org/samba/security/CVE-2011-2522.html samba>=3.5.0<3.5.10 cross-site-scripting http://samba.org/samba/security/CVE-2011-2694.html libsoup24<2.34.2nb1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2524 suse{,32}_base<11.3nb5 remote-system-access http://lists.opensuse.org/opensuse-updates/2011-07/msg00041.html mapserver<5.6.7 remote-system-access http://secunia.com/advisories/45257/ libmodplug<0.8.8.4 remote-system-access http://secunia.com/advisories/45131/ bugzilla<3.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages bugzilla<3.4.11 multiple-vulnerabilities http://secunia.com/advisories/45501/ suse{,32}_gtk2<11.3nb5 denial-of-service http://secunia.com/advisories/45308/ gdk-pixbuf<0.22.0nb15 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2897 typo3<4.5.4 multiple-vulnerabilities http://secunia.com/advisories/45557/ moodle<2.1.1 remote-security-bypass http://secunia.com/advisories/45487/ ffmpeg<20110907.0.7.4 arbitrary-code-execution http://www.ocert.org/advisories/ocert-2011-002.html mplayer<1.0rc20100913nb10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3362 libXfont<1.4.4 privilege-escalation http://secunia.com/advisories/45544/ adobe-flash-plugin<10.3.183.5 remote-system-access http://www.adobe.com/support/security/bulletins/apsb11-21.html isc-dhcpd<4.2.2 denial-of-service http://secunia.com/advisories/45582/ mplayer<1.0rc20100913nb8 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3625 gimp<2.6.11nb9 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2896 stunnel<4.42 remote-code-execution http://stunnel.org/?page=sdf_ChangeLog thunderbird<6 multiple-vulnerabilities http://www.mozilla.org/security/announce/2011/mfsa2011-31.html firefox{,-bin}<3.6.20 multiple-vulnerabilities http://www.mozilla.org/security/announce/2011/mfsa2011-30.html firefox{,-bin}>=4<6 multiple-vulnerabilities http://www.mozilla.org/security/announce/2011/mfsa2011-29.html seamonkey{,-bin}<2.3 multiple-vulnerabilities http://www.mozilla.org/security/announce/2011/mfsa2011-33.html libpurple<2.10.0 multiple-vulnerabilities http://pidgin.im/news/security/ pidgin<2.10.0 unsafe-file-execution http://pidgin.im/news/security/?id=55 suse{,32}_libpng<11.3nb2 multiple-vulnerabilities http://lists.opensuse.org/opensuse-updates/2011-08/msg00026.html gdk-pixbuf2<2.22.1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2485 roundcube<0.5.4 cross-site-scripting http://secunia.com/advisories/45605/ php-5.3.7 remote-security-bypass http://secunia.com/advisories/45678/ ruby1{8,9}-actionpack>=3.0<3.0.10 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2929 ruby1{8,9}-activerecord>=3.0<3.0.10 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2930 ruby1{8,9}-activerecord<2.3.14 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2930 ruby1{8,9}-actionpack>=3.0<3.0.10 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2931 ruby1{8,9}-actionpack<2.3.14 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2931 ruby18-activesupport>=3.0<3.0.10 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2932 ruby18-activesupport<2.3.14 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2932 ruby1{8,9}-actionpack<2.3.14 http-header-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3186 apache>=2.0<2.0.64nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192 apache>=2.2<2.2.19nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192 RealPlayerGold-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages phpmyadmin>=3.3.0<3.4.4 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2011-13.php cups<1.4.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2896 cups<1.4.8nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3170 squid>=3.0<3.1.15 remote-system-access http://www.squid-cache.org/Advisories/SQUID-2011_3.txt apache-tomcat<5.5.34 remote-security-bypass http://secunia.com/advisories/45748/ apache-tomcat>=6<6.0.34 remote-security-bypass http://secunia.com/advisories/45748/ opera<11.51 multiple-vulnerabilities http://secunia.com/advisories/45791/ xenkernel33<3.3.2nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2901 xenkernel3<3.1.4nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2901 xenkernel41<4.1.2 denial-of-service http://secunia.com/advisories/45622/ openttd<1.1.3 multiple-vulnerabilities http://secunia.com/advisories/45832/ mantis<1.2.8 multiple-vulnerabilities http://secunia.com/advisories/45829/ firefox<6.0.1 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-34.html firefox36<3.6.21 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-34.html thunderbird<3.1.13 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-34.html seamonkey<2.3.2 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-34.html firefox<6.0.2 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-35.html firefox36<3.6.22 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-35.html thunderbird<3.1.14 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-35.html seamonkey<2.3.3 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-35.html openssl<0.9.8s denial-of-service http://www.openssl.org/news/secadv_20110906.txt wireshark<1.6.2 multiple-vulnerabilities http://web.nvd.nist.gov/view/vuln/detail?vulnId=2011-3266 librsvg<2.34.1 denial-of-service http://secunia.com/advisories/45877/ cyrus-imapd>=2.2<2.3.17 buffer-overflow http://secunia.com/advisories/45938/ cyrus-imapd>=2.4<2.4.11 buffer-overflow http://secunia.com/advisories/45938/ p5-FCGI>=0.70<0.74 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2766 py{15,20,21,22,23,24,25,26,27,31}-django<1.2.7 multiple-vulnerabilities https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/ mozilla-rootcerts<1.0.20110902 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-35.html apache>=2.2.12<2.2.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348 typo3<4.5.6 sql-injection http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-002/ typo3<4.5.6 denial-of-service http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-003/ phpmyadmin>=3.4.0<3.4.5 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2011-14.php evolution-data-server<3.1.1 remote-information-exposure http://secunia.com/advisories/45941/ openvas-server-[0-9]* local-privilege-escalation http://secunia.com/advisories/45836/ acroread9<9.4.6 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-24.html swi-prolog-packages<5.11.18nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2896 firefox<7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox7 firefox36<3.6.23 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.23 thunderbird<7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird7 seamonkey<2.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.4 quagga<0.99.19 denial-of-service http://secunia.com/advisories/46139/ etherape<0.9.12 denial-of-service http://sourceforge.net/mailarchive/message.php?msg_id=27582286 adobe-flash-plugin<10.3.183.10 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-26.html ffmpeg<20111002.0.7.6 remote-system-access http://secunia.com/advisories/46134/ ffmpeg<20111002.0.7.6 multiple-vulnerabilities http://secunia.com/advisories/46245/ ldns<1.6.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3581 php<5.3.8nb1 remote-system-access http://secunia.com/advisories/46107/ awstats<7.0nb3 cross-site-scripting http://secunia.com/advisories/46160/ libpurple<2.10.1 unknown-impact http://developer.pidgin.im/ticket/14636 cyrus-imapd>=2.2<2.3.18 security-bypass http://secunia.com/advisories/46093/ cyrus-imapd>=2.4<2.4.12 security-bypass http://secunia.com/advisories/46093/ kdelibs4<.5.5nb8 spoofing-attack http://secunia.com/advisories/46157/ p5-Crypt-DSA<1.17 security-bypass http://secunia.com/advisories/46275/ vlc<1.1.11nb2 denial-of-service http://www.videolan.org/security/sa1107.html puppet-[0-9]* local-system-compromise http://secunia.com/advisories/46223/ ruby1{8,9,93}-puppet<2.7.4 local-system-compromise http://secunia.com/advisories/46223/ puppet-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/46286/ ruby1{8,9,93}-puppet<2.7.5 multiple-vulnerabilities http://secunia.com/advisories/46286/ apache<2.0.65 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368 apache>=2.2<2.2.21nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368 xpdf<3.03 multiple-vulnerabilities http://www.foolabs.com/xpdf/CHANGES typolight28<2.8.4nb5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4335 contao29<2.9.5nb5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4335 contao210<2.10.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4335 qemu<0.15.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3346 png>=1.5.4<1.5.5 denial-of-service http://secunia.com/advisories/46148/ xenkernel33-[0-9]* denial-of-service http://secunia.com/advisories/46105/ xenkernel3-[0-9]* denial-of-service http://secunia.com/advisories/46105/ perl<5.14.2 remote-system-access http://secunia.com/advisories/46172/ p5-Digest<1.17 remote-system-access http://secunia.com/advisories/46279/ perl<5.14.2nb1 remote-system-access http://secunia.com/advisories/46299/ phppgadmin<5.0.2 code-injection http://archives.postgresql.org/pgsql-announce/2010-11/msg00021.php phppgadmin<5.0.3 cross-site-scripting http://secunia.com/advisories/46248/ geeklog<1.8.1 cross-site-scripting http://secunia.com/advisories/46348/ opera<11.52 remote-system-access http://secunia.com/advisories/46375/ logsurfer<1.8 command-injection http://seclists.org/oss-sec/2011/q4/81 asterisk>=1.8<1.8.7.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-012.html psi-[0-9]* ssl-cert-spoofing http://secunia.com/advisories/46349/ phpmyadmin<3.4.6 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2011-16.php clamav<0.97.3 denial-of-service http://secunia.com/advisories/46455/ suse{,32}_openssl<11.3nb5 denial-of-service http://support.novell.com/security/cve/CVE-2011-3207.html suse{,32}_openssl<11.3nb5 denial-of-service http://support.novell.com/security/cve/CVE-2011-3210.html suse{,32}_qt4<11.3nb1 denial-of-service http://support.novell.com/security/cve/CVE-2011-3193.html suse{,32}_qt4<11.3nb1 denial-of-service http://support.novell.com/security/cve/CVE-2011-3194.html qt4-libs<4.7.3nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3193 qt4-tiff<4.7.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3194 moodle<2.1.2 multiple-vulnerabilities http://secunia.com/advisories/46247/ sun-{jre,jdk}6<6.0.29 multiple-vulnerabilities http://secunia.com/advisories/46512/ libpurple<2.10.1 denial-of-service http://secunia.com/advisories/46298/ modular-xorg-server<1.6.5nb14 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4028 modular-xorg-server<1.6.5nb14 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4029 mit-krb5<1.8.4nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1529 empathy<3.2.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3635 puppet-[0-9]* man-in-the-middle-attack http://secunia.com/advisories/46550/ ruby1{8,9,93}-puppet<2.7.6 man-in-the-middle-attack http://secunia.com/advisories/46550/ suse{,32}_krb5<11.3nb4 multiple-vulnerabilities http://secunia.com/advisories/46546/ freetype2<2.4.7 remote-system-access http://secunia.com/advisories/46575/ suse{,32}_freetype2<11.3nb4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3256 phpldapadmin<1.2.2 multiple-vulnerabilities http://secunia.com/advisories/46551/ PAM-[0-9]* privilege-escalation http://secunia.com/advisories/46583/ libxml2<2.7.8nb4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2821 libxml2<2.7.8nb4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2834 libxml2<2.7.8nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3905 libxml2<2.7.8nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3919 suse{,32}_libxml2<11.3nb4 remote-system-access http://secunia.com/advisories/47572/ suse{,32}_libxml2<11.3nb5 remote-system-access http://secunia.com/advisories/47647/ openldap-server<2.4.24nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4079 tor<0.2.2.34 remote-security-bypass http://secunia.com/advisories/46634/ net6-[0-9]* multiple-vulnerabilities https://www.openwall.com/lists/oss-security/2011/10/30/3 obby-[0-9]* multiple-vulnerabilities https://www.openwall.com/lists/oss-security/2011/10/30/3 calibre<0.8.25 multiple-vulnerabilities http://secunia.com/advisories/46620/ squid>=3<3.1.16 denial-of-service http://secunia.com/advisories/46609/ qt4-tiff<4.7.3nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3194 wireshark<1.6.3 multiple-vulnerabilities http://secunia.com/advisories/46644/ php>=5.3<5.3.8nb1 arbitrary-code-execution http://secunia.com/advisories/46107/ phpmyadmin<3.4.7.1 information-disclosure http://secunia.com/advisories/46447/ ffmpeg<20110907.0.7.4 multiple-vulnerabilities http://secunia.com/advisories/46111/ apache>=2.2<2.2.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348 apache<2.0.65 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607 apache>=2.2<2.2.21nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607 xenkernel41<4.1.2 denial-of-service http://secunia.com/advisories/46105/ caml-light<0.74nb2 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4119 moscow_ml<2.01nb1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4119 adobe-flash-plugin<10.3.183.10 multiple-vulnerabilities http://secunia.com/advisories/46113/ p5-Parallel-ForkManager<1.0.0 insecure-temp-files https://nvd.nist.gov/vuln/detail/CVE-2011-4115 ffmpeg<20111104.0.7.7 multiple-vulnerabilities http://secunia.com/advisories/46736/ gnutls<2.12.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4128 adobe-flash-plugin>=10.1<10.3.183.11 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-28.html adobe-flash-plugin>=11<11.1.102.55 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-28.html firefox<8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox8 thunderbird<8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird8 proftpd<1.3.3g remote-system-access http://bugs.proftpd.org/show_bug.cgi?id=3711 audacious-plugins<3.0.3 remote-system-access http://jira.atheme.org/browse/AUDPLUG-394 freetype2<2.4.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3439 suse{,32}_freetype2<12.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3439 python25-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages bind<9.6.3.1.ESV.5pl1 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-4313 bind>=9.7.0<9.7.4pl1 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-4313 bind>=9.8.0<9.8.1pl1 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-4313 nginx<1.0.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4315 dovecot>=2<2.0.16 ssl-cert-spoofing http://secunia.com/advisories/46886/ ruby1{8,9,93}-actionpack>=3<3.0.11 cross-site-scripting http://secunia.com/advisories/46877/ apache>=2.2.12<2.2.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348 gnash<0.8.10 insecure-temp-files http://secunia.com/advisories/46955/ ffmpeg<20111121.0.7.8 multiple-vulnerabilities http://secunia.com/advisories/46888/ namazu<2.0.21 cross-site-scripting http://secunia.com/advisories/46925/ ejabberd<2.1.9 denial-of-service http://secunia.com/advisories/46915/ apache>=2.0<2.2.21nb4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3639 apache<2.2.21nb5 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4317 lighttpd<1.4.29nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4362 mediawiki<1.17.1 remote-information-exposure http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-November/000104.html py{25,26,27,31}-clearsilver<0.10.5nb1 denial-of-service http://secunia.com/advisories/47016/ p5-Proc-ProcessTable<0.47 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4363 phpmyadmin<3.4.8 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2011-18.php p5-PAR<1.003 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4114 libarchive<2.8.4nb4 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1777 libarchive<2.8.4nb4 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1778 opera<11.60 denial-of-service http://www.securityfocus.com/bid/50421 chasen-base>=2.4<2.4.4nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4000 privoxy>=3.0.5<3.0.18 http-response-splitting http://www.securityfocus.com/bid/50768 moodle<1.9.15 multiple-vulnerabilities http://secunia.com/advisories/47076/ moodle>2.1<2.1.3 multiple-vulnerabilities http://secunia.com/advisories/47103/ moodle>2.0<2.0.6 multiple-vulnerabilities http://secunia.com/advisories/47103/ acroread9<9.4.7 remote-system-access http://www.adobe.com/support/security/advisories/apsa11-04.html firefox<31 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4688 isc-dhcpd<4.2.3p1 denial-of-service https://www.isc.org/software/dhcp/advisories/cve-2011-4539 jasper<1.900.1nb6 remote-system-access http://secunia.com/advisories/47175/ asterisk>=1.6<1.6.2.21 information-leak http://downloads.digium.com/pub/security/AST-2011-013.html asterisk>=1.8<1.8.7.2 information-leak http://downloads.digium.com/pub/security/AST-2011-013.html asterisk>=1.6.2<1.6.2.21 denial-of-service http://downloads.digium.com/pub/security/AST-2011-014.html asterisk>=1.8<1.8.7.2 denial-of-service http://downloads.digium.com/pub/security/AST-2011-014.html opera<11.60 multiple-vulnerabilities http://secunia.com/advisories/47077/ cacti<0.8.7i cross-site-scripting http://secunia.com/advisories/47195/ icu<4.8.1nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4599 typo3<4.5.9 remote-code-execution http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-004/ typo3>=4.6.0<4.6.2 remote-code-execution http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-004/ unbound<1.4.14 denial-of-service http://secunia.com/advisories/47220/ adobe-flash-plugin<11.1.102.62 remote-system-access http://secunia.com/advisories/47161/ tor<0.2.2.35 remote-system-access http://secunia.com/advisories/47276/ firefox<9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox9 thunderbird<9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird9 seamonkey<2.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.6 xulrunner192<1.9.2.23 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox7 xulrunner>=2<9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html opera-[0-9]* sensitive-information-exposure http://secunia.com/advisories/47128/ ipmitool=6<6.0.35 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html apache-tomcat>=7<7.0.23 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html maradns<1.4.09 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html mpack<1.6nb3 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4919 bugzilla>=2.0<3.4.13 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3668 bugzilla>=3.5.1<3.6.7 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3668 bugzilla>=3.7.1<4.0.3 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3668 bugzilla>=4.1.1<4.2rc1 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3668 bugzilla>=2.0<3.4.12 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3669 bugzilla>=3.5.1<3.6.7 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3669 bugzilla>=3.7.1<4.0.3 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3669 bugzilla>=4.1.1<4.2rc1 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3669 bugzilla>=2.17.1<3.4.13 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3657 bugzilla>=3.5.1<3.6.7 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3657 bugzilla>=3.7.1<4.0.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3657 bugzilla>=4.1.1<4.2rc1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3657 bugzilla>=2.23.3<3.4.13 unauthorized-account-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3667 bugzilla>=3.5.1<3.6.7 unauthorized-account-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3667 bugzilla>=3.7.1<4.0.3 unauthorized-account-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3667 bugzilla>=4.1.1<4.2rc1 unauthorized-account-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3667 wordpress<3.3.1 unauthorized-account-creation http://secunia.com/advisories/47371/ suse{,32}_base<11.3nb8 information-disclosure http://secunia.com/advisories/47432/ suse{,32}_base<11.3nb8 local-system-compromise http://secunia.com/advisories/47409/ spamdyke<4.2.1 plaintext-injection http://secunia.com/advisories/47435/ firefox<10.0.3 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0455 openssl<0.9.8s multiple-vulnerabilities http://secunia.com/advisories/47426/ suse113{,32}_openssl<11.3nb6 multiple-vulnerabilities http://secunia.com/advisories/47426/ ffmpeg<20120112.0.7.11 multiple-vulnerabilities http://secunia.com/advisories/47383/ openttd<1.1.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0048 gnutls>=3<3.0.11 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0390 mysql-client-5.0.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-server-5.0.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages wireshark<1.6.5 remote-user-shell http://www.wireshark.org/security/wnpa-sec-2012-01.html wireshark<1.6.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-02.html wireshark<1.6.5 remote-user-shell http://www.wireshark.org/security/wnpa-sec-2012-03.html emacs>=23<23.3bnb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0035 emacs-nox11>=23<23.3bnb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0035 emacs>=24<24.0.93 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0035 powerdns<2.9.22.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0206 ruby{18,19,193}-rack>=1.3<1.3.6 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html ruby{18,19,193}-rack>=1.2<1.2.5 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html ruby{18,19,193}-rack<1.1.3 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html mediawiki<1.17.2 sensitive-information-exposure http://secunia.com/advisories/47547/ isc-dhcpd<4.2.3p2 denial-of-service https://www.isc.org/software/dhcp/advisories/cve-2011-4868 apache<2.0.65 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031 apache>=2.2.0<2.2.21nb6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031 tahoe-lafs<1.9.1 remote-data-manipulation http://secunia.com/advisories/47506/ apache-tomcat>=6.0.30<6.0.34 remote-security-bypass http://secunia.com/advisories/47554/ moodle<2.1.4 remote-security-bypass http://secunia.com/advisories/47559/ moodle>=2.2<2.2.1 remote-security-bypass http://secunia.com/advisories/47559/ jenkins<1.424.2 denial-of-service https://www.cloudbees.com/jenkins-security-advisory-2012-01-12 ffmpeg<20120112.0.7.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3893 ffmpeg<20120112.0.7.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3895 php<5.3.9 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0057 spamdyke<4.3.0 remote-system-access http://secunia.com/advisories/47548/ openssl<0.9.8t denial-of-service http://www.openssl.org/news/secadv_20120118.txt asterisk>=1.8<1.8.8.2 denial-of-service http://downloads.digium.com/pub/security/AST-2012-001.html asterisk>=10.0<10.0.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-001.html php53-suhosin<5.3.9.0.9.33 buffer-overflow http://www.securityfocus.com/archive/1/521309 suse{,32}_qt4<11.3nb2 remote-system-access http://secunia.com/advisories/47645/ smokeping<2.6.7 cross-site-scripting http://secunia.com/advisories/47678/ qemu<1.0.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0029 qemu<1.3.0 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6075 curl<7.23.1nb1 sensitive-information-disclosure http://secunia.com/advisories/47690/ php5-suhosin<5.2.17.0.9.33 buffer-overflow http://secunia.com/advisories/47689/ php53-suhosin<5.3.9.0.9.33 buffer-overflow http://secunia.com/advisories/47689/ libvpx<1 unknown-impact http://blog.webmproject.org/2012/01/vp8-codec-sdk-duclair-released.html openssh<5.6 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0814 apache>=2.2.17<2.2.21nb7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0021 apache<2.0.65 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053 apache>=2.2.0<2.2.21nb7 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053 opera<11.61 multiple-vulnerabilities http://secunia.com/advisories/47686/ samba>=3.6.0<3.6.3 denial-of-service http://www.samba.org/samba/history/samba-3.6.3.html drupal>6<6.23 multiple-vulnerabilities http://drupal.org/node/1425084 drupal>7<7.11 multiple-vulnerabilities http://drupal.org/node/1425084 firefox<10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox10 thunderbird<10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird10 seamonkey<2.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.7 xulrunner192<1.9.2.26 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox10 xulrunner>=2<10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox10 php>=5.3.9<5.3.9nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0830 xentools33<3.3.2nb10 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0029 xentools41<4.1.2nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0029 xkeyboard-2.4 local-access http://gu1.aeroxteam.fr/2012/01/19/bypass-screensaver-locker-program-xorg-111-and-up/ sudo>=1.8.0<1.8.3p2 privilege-escalation http://www.sudo.ws/sudo/alerts/sudo_debug.html ffmpeg<20120919.0.10.5 multiple-vulnerabilities http://secunia.com/advisories/47765/ phpldapadmin<1.2.2nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0834 png>=1.5.4<1.5.7 multiple-vulnerabilities http://secunia.com/advisories/47827/ bugzilla>=3.5.1<3.6.8 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0440 bugzilla>=3.7.1<4.0.4 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0440 bugzilla>=4.1.1<4.2rc2 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0440 bugzilla>=2.0<3.4.14 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0448 bugzilla>=3.5.1<3.6.8 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0448 bugzilla>=3.7.1<4.0.4 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0448 bugzilla>=4.1<4.2rc2 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0448 ocaml<4.00.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0839 imp<4.3.11 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0791 horde<3.3.13 cross-site-scripting http://secunia.com/advisories/47904/ putty<0.62 sensitive-information-exposure http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/password-not-wiped.html base-[0-9]* sql-injection http://www.securityfocus.com/bid/51874/discuss apr<1.4.5nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0840 suse{,32}<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_alsa<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_aspell<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_base<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_compat<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_expat<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_fontconfig<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_freetype2<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_glx<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_gtk2<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_krb5<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libcups<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libcurl<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libdrm<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libjpeg<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libpng<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libsigc++2<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libtiff<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libxml2<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_locale<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openmotif<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openssl<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_qt4<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_slang<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_vmware<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_x11<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ImageMagick<6.7.5.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0247 ImageMagick<6.7.5.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0248 firefox>=10<10.0.1 arbitrary-code-execution http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox10.0.1 thunderbird>=10<10.0.1 arbitrary-code-execution http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird10.0.1 seamonkey>=2.7<2.7.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.7.1 firefox36<3.6.24 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.24 firefox36<3.6.26 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.26 netsurf<2.9 sensitive-information-exposure http://secunia.com/advisories/48021/ mysql-server<5.1.62 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0882 mysql-server>=5.5<5.5.22 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0882 mysql-server>=5.5<5.5.20 unknown-impact http://secunia.com/advisories/47586/ mysql-server>=5.1<5.1.61 unknown-impact http://secunia.com/advisories/47928/ python25<2.5.6nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0845 python26<2.6.7nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0845 python27<2.7.2nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0845 python31<3.1.4nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0845 libvorbis<1.3.2nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0444 sun-{jdk,jre}6<6.0.31 multiple-vulnerabilities http://secunia.com/advisories/48009/ openjdk7<1.7.3 multiple-vulnerabilities http://secunia.com/advisories/48009/ openjdk7-icedtea-plugin-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libpng<12.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026 png<1.5.8nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026 adobe-flash-plugin<11.1.102.62 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-03.html phpmyadmin<3.4.10.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1190 firefox>=4<10.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-11.html thunderbird<10.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-11.html seamonkey<2.7.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-11.html firefox36<3.6.27 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-11.html xulrunner>=2<10.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-11.html xulrunner192-[0-9]* arbitrary-code-execution http://secunia.com/advisories/48069/ jenkins-[0-9]* cross-site-scripting http://secunia.com/advisories/48056/ samba<3.0.37nb9 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0870 samba>=3.1<3.3.16nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0870 php{5,53,54,55}-tiki6-[0-9]* cross-site-scripting http://secunia.com/advisories/48102/ powerdns-recursor<3.5 spoofing-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1193 libxml2<2.7.8nb8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0841 csound5<5.16.6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0270 bugzilla>=4.0.2<4.0.5 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0453 bugzilla>=4.1.1<4.2 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0453 contao29<2.9.5nb6 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1297 contao210<2.10.4nb2 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1297 contao211<2.11.2nb1 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1297 dropbear<2012.55 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0920 ruby1{8,9,93}-activesupport>=3<3.0.11nb1 cross-site-scripting http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2012-1098 ruby1{8,9,93}-activesupport>=3.1.0<3.1.3nb2 cross-site-scripting http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2012-1098 ruby1{8,9,93}-actionpack>=3<3.0.11nb3 cross-site-scripting http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2012-1098 ruby1{8,9,93}-actionpack>=3.1.0<3.1.3nb1 cross-site-scripting http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2012-1098 postgresql83{,-server,-client}<8.3.18 multiple-vulnerabilities http://www.postgresql.org/about/news/1377/ postgresql84{,-server,-client}<8.4.11 multiple-vulnerabilities http://www.postgresql.org/about/news/1377/ postgresql90{,-server,-client}<9.0.7 multiple-vulnerabilities http://www.postgresql.org/about/news/1377/ postgresql91{,-server,-client}<9.1.3 multiple-vulnerabilities http://www.postgresql.org/about/news/1377/ openssl<0.9.8tnb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7250 p5-XML-Atom<0.39 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1102 taglib<1.7.1 denial-of-service http://secunia.com/advisories/48211/ adobe-flash-plugin>10<11.1.102.63 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-05.html adobe-flash-plugin<10.3.183.16 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-05.html mantis<1.2.9 multiple-vulnerabilities http://secunia.com/advisories/48258/ freetype2<2.4.9 multiple-vulnerabilities http://secunia.com/advisories/48268/ puppet-[0-9]* privilege-escalation http://puppetlabs.com/security/cve/CVE-2012-1053/ ruby1{8,9,93}-puppet<2.6.14 privilege-escalation http://puppetlabs.com/security/cve/CVE-2012-1053/ puppet-[0-9]* privilege-escalation http://puppetlabs.com/security/cve/CVE-2012-1054/ ruby1{8,9,93}-puppet<2.6.14 privilege-escalation http://puppetlabs.com/security/cve/CVE-2012-1054/ kadu>=0.9.0<0.11.0 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1410 jenkins<1.424.5 cross-site-scripting http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-03-05.cb py{24,25,26,27,31}-sqlalchemy<0.7.0 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0805 ruby{18,19,193}-rails-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby{18,19,193}-activesupport-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby{18,19,193}-activerecord-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby{18,19,193}-actionpack-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby{18,19,193}-actionmailer-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby{18,19,193}-activeresource-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby{18,19,193}-actionpack>3<3.0.12 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1099 ruby{18,19,193}-actionpack>3.1<3.1.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1099 p5-YAML-LibYAML<0.38nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1152 phpldapadmin<1.2.2nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1114 phpldapadmin<1.2.2nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1115 p5-DBD-postgresql<2.19.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1151 libxslt<1.1.26nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3970 openssl<0.9.8u man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0884 openssl<0.9.8u denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4619 openldap-server<2.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1164 python25-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150 python26<2.6.7nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150 python27<2.7.2nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150 python31<3.1.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150 gnash-[0-9]* remote-system-access http://secunia.com/advisories/47183/ firefox>=4<10.0.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox11 thunderbird>=4<10.0.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird11 seamonkey<2.8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.8 firefox36<3.6.28 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.28 xulrunner>=2<11 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-19.html xulrunner10>=2<10.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-19.html xulrunner192<1.9.2.28 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-19.html libpurple<2.10.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1178 pidgin<2.10.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4939 nginx<1.0.14 sensitive-information-exposure http://secunia.com/advisories/48366/ lshell<0.9.15 security-bypass http://secunia.com/advisories/48367/ lshell<0.9.15.1 security-bypass http://secunia.com/advisories/48424/ libgdata<0.11.1 man-in-the-middle-attack http://secunia.com/advisories/48315/ audacious-plugins<3.1 remote-system-access http://secunia.com/advisories/48439/ gif2png<2.5.8 remote-system-access http://secunia.com/advisories/48437/ quagga<0.99.20.1 multiple-vulnerabilities http://secunia.com/advisories/48388/ asterisk>=1.6<1.6.2.23 denial-of-service http://downloads.digium.com/pub/security/AST-2012-002.html asterisk>=1.8<1.8.10.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-002.html asterisk>=10.0<10.2.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-002.html asterisk>=1.8<1.8.10.1 arbitrary-code-execution http://downloads.digium.com/pub/security/AST-2012-003.html asterisk>=10.0<10.2.1 arbitrary-code-execution http://downloads.digium.com/pub/security/AST-2012-003.html moodle<2.1.5 multiple-vulnerabilities http://docs.moodle.org/dev/Moodle_2.1.5_release_notes#Security_issues maradns<2 remote-spoofing http://secunia.com/advisories/48492/ vlc08-[0-9]* remote-system-access http://secunia.com/advisories/48503/ vlc-1.* remote-system-access http://secunia.com/advisories/48503/ vlc>=2<2.0.1 remote-system-access http://secunia.com/advisories/48500/ libzip<0.10.1 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1162 libzip<0.10.1 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1163 inspircd<2.0.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1836 openoffice3{,-bin}-[0-9]* sensitive-information-exposure http://www.openoffice.org/security/cves/CVE-2012-0037.html libreoffice3-bin<3.4.6 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0037 gnutls<2.12.17 local-system-compromise http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1573 libtasn1<2.12 local-system-compromise http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1569 openjpeg<1.5 arbitrary-code-execution http://secunia.com/advisories/48498/ raptor-[0-9]* sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0037 raptor2<2.0.7 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0037 mediawiki<1.17.3 multiple-vulnerabilities http://secunia.com/advisories/48504/ suse{,32}_openssl<12.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2006-7250.html opera<11.62 multiple-vulnerabilities http://secunia.com/advisories/48535/ typo3<4.5.14 multiple-vulnerabilities https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001/ typo3>=4.6.0<4.6.7 multiple-vulnerabilities https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001/ nginx>=0.1.0<0.7.65 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 nginx>=0.8.0<0.8.22 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 wireshark<1.6.6 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-04.html wireshark<1.6.6 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-05.html wireshark<1.6.6 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-06.html wireshark<1.6.6 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-07.html file<5.11 heap-based-buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1571 suse{,32}_libpng<12.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2011-3045.html phppgadmin<5.0.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1600 png<1.5.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3048 adobe-flash-plugin>10<11.2.202.228 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-07.html adobe-flash-plugin<10.3.183.18 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-07.html expat<2.1.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0876 expat<2.1.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1147 expat<2.1.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1148 suse{,32}_libexpat<12.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2012-0876.html suse{,32}_libexpat<12.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2012-1147.html suse{,32}_libexpat<12.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2012-1148.html jdbc-postgresql80-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages jdbc-postgresql81-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages jdbc-postgresql82-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages csound5-[0-9]* remote-system-access http://secunia.com/advisories/48719/ csound5<5.16.7 remote-system-access http://secunia.com/advisories/48148/ rpm<4.9.1.3 remote-system-access http://secunia.com/advisories/48651/ tiff<4.0.1nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1173 suse{,32}_libtiff<12.1nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1173 ImageMagick<6.7.5.10nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1610 ImageMagick<6.7.5.10nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0259 ImageMagick<6.7.5.10nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0260 ImageMagick<6.7.5.10nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1798 ap{2,22}-fcgid>=2.3.6<2.3.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1181 slock<1.0 local-security-bypass http://secunia.com/advisories/48700/ gajim<0.15 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2085 gajim<0.15 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2086 mysql-server>=5.5<5.5.20 unknown-impact http://secunia.com/advisories/48744/ mysql-client>=5.5<5.5.20 unknown-impact http://secunia.com/advisories/48744/ ffmpeg<20120919.0.10.5 multiple-vulnerabilities http://secunia.com/advisories/48770/ flightgear-[0-9]* buffer-overflow http://secunia.com/advisories/48780/ acroread9<9.5.1 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-08.html samba<3.0.37nb10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182 samba>=3.3<3.3.16nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182 samba>=3.5<3.5.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182 samba>=3.6<3.6.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182 puppet-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/48743/ ruby1{8,9}-puppet<2.7.13 multiple-vulnerabilities http://secunia.com/advisories/48743/ suse{,32}_openssl<12.1nb2 denial-of-service http://support.novell.com/security/cve/CVE-2012-1165.html openssl<0.9.8u denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1165 openssl>=1.0<1.0.0h denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1165 links{,-gui}<2.6 local-system-compromise http://secunia.com/advisories/48689/ gcc<4.5 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gcc3-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gcc34-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gcc44-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_freetype2<12.1nb1 local-system-compromise http://secunia.com/advisories/48805/ gallery>=2.0<2.3.2 cross-site-scripting http://secunia.com/advisories/48767/ gallery>=3.0<3.0.3 cross-site-scripting http://secunia.com/advisories/48767/ suse{,32}_libpng<12.1nb2 local-system-compromise http://support.novell.com/security/cve/CVE-2011-3048.html openjpeg<1.5.0 arbitrary-code-execution http://secunia.com/advisories/48781/ phpmyadmin>=3.4.0<3.4.10.2 information-disclosure http://www.phpmyadmin.net/home_page/security/PMASA-2012-2.php mysql-server<5.0.95 unknown-impact http://dev.mysql.com/doc/refman/5.0/en/news-5-0-95.html mysql-client<5.0.95 unknown-impact http://dev.mysql.com/doc/refman/5.0/en/news-5-0-95.html mysql-server>=5.1<5.1.62 unknown-impact http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html mysql-client>=5.1<5.1.62 unknown-impact http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html mysql-server>=5.1<5.1.63 unknown-impact http://dev.mysql.com/doc/refman/5.1/en/news-5-1-63.html mysql-client>=5.1<5.1.63 unknown-impact http://dev.mysql.com/doc/refman/5.1/en/news-5-1-63.html mysql-server>=5.5<5.5.22 unknown-impact http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html mysql-client>=5.5<5.5.22 unknown-impact http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html mysql-server>=5.5<5.5.23 unknown-impact http://dev.mysql.com/doc/refman/5.5/en/news-5-5-23.html mysql-client>=5.5<5.5.23 unknown-impact http://dev.mysql.com/doc/refman/5.5/en/news-5-5-23.html mysql-server>=5.5<5.5.24 unknown-impact http://dev.mysql.com/doc/refman/5.5/en/news-5-5-24.html mysql-client>=5.5<5.5.24 unknown-impact http://dev.mysql.com/doc/refman/5.5/en/news-5-5-24.html gajim<0.15 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2093 typo3<4.5.15 cross-site-scripting https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-002/ typo3>=4.6.0<4.6.8 cross-site-scripting https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-002/ openssl<0.9.8v denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110 openssl>=1.0<1.0.0i denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110 openssl>=1.0.1<1.0.1a denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110 php{5,53}-owncloud<3.0.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2269 php{5,53}-owncloud<3.0.2 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2270 bugzilla>=2.17.4<3.6.9 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0465 bugzilla>=3.7.1<4.0.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0465 bugzilla>=4.1.1<4.2.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0465 bugzilla>=2.17.4<3.6.9 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0466 bugzilla>=3.7.1<4.0.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0466 bugzilla>=4.1.1<4.2.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0466 php{5,53}-owncloud<3.0.2 remote-security-bypass https://seclists.org/fulldisclosure/2012/Apr/223 ruby1{8,9,93}-rubygems<1.8.23 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2126 ruby19-base<1.9.2pl320 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2126 ruby193-base<1.9.3p194 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2126 mysql-server>=5.1<5.1.61 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0583 mysql-server>=5.5<5.5.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0583 mysql-server>=5.1<5.1.62 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1688 mysql-server>=5.5<5.5.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1688 mysql-server>=5.1<5.1.62 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1690 mysql-server>=5.5<5.5.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1690 mysql-server>=5.5<5.5.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1696 mysql-server>=5.5<5.5.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1697 mysql-server>=5.1<5.1.62 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1703 mysql-server>=5.5<5.5.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1703 apache>=2.0<2.2.22nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0883 apache>=2.4<2.4.2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0883 asterisk>=1.6<1.6.2.24 privilege-escalation http://downloads.digium.com/pub/security/AST-2012-004.html asterisk>=1.8<1.8.11.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2012-004.html asterisk>=10.0<10.3.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2012-004.html asterisk>=1.6<1.6.2.24 buffer-overrun http://downloads.digium.com/pub/security/AST-2012-005.html asterisk>=1.8<1.8.11.1 buffer-overrun http://downloads.digium.com/pub/security/AST-2012-005.html asterisk>=10.0<10.3.1 buffer-overrun http://downloads.digium.com/pub/security/AST-2012-005.html asterisk>=1.8<1.8.11.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-006.html asterisk>=10.0<10.3.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-006.html firefox36-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xulrunner192-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openssl<12.1nb3 man-in-the-middle-attack http://support.novell.com/security/cve/CVE-2012-0884.html wordpress<3.3.2 multiple-vulnerabilities http://secunia.com/advisories/48957/ firefox10<10.0.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.4 firefox<12 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox12 thunderbird10<10.0.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.4 thunderbird<12 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird12 seamonkey<2.9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.9 xulrunner<12 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-20.html xulrunner10<10.0.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-20.html openssl<0.9.8w denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2131 net-snmp<5.6.1.1nb3 denial-of-service http://secunia.com/advisories/48938/ ruby1{8,9,93}-mail<2.4.4 multiple-vulnerabilities http://secunia.com/advisories/48970/ python32<3.2.4 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2135 php{5,53,54,55}-concrete5<5.7.4.2 cross-site-scripting http://secunia.com/advisories/48997/ samba>=3.5<3.5.15 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111 samba>=3.6<3.6.5 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111 drupal>=7<7.13 multiple-vulnerabilities http://secunia.com/advisories/49012/ p5-Config-IniFiles<2.71 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2451 php<5.3.12nb1 sensitive-information-exposure http://secunia.com/advisories/49014/ libpurple<2.10.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2214 adobe-flash-plugin<10.3.183.19 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb12-09.html adobe-flash-plugin>=11<11.2.202.235 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb12-09.html php{5,53}-orangehrm<2.7 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1506 php{5,53}-orangehrm<2.7 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1507 opera<11.64 arbitrary-code-execution http://www.opera.com/support/kb/view/1016/ openssl<0.9.8x denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2333 drupal<6.27 information-disclosure http://secunia.com/advisories/49131/ drupal>=7.0<7.15 information-disclosure http://secunia.com/advisories/49131/ sympa<6.1.11 multiple-vulnerabilities http://secunia.com/advisories/49045/ pidgin-otr<3.2.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2369 socat<1.7.2.1 remote-system-access http://secunia.com/advisories/49105/ gdk-pixbuf2<2.26.1nb2 remote-system-access http://secunia.com/advisories/49125/ taglib<1.7.2 denial-of-service http://secunia.com/advisories/49159/ libxml2<2.7.8nb10 remote-system-access http://secunia.com/advisories/49177/ openoffice3{,-bin}<3.4 remote-system-access http://secunia.com/advisories/46992/ libreoffice3{,-bin}<3.5.3 remote-system-access http://secunia.com/advisories/47244/ sudo<1.7.9p1 local-security-bypass http://secunia.com/advisories/49219/ ikiwiki<3.20120516 cross-site-scripting http://secunia.com/advisories/49232/ moodle<2.1.6 multiple-vulnerabilities http://secunia.com/advisories/49233/ wireshark<1.6.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-08.html wireshark<1.6.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-09.html wireshark<1.6.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-10.html rt<3.8.12 multiple-vulnerabilities http://secunia.com/advisories/49259/ haproxy<1.4.21 arbitrary-code-execution http://secunia.com/advisories/49261/ py{25,26,27,31,32}-crypto<2.6 brute-force-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2417 apache-ant<1.8.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2098 py{25,26,27,31,32}-feedparser<5.1.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2921 xentools41<4.1.3nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2625 xentools41<4.1.3nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4544 asterisk>=1.8<1.8.12.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-007.html asterisk>=10.0<10.4.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-007.html asterisk>=1.8<1.8.12.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-008.html asterisk>=10.0<10.4.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-008.html qemu<1.1.0 local-security-bypass http://secunia.com/advisories/49283/ focal81<0nb1 uses-gets http://gnats.netbsd.org/46510 asterisk<1.8 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages postgresql84-pgcrypto<8.4.12 multiple-vulnerabilities http://www.postgresql.org/about/news/1397/ postgresql90-pgcrypto<9.0.8 multiple-vulnerabilities http://www.postgresql.org/about/news/1397/ postgresql91-pgcrypto<9.1.4 multiple-vulnerabilities http://www.postgresql.org/about/news/1397/ ups-nut<2.6.4 denial-of-service http://secunia.com/advisories/49348/ ruby{18,19,193}-activerecord>=3<3.0.13 sql-injection http://secunia.com/advisories/49297/ ruby{18,19,193}-activerecord>=3.1<3.1.5 sql-injection http://secunia.com/advisories/49297/ ruby{18,19,193}-activerecord>=3.2<3.2.4 sql-injection http://secunia.com/advisories/49297/ ruby{18,19,193}-actionpack>=3<3.0.13 sql-injection http://secunia.com/advisories/49297/ ruby{18,19,193}-actionpack>=3.1<3.1.5 sql-injection http://secunia.com/advisories/49297/ ruby{18,19,193}-actionpack>=3.2<3.2.4 sql-injection http://secunia.com/advisories/49297/ gimp>=2.6.11<2.8.0 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2763 bind>=9.6<9.6.3.1.ESV.7pl1 sensitive-information-exposure http://www.isc.org/software/bind/advisories/cve-2012-1667 bind>=9.7<9.7.6pl1 sensitive-information-exposure http://www.isc.org/software/bind/advisories/cve-2012-1667 bind>=9.8<9.8.3pl1 sensitive-information-exposure http://www.isc.org/software/bind/advisories/cve-2012-1667 bind>=9.9<9.9.1pl1 sensitive-information-exposure http://www.isc.org/software/bind/advisories/cve-2012-1667 mit-krb5<1.8.6nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1013 xulrunner<13 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-34.html xulrunner<13 privilege-escalation http://www.mozilla.org/security/announce/2012/mfsa2012-35.html xulrunner<13 cross-site-scripting http://www.mozilla.org/security/announce/2012/mfsa2012-36.html xulrunner<13 information-disclosure http://www.mozilla.org/security/announce/2012/mfsa2012-37.html xulrunner<13 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-38.html nss<3.13.5 denial-of-service http://www.mozilla.org/security/announce/2012/mfsa2012-39.html xulrunner<13 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-40.html xulrunner10<10.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-34.html xulrunner10<10.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2012/mfsa2012-36.html xulrunner10<10.0.5 information-disclosure http://www.mozilla.org/security/announce/2012/mfsa2012-37.html xulrunner10<10.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-38.html xulrunner10<10.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-40.html firefox10<10.0.5 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.5 firefox<13 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox13 thunderbird10<10.0.5 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.5 thunderbird<13 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird13 seamonkey<2.10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.10 quagga-[0-9]* denial-of-service http://secunia.com/advisories/49401/ adobe-flash-plugin<10.3.183.20 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-14.html adobe-flash-plugin>=11<11.2.202.236 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-14.html xenkernel33-[0-9]* privilege-escalation http://wiki.xen.org/wiki/Security_Announcements#XSA-7_64-bit_PV_guest_privilege_escalation_vulnerability xenkernel3-[0-9]* privilege-escalation http://wiki.xen.org/wiki/Security_Announcements#XSA-7_64-bit_PV_guest_privilege_escalation_vulnerability xenkernel41<4.1.2nb1 privilege-escalation http://wiki.xen.org/wiki/Security_Announcements#XSA-7_64-bit_PV_guest_privilege_escalation_vulnerability xenkernel33-[0-9]* denial-of-service http://wiki.xen.org/wiki/Security_Announcements#XSA-8_guest_denial_of_service_on_syscall.2Fsysenter_exception_generation xenkernel3-[0-9]* denial-of-service http://wiki.xen.org/wiki/Security_Announcements#XSA-8_guest_denial_of_service_on_syscall.2Fsysenter_exception_generation xenkernel41<4.1.2nb2 denial-of-service http://wiki.xen.org/wiki/Security_Announcements#XSA-8_guest_denial_of_service_on_syscall.2Fsysenter_exception_generation xenkernel33-[0-9]* denial-of-service http://wiki.xen.org/wiki/Security_Announcements#XSA-9_PV_guest_host_Denial_of_Service_.28AMD_erratum_.23121.29 xenkernel3-[0-9]* denial-of-service http://wiki.xen.org/wiki/Security_Announcements#XSA-9_PV_guest_host_Denial_of_Service_.28AMD_erratum_.23121.29 xenkernel41<4.1.2nb2 denial-of-service http://wiki.xen.org/wiki/Security_Announcements#XSA-9_PV_guest_host_Denial_of_Service_.28AMD_erratum_.23121.29 mantis<1.2.11 remote-security-bypass http://secunia.com/advisories/49414/ mysql-server>=5.1<5.1.63 multiple-vulnerabilities http://secunia.com/advisories/49409/ mysql-server>=5.5<5.5.25 multiple-vulnerabilities http://secunia.com/advisories/49409/ sun-{jdk,jre}6<6.0.33 multiple-vulnerabilities http://secunia.com/advisories/49472/ ruby{18,19,193}-activerecord>=3<3.0.14 sql-injection http://secunia.com/advisories/49457/ ruby{18,19,193}-activerecord>=3.1<3.1.6 sql-injection http://secunia.com/advisories/49457/ ruby{18,19,193}-activerecord>=3.2<3.2.6 sql-injection http://secunia.com/advisories/49457/ ruby{18,19,193}-actionpack>=3<3.0.14 sql-injection http://secunia.com/advisories/49457/ ruby{18,19,193}-actionpack>=3.1<3.1.6 sql-injection http://secunia.com/advisories/49457/ ruby{18,19,193}-actionpack>=3.2<3.2.6 sql-injection http://secunia.com/advisories/49457/ asterisk>=10.0<10.5.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-009.html contao211<2.11.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2012-4383 mediawiki<1.19.1 cross-site-scripting http://secunia.com/advisories/49484/ opera<12 multiple-vulnerabilities http://www.opera.com/docs/changelogs/unix/1200/ suse{,32}_libxml2<12.1nb2 remote-system-access http://support.novell.com/security/cve/CVE-2011-3102.html ioquake3<1.36.20200125 arbitrary-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3345 tiff<4.0.2 arbitrary-code-execution http://secunia.com/advisories/49493/ ap{2,22}-modsecurity{,2}<2.6.6 remote-security-bypass http://secunia.com/advisories/49576/ apache-roller<5.0.1 cross-site-scripting http://secunia.com/advisories/49593/ mini_httpd-[0-9]* escape-sequence-injection http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4490 thttpd-[0-9]* escape-sequence-injection http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4491 wordpress<3.4.1 multiple-vulnerabilities http://wordpress.org/news/2012/06/wordpress-3-4-1/ typo3<4.5.17 cross-site-scripting https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-003/ typo3>=4.6.0<4.6.10 cross-site-scripting https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-003/ typo3>=4.7.0<4.7.2 cross-site-scripting https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-003/ suse{,32}_libtiff<12.1nb2 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2012-2088.html suse{,32}_libtiff<12.1nb2 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2012-2113.html asterisk>=1.8<1.8.13.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-010.html asterisk>=10.0<10.5.2 denial-of-service http://downloads.digium.com/pub/security/AST-2012-010.html asterisk>=1.8<1.8.13.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-011.html asterisk>=10.0<10.5.2 denial-of-service http://downloads.digium.com/pub/security/AST-2012-011.html libpurple<2.10.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3374 at-spi2-atk<2.5.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3378 mono<2.10.9nb12 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3382 vlc<2.0.2 remote-system-access http://secunia.com/advisories/49835/ libreoffice3{,-bin}<3.4.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2713 openoffice3{,-bin}-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2713 ruby1{8,9}-puppet<2.7.18 multiple-vulnerabilities http://secunia.com/advisories/49863/ libexif<0.6.21 multiple-vulnerabilities http://secunia.com/advisories/49857/ bash>4.2<4.2nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3410 tcl-snack-[0-9]* remote-system-access http://secunia.com/advisories/49889/ openjpeg<1.5.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3358 moodle<2.1.7 multiple-vulnerabilities http://docs.moodle.org/dev/Moodle_2.1.7_release_notes firefox10<10.0.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.6 firefox<14 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox14 thunderbird10<10.0.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.6 thunderbird<14 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird14 seamonkey<2.11 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.11 xulrunner<14 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-42.html xulrunner10<10.0.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-42.html tiff<4.0.2nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3401 suse{,32}_libtiff<12.1nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2012-3401.html php<5.3.15 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3365 nsd<3.2.12 denial-of-service http://secunia.com/advisories/49795/ suse{,32}_gtk2<12.1nb2 remote-system-access http://secunia.com/advisories/49983/ wireshark<1.6.9 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-11.html wireshark<1.6.9 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-12.html contao211<2.11.5 information-leak https://github.com/contao/core/issues/4535 squidclamav<6.7 denial-of-service https://secunia.com/advisories/49057/ isc-dhcp<4.2.4p1 multiple-vulnerabilities https://secunia.com/advisories/50018/ bind>=9.6<9.6.3.1.ESV.7pl2 denial-of-service http://secunia.com/advisories/50020/ bind>=9.7<9.7.6pl2 denial-of-service http://secunia.com/advisories/50020/ bind>=9.8<9.8.3pl2nb1 denial-of-service http://secunia.com/advisories/50020/ bind>=9.9<9.9.1pl2 denial-of-service http://secunia.com/advisories/50020/ RTFM<2.4.4 cross-site-scripting http://secunia.com/advisories/50024/ bugzilla>=2.17.5<3.6.10 sensitive-information-exposure https://secunia.com/advisories/50040/ bugzilla>=3.7.1<4.0.7 sensitive-information-exposure https://secunia.com/advisories/50040/ bugzilla>=4.1.1<4.2.2 sensitive-information-exposure https://secunia.com/advisories/50040/ bugzilla>=4.3.1<4.3.2 sensitive-information-exposure https://secunia.com/advisories/50040/ ganglia-webfrontend>=3.1.7<3.5.1 remote-code-execution https://secunia.com/advisories/50047/ ruby{18,19,193}-actionpack>=3<3.0.16 denial-of-service https://secunia.com/advisories/48682/ ruby{18,19,193}-actionpack>=3.1<3.1.7 denial-of-service https://secunia.com/advisories/48682/ ruby{18,19,193}-actionpack>=3.2<3.2.7 denial-of-service https://secunia.com/advisories/48682/ Transmission<2.61 cross-site-scripting https://secunia.com/advisories/50027/ xenkernel33<3.3.2nb6 denial-of-service http://lists.xen.org/archives/html/xen-devel/2012-07/msg01649.html xenkernel41<4.1.2nb3 denial-of-service http://lists.xen.org/archives/html/xen-devel/2012-07/msg01649.html openttd<1.2.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3436 libxml2<2.8.0nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2807 suse{,32}_libxml2<12.1nb3 denial-of-service http://support.novell.com/security/cve/CVE-2012-2807.html ImageMagick<6.7.6.6nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3437 GraphicsMagick<1.3.16nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3438 openldap-client<2.4.32 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2668 py{25,26,27,31,32}-django<1.4.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3442 py{25,26,27,31,32}-django<1.4.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3443 py{25,26,27,31,32}-django<1.4.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3444 mit-krb5>=1.8<1.10.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1014 mit-krb5>=1.10<1.10.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1015 libvirt-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3445 suse{,32}_libjpeg<12.1nb1 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2012-2806.html icedtea-web<1.2.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3422 icedtea-web<1.2.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3423 suse{,32}_libpng<12.1nb3 denial-of-service http://support.novell.com/security/cve/CVE-2012-3425.html libreoffice3-bin<3.5.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2665 libreoffice<3.5.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2665 opera<12.01 arbitrary-code-execution http://www.opera.com/support/kb/view/1016/ opera<12.01 cross-site-scripting http://www.opera.com/support/kb/view/1025/ opera<12.01 cross-site-scripting http://www.opera.com/support/kb/view/1026/ opera<12.01 remote-code-execution http://www.opera.com/support/kb/view/1027/ ntop<5.0 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4165 openoffice3<3.4.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2665 openoffice3-bin<3.4.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2665 phpmyadmin>=3.5<3.5.2.1 information-disclosure http://www.phpmyadmin.net/home_page/security/PMASA-2012-3.php koffice<2.3.3 buffer-overflow http://secunia.com/advisories/50199/ gnome-screensaver>=3.4.2<3.4.4 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3452 emacs24{,-nox11}<24.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3479 emacs{,-nox11}>23.1<23.4nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3479 typo3<4.5.19 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-004/ typo3>=4.6.0<4.6.12 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-004/ typo3>=4.7.0<4.7.4 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-004/ adobe-flash-plugin<11.2.202.238 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb12-18.html php{5,53}-owncloud<4.0.6 multiple-vulnerabilities http://secunia.com/advisories/49894/ php{5,53}-owncloud<4.0.7 multiple-vulnerabilities http://secunia.com/advisories/50214/ acroread9-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/50290/ fetchmail<6.3.21nb1 multiple-vulnerabilities http://www.fetchmail.info/fetchmail-SA-2012-02.txt fetchmail<6.3.22 information-disclosure http://www.fetchmail.info/fetchmail-SA-2012-01.txt ruby{18,19,193}-rails<3.0.17 cross-site-scripting http://secunia.com/advisories/50128/ ruby{18,19,193}-rails>=3.1<3.1.8 cross-site-scripting http://secunia.com/advisories/50128/ ruby{18,19,193}-rails>=3.2<3.2.8 cross-site-scripting http://secunia.com/advisories/50128/ rssh<2.3.4 remote-security-bypass http://secunia.com/advisories/50272/ wireshark<1.6.10 multiple-vulnerabilities http://secunia.com/advisories/50276/ postgresql83-server<8.3.20 multiple-vulnerabilities http://www.postgresql.org/about/news/1407/ postgresql84-server<8.4.13 multiple-vulnerabilities http://www.postgresql.org/about/news/1407/ postgresql90-server<9.0.9 multiple-vulnerabilities http://www.postgresql.org/about/news/1407/ postgresql91-server<9.1.5 multiple-vulnerabilities http://www.postgresql.org/about/news/1407/ phpmyadmin>=3.4<3.5.2.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2012-4.php nss<3.13.4 denial-of-service http://secunia.com/advisories/49288/ xenkernel41<4.1.2nb4 denial-of-service http://lists.xen.org/archives/html/xen-devel/2012-08/msg00855.html gimp<2.8.0nb3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3481 gimp<2.8.2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3403 tinyproxy<1.8.3nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-3505 inn<2.5.3 remote-data-manipulation http://secunia.com/advisories/50320/ apache>=2.4<2.4.3 multiple-vulnerabilities http://httpd.apache.org/security/vulnerabilities_24.html#2.4.3 adobe-flash-plugin<11.2.202.238 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-19.html gnugk<3.1 unknown http://secunia.com/advisories/50343/ jabberd>=2<2.2.17 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3525 xetex<0.9998 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3702 firefox10<10.0.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.7 firefox<15 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox15 thunderbird10<10.0.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.7 thunderbird<15 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird15 seamonkey<2.12 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.12 xulrunner<15 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-57.html xulrunner10<10.0.7 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-57.html openjpeg<1.5.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3535 mono<2.10.9nb12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3543 asterisk>=1.8<1.8.15.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2012-012.html asterisk>=10.0<10.7.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2012-012.html asterisk>=1.8<1.8.15.1 unauthorized-access http://downloads.digium.com/pub/security/AST-2012-013.html asterisk>=10.0<10.7.1 unauthorized-access http://downloads.digium.com/pub/security/AST-2012-013.html opera<12.02 arbitrary-code-execution http://www.opera.com/support/kb/view/1028/ sun-{jdk,jre}6<6.0.35 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4681 mediawiki<1.19.2 multiple-vulnerabilities https://lists.wikimedia.org/pipermail/mediawiki-announce/2012-August/000119.html bugzilla>=2.12<3.6.10 information-disclosure http://secunia.com/advisories/50433/ bugzilla>=3.7.1<4.0.7 information-disclosure http://secunia.com/advisories/50433/ bugzilla>=4.1.1<4.2.2 information-disclosure http://secunia.com/advisories/50433/ bugzilla>=4.3.1<4.3.2 information-disclosure http://secunia.com/advisories/50433/ ffmpeg<20121028.1.0 multiple-vulnerabilities http://secunia.com/advisories/50468/ wireshark<1.6.10nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3548 wireshark>=1.8.0<1.8.2nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3548 py{25,26,27,31,32}-moin<1.9.5 remote-security-bypass http://secunia.com/advisories/50496/ openjdk7{,-bin}<1.7.8 multiple-vulnerabilities http://secunia.com/advisories/50133/ php{53,54}-concrete5<5.6.0 multiple-vulnerabilities http://secunia.com/advisories/50001/ xenkernel41<4.1.3 denial-of-service http://lists.xen.org/archives/html/xen-announce/2012-09/msg00000.html xenkernel41<4.1.3 denial-of-service http://lists.xen.org/archives/html/xen-announce/2012-09/msg00001.html xenkernel41<4.1.3 denial-of-service http://lists.xen.org/archives/html/xen-announce/2012-09/msg00002.html xenkernel41<4.1.3 denial-of-service http://lists.xen.org/archives/html/xen-announce/2012-09/msg00005.html xenkernel41<4.1.3 privilege-escalation http://lists.xen.org/archives/html/xen-announce/2012-09/msg00003.html qemu<1.2.0 privilege-escalation http://secunia.com/advisories/50461/ php{53,54}-tiki6>=8<8.5 unknown-impact http://secunia.com/advisories/50488/ mcrypt<2.6.8nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4409 webmin<1.600 multiple-vulnerabilities http://secunia.com/advisories/50512/ xenkernel41<4.1.3 privilege-escalation http://lists.xen.org/archives/html/xen-announce/2012-09/msg00008.html wordpress<3.4.2 remote-security-bypass http://wordpress.org/news/2012/09/wordpress-3-4-2/ freeradius>=2<2.1.12nb4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3547 openslp<1.2.1nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4428 tor<0.2.2.39 denial-of-service http://secunia.com/advisories/50578/ vino-[0-9]* information-disclosure http://secunia.com/advisories/50527/ isc-dhcp<4.2.4p2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3955 bacula<5.2.11 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2012-4430 apache>=2.2<2.2.23 multiple-vulnerabilities http://www.apache.org/dist/httpd/Announcement2.2.html bind>=9.6<9.6.3.1.ESV.7pl3 denial-of-service https://kb.isc.org/article/AA-00778 bind>=9.7<9.7.6pl3 denial-of-service https://kb.isc.org/article/AA-00778 bind>=9.8<9.8.3pl3 denial-of-service https://kb.isc.org/article/AA-00778 bind>=9.9<9.9.1pl3 denial-of-service https://kb.isc.org/article/AA-00778 dbus>=1.5<1.6.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3524 xmlrpc-c-ss>=1.26<1.32 denial-of-service http://secunia.com/advisories/50648/ moodle<2.1.8 multiple-vulnerabilities http://secunia.com/advisories/50588/ optipng<0.7.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4432 jenkins<1.466.2 multiple-vulnerabilities http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb gnupg<1.4.12 remote-spoofing http://secunia.com/advisories/50639/ gnupg2<2.0.19 remote-spoofing http://secunia.com/advisories/50639/ wordpress<3.5 cross-site-scripting http://secunia.com/advisories/50715/ ghostscript<8.71nb10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4405 ap{2,22}-rpaf<0.6 denial-of-service http://secunia.com/advisories/50400/ libxslt<1.1.27 multiple-vulnerabilities http://secunia.com/advisories/50864/ wireshark<1.8.3 multiple-vulnerabilities http://secunia.com/advisories/50843/ apache-tomcat-5.5.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages firefox10<10.0.8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.8 firefox<16 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox16 thunderbird10<10.0.8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.8 thunderbird<16 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird16 seamonkey<2.13 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.13 xulrunner<16 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-74.html xulrunner10<10.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-74.html bind>=9.6<9.6.3.1.ESV.7pl4 denial-of-service https://www.isc.org/software/bind/advisories/cve-2012-5166 bind>=9.7<9.7.7 denial-of-service https://www.isc.org/software/bind/advisories/cve-2012-5166 bind>=9.8<9.8.4 denial-of-service https://www.isc.org/software/bind/advisories/cve-2012-5166 bind>=9.9<9.9.2 denial-of-service https://www.isc.org/software/bind/advisories/cve-2012-5166 thunderbird10<10.0.9 security-bypass http://www.mozilla.org/security/announce/2012/mfsa2012-89.html firefox10<10.0.9 security-bypass http://www.mozilla.org/security/announce/2012/mfsa2012-89.html firefox<16.0.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox16.0.1 thunderbird<16.0.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird16.0.1 seamonkey<2.13.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.13.1 xulrunner<16.0.1 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-88.html adobe-flash-plugin<10.3.183.20 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-22.html adobe-flash-plugin>=11<11.2.202.243 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-22.html phpmyadmin>=3.5<3.5.3 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2012-6.php phpmyadmin>=3.5<3.5.3 man-in-the-middle-attack http://www.phpmyadmin.net/home_page/security/PMASA-2012-7.php xlockmore-lite>=5.0<5.38nb2 local-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4524 xlockmore-lite>=5.39<5.41 local-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4524 xlockmore>=5.0<5.38nb7 local-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4524 xlockmore>=5.39<5.41 local-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4524 awstats<7.1 cross-site-scripting http://awstats.sourceforge.net/docs/awstats_changelog.txt sun-{jdk,jre}6<6.0.36 multiple-vulnerabilities http://secunia.com/advisories/50949/ drupal>=7.0<7.16 multiple-vulnerabilities http://drupal.org/node/1815912 ruby18-base<1.8.7.370nb2 security-bypass http://www.ruby-lang.org/en/news/2012/10/12/cve-2012-4464-cve-2012-4466/ ruby193-base<1.9.3p286 security-bypass http://www.ruby-lang.org/en/news/2012/10/12/cve-2012-4464-cve-2012-4466/ ffmpeg<20121028.1.0 multiple-vulnerabilities http://secunia.com/advisories/50963/ ap{2,22}-modsecurity{,2}<2.7.0 remote-security-bypass http://secunia.com/advisories/49853/ openjdk7{,-bin}<1.7.8 multiple-vulnerabilities http://secunia.com/advisories/51029/ py{25,26,27,31,32}-django<1.4.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4520 tiff<4.0.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4447 tiff<4.0.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3401 tiff<4.0.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5581 suse{,32}_libtiff<12.1nb3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4447 viewvc<1.1.16 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4533 exim<4.80.1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5671 php{53,54}-tiki6<6.8 remote-system-access https://secunia.com/advisories/51067/ rt<3.8.15 multiple-vulnerabilities https://secunia.com/advisories/51062/ firefox<16.0.2 cross-site-scripting https://www.mozilla.org/security/announce/2012/mfsa2012-90.html firefox10<10.0.10 cross-site-scripting https://www.mozilla.org/security/announce/2012/mfsa2012-90.html seamonkey<2.13.2 cross-site-scripting https://www.mozilla.org/security/announce/2012/mfsa2012-90.html thunderbird<16.0.2 cross-site-scripting https://www.mozilla.org/security/announce/2012/mfsa2012-90.html thunderbird10<10.0.10 cross-site-scripting https://www.mozilla.org/security/announce/2012/mfsa2012-90.html RTFM<2.4.5 security-bypass https://secunia.com/advisories/51062/ webkit-gtk<1.8.3 multiple-vulnerabilities https://secunia.com/advisories/51070/ kdelibs4<4.10.2 multiple-vulnerabilities https://secunia.com/advisories/51097/ suse{,32}_gtk2<12.1nb4 multiple-vulnerabilities https://secunia.com/advisories/51170/ tiff<4.0.3nb1 buffer-overflow https://secunia.com/advisories/51133/ pgbouncer<1.5.3 denial-of-service https://secunia.com/advisories/51128/ mysql-server>=5.1<5.1.66 multiple-vulnerabilities http://secunia.com/advisories/51008/ mysql-server>=5.5<5.5.28 multiple-vulnerabilities http://secunia.com/advisories/51008/ libproxy<0.3.1nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4505 libproxy<0.3.1nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5580 wbm-passwd<1.605 cross-site-scripting https://secunia.com/advisories/51201/ typo3<4.5.21 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-005/ typo3>=4.6.0<4.6.14 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-005/ typo3>=4.7.0<4.7.6 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-005/ ruby193-base<1.9.3p327 security-bypass http://www.ruby-lang.org/en/news/2012/11/09/ruby19-hashdos-cve-2012-5371/ opera<12.10 multiple-vulnerabilities http://secunia.com/advisories/51183/ adobe-flash-plugin<10.3.183.43 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-22.html adobe-flash-plugin>=11<11.2.202.251 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-22.html apache-tomcat<5.5.36 multiple-vulnerabilities http://secunia.com/advisories/51138/ apache-tomcat>=6<6.0.36 multiple-vulnerabilities http://secunia.com/advisories/51138/ apache-tomcat>=7<7.0.30 multiple-vulnerabilities http://secunia.com/advisories/51138/ gegl<0.2.0nb7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4433 icedtea-web<1.2.2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4540 weechat<0.3.9.1 remote-system-access http://secunia.com/advisories/51231/ gajim<0.15.3 remote-spoofing http://secunia.com/advisories/51209/ roundup<1.4.20 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2012-6130 roundup<1.4.20 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2012-6131 roundup<1.4.20 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2012-6132 roundup<1.4.20 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2012-6133 xenkernel3-[0-9]* denial-of-service http://secunia.com/advisories/51200/ xenkernel33-[0-9]* denial-of-service http://secunia.com/advisories/51200/ xenkernel41<4.1.3nb1 denial-of-service http://secunia.com/advisories/51200/ xmlrpc-c-ss<1.16.42 unknown-impact http://xmlrpc-c.sourceforge.net/change_super_stable.html moodle<2.1.9 multiple-vulnerabilities http://secunia.com/advisories/51243/ openvas-server<3.0.4 remote-system-access http://secunia.com/advisories/49128/ mantis<1.2.12 sensitive-information-exposure http://secunia.com/advisories/51300/ weechat<0.3.9.2 remote-system-access http://secunia.com/advisories/51294/ horde<4.0.9 cross-site-scripting http://secunia.com/advisories/51233/ kronolith<3.0.18 cross-site-scripting http://secunia.com/advisories/51233/ firefox10<10.0.11 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.11 firefox<17 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox17 thunderbird10<10.0.11 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.11 thunderbird<17 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17 seamonkey<2.14 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.14 xulrunner<17 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-91.html xulrunner10<10.0.11 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-91.html opera<12.11 multiple-vulnerabilities http://secunia.com/advisories/51331/ lighttpd-1.4.31 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5533 php{53,54}-owncloud<4.5.2 multiple-vulnerabilities http://secunia.com/advisories/51357/ jenkins<1.480.1 multiple-vulnerabilities https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20 tor<0.2.3.25 denial-of-service http://secunia.com/advisories/51329/ libssh<0.53 multiple-vulnerabilities http://www.libssh.org/2012/11/20/libssh-0-5-3-security-release/ rssh<2.3.4 remote-security-bypass http://secunia.com/advisories/51343/ mediawiki<1.19.3 multiple-vulnerabilities http://secunia.com/advisories/51424/ wireshark<1.8.4 multiple-vulnerabilities http://secunia.com/advisories/51422/ dovecot>=2<2.1.11 denial-of-service http://secunia.com/advisories/51455/ mysql-server>=5.1<5.1.67 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5611 mysql-server>=5.5<5.5.29 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5611 mysql-server>=5.5<5.5.29 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5612 mysql-server>=5.1<5.5 valid-account-enumeration http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615 mysql-server>=5.5<5.6 valid-account-enumeration http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615 bind>=9.8<9.8.4pl1 denial-of-service https://kb.isc.org/article/AA-00828 bind>=9.9<9.9.2pl1 denial-of-service https://kb.isc.org/article/AA-00828 opera<12.12 multiple-vulnerabilities http://secunia.com/advisories/51462/ apache-tomcat>=7.0<7.0.31 multiple-vulnerabilities http://secunia.com/advisories/51425/ apache-tomcat>=6.0<6.0.35 multiple-vulnerabilities http://secunia.com/advisories/51425/ p5-Locale-Maketext<1.23 arbitrary-code-execution http://secunia.com/advisories/51498/ perl<5.14.2nb6 arbitrary-code-execution http://secunia.com/advisories/51498/ perl>=5.16.1<5.16.2nb1 arbitrary-code-execution http://secunia.com/advisories/51498/ bogofilter<1.2.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5468 xenkernel3-[0-9]* denial-of-service http://secunia.com/advisories/51397/ xenkernel33-[0-9]* denial-of-service http://secunia.com/advisories/51397/ xenkernel41<4.1.3nb2 denial-of-service http://secunia.com/advisories/51397/ gimp<2.8.2nb7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5576 mupdf<1.1 remote-system-access https://nvd.nist.gov/vuln/detail/CVE-2012-5340 adobe-flash-plugin<10.3.183.48 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-27.html adobe-flash-plugin>=11<11.2.202.258 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-27.html ffmpeg<20121209.1.0.1nb1 remote-system-access http://secunia.com/advisories/51464/ libxml2<2.9.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5134 suse{,32}_libxml2<12.1nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5134 squid<2.7.9nb5 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2012_1.txt squid>=3.1<3.1.23 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2012_1.txt drupal<6.27 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5651 drupal<6.27 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5652 drupal<6.27 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5653 drupal>=7.0<7.18 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5651 drupal>=7.0<7.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5653 isearch<1.47.01nb1 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2012-5663 nagios-base<3.4.4 arbitrary-code-execution http://secunia.com/advisories/51537/ tiff<4.0.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5581 qt4-libs<4.8.4 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5624 horde-3.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages imp-4.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages turba-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ingo-1.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages kronolith-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php{53,54,55}-tiki6<6.9 remote-system-access http://secunia.com/advisories/51650/ php{53,54}-owncloud<4.5.5 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5665 php{53,54}-owncloud<4.5.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5666 grep<2.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5667 freetype2<2.4.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5668 freetype2<2.4.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5669 freetype2<2.4.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5670 elinks>0.11<0.12rc6 remote-security-bypass http://bugzilla.elinks.cz/show_bug.cgi?id=1124 vlc<2.0.5 buffer-overflow http://secunia.com/advisories/51692/ gnupg<1.4.13 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6085 asterisk>=1.8<1.8.19.1 stack-overflow http://downloads.digium.com/pub/security/AST-2012-014.html asterisk>=10.0<10.11.1 stack-overflow http://downloads.digium.com/pub/security/AST-2012-014.html asterisk>=11.0<11.1.2 stack-overflow http://downloads.digium.com/pub/security/AST-2012-014.html asterisk>=1.8<1.8.19.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-015.html asterisk>=10.0<10.11.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-015.html asterisk>=11.0<11.1.2 denial-of-service http://downloads.digium.com/pub/security/AST-2012-015.html py{26,27}-moin<1.9.6 multiple-vulnerabilities http://secunia.com/advisories/51663/ swi-prolog<6.2.5 buffer-overflow http://secunia.com/advisories/51709/ rpm>=4.10.0<4.10.2 security-bypass http://secunia.com/advisories/51706/ ruby{18,19,193}-activerecord>3.0<3.0.18 sql-injection http://secunia.com/advisories/51697/ ruby{18,19,193}-activerecord>3.1<3.1.9 sql-injection http://secunia.com/advisories/51697/ ruby{18,19,193}-activerecord>3.2<3.2.10 sql-injection http://secunia.com/advisories/51697/ ruby{18,19,193}-activerecord>3.0<3.0.19 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155 ruby{18,19,193}-activerecord>3.1<3.1.10 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155 ruby{18,19,193}-activerecord>3.2<3.2.11 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155 ruby{18,19,193}-actionpack>=3<3.0.19 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155 ruby{18,19,193}-actionpack>=3.1<3.1.10 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155 ruby{18,19,193}-actionpack>=3.2<3.2.11 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155 ruby{18,19,193}-activesupport>=3<3.0.19 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0156 ruby{18,19,193}-activesupport>=3.1<3.1.10 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0156 ruby{18,19,193}-activesupport>=3.2<3.2.11 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0156 php{53,54}-concrete5<5.6.0.2nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5181 proftpd<1.3.4c privilege-elevation http://bugs.proftpd.org/show_bug.cgi?id=3841 jenkins<1.480.2 multiple-vulnerabilities http://secunia.com/advisories/51712/ nginx<1.7.0 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4968 firefox10<10.0.12 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.12 firefox<18 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox18 thunderbird10<10.0.12 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.12 thunderbird<17.0.2 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.2 seamonkey<2.15 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.15 xulrunner<18 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-01.html xulrunner10<10.0.12 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-01.html adobe-flash-plugin<10.3.183.50 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-01.html adobe-flash-plugin>=11<11.2.202.261 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-01.html freeradius<2.2.0 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4966 sun-{jdk,jre}7<7.0.11 remote-system-access http://secunia.com/advisories/51820/ xenkernel41<4.1.4 denial-of-service http://secunia.com/advisories/51734/ ettercap<0.7.5.2 remote-system-access http://secunia.com/advisories/51731/ ettercap-NG<0.7.5.2 remote-system-access http://secunia.com/advisories/51731/ acroread9<9.5.3 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-02.html gnupg2<2.0.19nb2 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6085 couchdb<1.2.1 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5649 couchdb<1.2.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5650 drupal<6.28 multiple-vulnerabilities http://drupal.org/SA-CORE-2013-001 drupal>=7.0<7.19 multiple-vulnerabilities http://drupal.org/SA-CORE-2013-001 ruby{18,193}-rack<1.2.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6109 ruby{18,193}-rack>=1.3<1.3.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6109 ruby{18,193}-rack>=1.4<1.4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6109 ruby{18,193}-rack<1.2.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0183 ruby{18,193}-rack>=1.3<1.3.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0183 ruby{18,193}-rack>=1.4<1.4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0183 ruby{18,193}-rack<1.2.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0184 ruby{18,193}-rack>=1.3<1.3.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0184 ruby{18,193}-rack>=1.4<1.4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0184 mysql-server>=5.1<5.1.67 multiple-vulnerabilities http://secunia.com/advisories/51894/ mysql-server>=5.5<5.5.29 multiple-vulnerabilities http://secunia.com/advisories/51894/ xentools41<4.1.4nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6075 atheme-[0-9]* denial-of-service http://secunia.com/advisories/51852/ mantis<1.2.13 cross-site-scripting http://secunia.com/advisories/51853/ moodle<2.3.4 multiple-vulnerabilities http://secunia.com/advisories/51842/ php{53,54}-owncloud<4.5.6 multiple-vulnerabilities http://secunia.com/advisories/51872/ suse{,32}_qt4<12.1nb1 man-in-the-middle-attack http://support.novell.com/security/cve/CVE-2012-4929.html suse{,32}_qt4<12.1nb1 remote-information-disclosure http://support.novell.com/security/cve/CVE-2012-5624.html suse{,32}_freetype2<12.1nb2 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2012-5668.html suse{,32}_freetype2<12.1nb2 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2012-5669.html py{25,26,27,31,32}-django-cms<2.3.5 script-insertion http://secunia.com/advisories/51953/ wordpress<3.5.1 multiple-vulnerabilities http://secunia.com/advisories/51967/ bind>=9.8<9.8.4pl1 denial-of-service https://kb.isc.org/article/AA-00855 bind>=9.9<9.9.2pl1nb2 denial-of-service https://kb.isc.org/article/AA-00855 ruby{18,19,193}-activesupport>=3<3.0.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0333 ruby{18,19,193}-activemodel>=3<3.0.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0333 ffmpeg>=20121018.1.0.0<20130121.1.0.2 multiple-vulnerabilities http://secunia.com/advisories/51964/ ffmpeg>=20130128.1.1.0<20130120.1.1.1 multiple-vulnerabilities http://secunia.com/advisories/51975/ libupnp<1.6.18 buffer-overflow http://secunia.com/advisories/51949/ libssh<0.54 null-dereference http://www.libssh.org/2013/01/22/libssh-0-5-4-security-release/ libvirt<1.0.2 arbitrary-code-execution http://secunia.com/advisories/52003/ wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-01.html wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-02.html wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-03.html wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-04.html wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-05.html wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-06.html wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-07.html wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-08.html wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-09.html opera<12.13 multiple-vulnerabilities http://secunia.com/advisories/52005/ vlc<2.0.5nb2 buffer-overflow http://secunia.com/advisories/51995/ ircd-hybrid<7.2.3nb6 denial-of-service http://secunia.com/advisories/51948/ latd>=1.25<1.31 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0251 samba<3.5.21 clickjacking http://www.samba.org/samba/security/CVE-2013-0213 samba>=3.6<3.6.12 clickjacking http://www.samba.org/samba/security/CVE-2013-0213 samba<3.5.21 cross-site-scripting http://www.samba.org/samba/security/CVE-2013-0214 samba>=3.6<3.6.12 cross-site-scripting http://www.samba.org/samba/security/CVE-2013-0214 miniupnpd<1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0229 samba<3.5 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages sun-{jdk,jre}6<6.0.39 multiple-vulnerabilities http://secunia.com/advisories/52064/ sun-{jdk,jre}7<7.0.13 multiple-vulnerabilities http://secunia.com/advisories/52064/ ruby193-base<1.9.3p385 cross-site-scripting http://www.ruby-lang.org/en/news/2013/02/06/rdoc-xss-cve-2013-0256/ ruby{18,19,193}-rdoc<3.12.1 cross-site-scripting http://www.ruby-lang.org/en/news/2013/02/06/rdoc-xss-cve-2013-0256/ ruby19-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools41<4.1.4nb4 denial-of-service http://secunia.com/advisories/52055/ xenkernel33-[0-9]* denial-of-service http://secunia.com/advisories/51881/ xenkernel41<4.1.3nb2 denial-of-service http://secunia.com/advisories/51881/ openssl<0.9.8y multiple-vulnerabilities http://www.openssl.org/news/secadv_20130205.txt openssl>=1.0.0<1.0.1d multiple-vulnerabilities http://www.openssl.org/news/secadv_20130205.txt qt4-libs<4.8.5 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0254 curl>=7.26.0<7.28.1nb3 remote-system-access http://secunia.com/advisories/52103/ openssl-1.0.1d{,nb1} data-corruption http://www.mail-archive.com/openssl-dev@openssl.org/msg32009.html ruby{18,193}-rack<1.2.8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0263 ruby{18,193}-rack>=1.3<1.3.10 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0263 ruby{18,193}-rack>=1.4<1.4.5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0263 ruby{18,193}-rack>=1.4<1.4.5 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0262 roundcube<0.8.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6121 postgresql83-server<8.3.23 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255 postgresql84-server<8.4.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255 postgresql90-server<9.0.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255 postgresql91-server<9.1.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255 postgresql92-server<9.2.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255 polarssl<1.2.5 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169 gnutls<3.0.28 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1619 ffmpeg<20130206.1.1.2 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0862 ffmpeg<20130206.1.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0863 ffmpeg<20130206.1.1.2 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0864 ffmpeg<20130206.1.1.2 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0865 ffmpeg<20130206.1.1.2 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0866 ffmpeg<20130206.1.1.2 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0867 ffmpeg<20130206.1.1.2 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0868 ffmpeg<20130206.1.1.2 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0869 ffmpeg010<0.10.7 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0868 ruby1{8,93}-puppet<2.7.1 multiple-vulnerabilities http://secunia.com/advisories/52127/ adobe-flash-plugin<10.3.183.51 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-04.html adobe-flash-plugin>=11<11.2.202.262 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-04.html ruby{18,193}-activerecord<3.1.11 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0276 ruby{18,193}-activerecord>3.2<3.2.12 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0276 ruby{18,193}-rails<3.1.0 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0277 ruby{18,193}-json<1.7.7 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0269 ruby{18,193}-json-pure<1.7.7 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0269 ruby193-base<1.9.3p385nb2 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0269 ganglia-webfrontend-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0275 adobe-flash-plugin<10.3.183.61 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-05.html adobe-flash-plugin>=11<11.2.202.270 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-05.html libpurple<2.10.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0271 libpurple<2.10.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0272 libpurple<2.10.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0273 libpurple<2.10.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0274 openjdk7{,-bin}<1.7.12 multiple-vulnerabilities http://secunia.com/advisories/52154/ sun-{jdk,jre}6-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages jenkins<1.480.3 multiple-vulnerabilities http://secunia.com/advisories/52236/ lighttpd<1.4.30 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929 lighttpd<1.4.30 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 firefox10-[0-9]* multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html firefox17<17.0.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.3 firefox<19 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox19 thunderbird10-[0-9]* multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html thunderbird<17.0.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.3 seamonkey<2.16 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.16 xulrunner10-[0-9]* arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-21.html xulrunner17<17.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-21.html xulrunner<19 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-21.html firefox10-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages thunderbird10-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xulrunner10-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages dbus-glib<0.100.1 privilege-escalation http://secunia.com/advisories/52225/ sun-{jdk,jre}6<6.0.41 multiple-vulnerabilities http://secunia.com/advisories/52257/ sun-{jdk,jre}7<7.0.15 multiple-vulnerabilities http://secunia.com/advisories/52257/ py{25,26,27,31,32}-django<1.4.4 multiple-vulnerabilities http://secunia.com/advisories/52243/ ruby193-base<1.9.3p392 denial-of-service http://www.ruby-lang.org/en/news/2013/02/22/rexml-dos-2013-02-22/ drupal>=7.0<7.20 denial-of-service http://drupal.org/SA-CORE-2013-002 geeklog<1.8.2.1 cross-site-scripting http://www.geeklog.net/article.php/geeklog-1.8.2sr1 acroread9<9.5.4 remote-system-access http://www.adobe.com/support/security/advisories/apsa13-02.html php{53,54}-owncloud<4.5.7 multiple-vulnerabilities http://secunia.com/advisories/52303/ hplip{,3}<3.11.10 multiple-vulnerabilities http://secunia.com/advisories/42956/ openjdk7{,-bin}<1.7.13 multiple-vulnerabilities http://secunia.com/advisories/52257/ php{53,54}-piwigo<2.4.7 cross-site-request-forgery http://secunia.com/advisories/52228/ bugzilla>=2.0<3.6.13 multiple-vulnerabilities http://secunia.com/advisories/52254/ bugzilla>=3.7.1<4.0.10 multiple-vulnerabilities http://secunia.com/advisories/52254/ bugzilla>=4.1.1<4.2.5 multiple-vulnerabilities http://secunia.com/advisories/52254/ bugzilla>=4.3.1<4.4rc2 multiple-vulnerabilities http://secunia.com/advisories/52254/ suse{,32}_openssl<12.1nb4 multiple-vulnerabilities http://secunia.com/advisories/52292/ apache-maven<3.0.5 man-in-the-middle-attack http://secunia.com/advisories/52381/ mit-krb5>=1.6.3<1.10.3nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1415 mit-krb5>=1.6.3<1.10.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1016 scmgit-base<1.8.1.4 man-in-the-middle-attack http://secunia.com/advisories/52361/ apache>=2.2<2.2.24 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499 apache>=2.2<2.2.24 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558 apache>=2.4.0<2.4.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499 apache>=2.4.0<2.4.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558 sudo<1.7.10p6 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1776 poppler<0.22.1 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1788 poppler<0.22.1 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1789 poppler<0.22.1 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1790 adobe-flash-plugin<10.3.183.67 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-08.html adobe-flash-plugin>=11<11.2.202.273 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-08.html libxml2<2.9.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0338 libxml2<2.9.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0339 openafs<1.6.2 multiple-vulnerabilities https://www.openafs.org/security/OPENAFS-SA-2013-001.txt openafs<1.6.2 denial-of-service https://www.openafs.org/security/OPENAFS-SA-2013-002.txt sun-{jdk,jre}6<6.0.43 multiple-vulnerabilities http://secunia.com/advisories/52451/ sun-{jdk,jre}7<7.0.17 multiple-vulnerabilities http://secunia.com/advisories/52451/ ffmpeg<20130223.1.1.3 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0872 ffmpeg<20130223.1.1.3 double-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0873 ffmpeg<20130223.1.1.3 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0874 ffmpeg<20130223.1.1.3 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0875 ffmpeg<20130223.1.1.3 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0876 ffmpeg<20130223.1.1.3 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0877 ffmpeg<20130223.1.1.3 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0878 ffmpeg<20130223.1.1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2276 ffmpeg<20130223.1.1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2277 ruby{18,193}-extlib<0.9.16 remote-system-access http://secunia.com/advisories/52440/ stunnel<4.55 multiple-vulnerabilities http://secunia.com/advisories/52460/ perl<5.16.2nb4 denial-of-service http://secunia.com/advisories/52472/ mediawiki<1.20.3 multiple-vulnerabilities http://secunia.com/advisories/52485/ typo3<4.5.24 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-001/ typo3>=4.6.0<4.6.17 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-001/ typo3>=4.7.0<4.7.9 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-001/ php53-soap<5.3.22 sensitive-information-exposure http://secunia.com/advisories/52377/ php54-soap<5.4.12 sensitive-information-exposure http://secunia.com/advisories/52377/ icu<50.1.1 unknown-impact http://secunia.com/advisories/52511/ suse{,32}_qt4<12.1nb3 local-security-bypass http://support.novell.com/security/cve/CVE-2013-0254.html openjdk7{,-bin}<1.7.16 multiple-vulnerabilities http://secunia.com/advisories/52490/ wireshark<1.8.6 denial-of-service http://secunia.com/advisories/52471/ firefox17<17.0.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.4 firefox<19.0.2 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox19.0.2 thunderbird<17.0.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.4 seamonkey<2.16.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.16.1 webkit-gtk<2.1.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0912 webkit-gtk3<2.1.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0912 adobe-flash-plugin<10.3.183.68 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb13-09.html adobe-flash-plugin>=11<11.2.202.275 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb13-09.html ffmpeg<20130315.1.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2495 ffmpeg<20130315.1.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2496 ffmpeg010<20150312.0.10.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2495 ffmpeg010<20150312.0.10.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2496 ruby1{8,9,93}-puppet<3.1.1 remote-code-execution http://puppetlabs.com/security/cve/CVE-2013-1640/ ruby1{8,9,93}-puppet<3.1.1 insufficient-input-validation http://puppetlabs.com/security/cve/CVE-2013-1652/ ruby1{8,9,93}-puppet<3.1.1 remote-code-execution http://puppetlabs.com/security/cve/CVE-2013-1653/ ruby1{8,9,93}-puppet<3.1.1 weak-cryptography http://puppetlabs.com/security/cve/CVE-2013-1654/ ruby193-puppet<3.1.1 remote-code-execution http://puppetlabs.com/security/cve/CVE-2013-1655/ ruby1{8,9,93}-puppet<2.6.18 remote-code-execution http://puppetlabs.com/security/cve/CVE-2013-2274/ ruby1{8,9,93}-puppet<3.1.1 remote-security-bypass http://puppetlabs.com/security/cve/CVE-2013-2275/ squid>=3.2<3.3.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1839 php{53,54}-owncloud<4.5.8 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1851 clamav<0.97.7 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2013-7088 clamav<0.97.7 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2013-7087 clamav<0.97.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2013-7089 ptlib<2.10.10 denial-of-service http://secunia.com/advisories/52659/ mysql-server>=5.1<5.1.70 denial-of-service http://secunia.com/advisories/52639/ mysql-server>=5.5<5.5.32 denial-of-service http://secunia.com/advisories/52639/ mysql-server>=5.6<5.6.12 denial-of-service http://secunia.com/advisories/52639/ ruby{18,19,193}-ruby-activerecord<3.2.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1854 ruby{18,19,193}-ruby-actionpack<3.2.13 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1855 ruby{18,19,193}-ruby-activesupport<3.2.13 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1856 ruby{18,19,193}-ruby-actionpack<3.2.13 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1857 djvulibre-lib<3.5.25.3 remote-code-execution http://secunia.com/advisories/52697/ ptlib<2.10.10 denial-of-service http://secunia.com/advisories/52659/ ganglia-webfrontend-[0-9]* cross-site-scripting http://secunia.com/advisories/52673/ py{25,26,27,31,32}-pip<1.3 insecure-temp-files http://secunia.com/advisories/52674/ x3270<3.3.12ga12 man-in-the-middle-attack http://secunia.com/advisories/52650/ mysql-client>=5.1<5.1.65 multiple-vulnerabilities http://secunia.com/advisories/52445/ mysql-server>=5.1<5.1.65 multiple-vulnerabilities http://secunia.com/advisories/52445/ mysql-client>=5.1<5.1.65 sensitive-information-exposure http://secunia.com/advisories/52669/ mysql-server>=5.1<5.1.65 sensitive-information-exposure http://secunia.com/advisories/52669/ tnftpd<20130322 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0418 se<3.0.1 local-command-inject http://se-editor.org/security/SE-SA-2013-001.txt asterisk>=11.0<11.2.2 buffer-overflow http://downloads.digium.com/pub/security/AST-2013-001.html asterisk>=1.8<1.8.20.2 denial-of-service http://downloads.digium.com/pub/security/AST-2013-002.html asterisk>=10.0<10.12.2 denial-of-service http://downloads.digium.com/pub/security/AST-2013-002.html asterisk>=11.0<11.2.2 denial-of-service http://downloads.digium.com/pub/security/AST-2013-002.html asterisk>=1.8<1.8.20.2 information-disclosure http://downloads.digium.com/pub/security/AST-2013-003.html asterisk>=10.0<10.12.2 information-disclosure http://downloads.digium.com/pub/security/AST-2013-003.html asterisk>=11.0<11.2.2 information-disclosure http://downloads.digium.com/pub/security/AST-2013-003.html moodle>=2.3<2.3.5 multiple-vulnerabilities http://secunia.com/advisories/52691/ moodle>=2.4<2.4.2 multiple-vulnerabilities http://secunia.com/advisories/52691/ libxslt<1.1.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6139 roundcube<0.8.6 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1904 bind>=9.7<9.7.7nb5 denial-of-service https://kb.isc.org/article/AA-00871 bind>=9.8<9.8.4pl2 denial-of-service https://kb.isc.org/article/AA-00871 bind>=9.9<9.9.2pl2 denial-of-service https://kb.isc.org/article/AA-00871 pixman<0.28.2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1591 ap{2,22}-modsecurity{,2}<2.7.3 sensitive-information-exposure http://secunia.com/advisories/52847/ firefox17<17.0.5 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.5 firefox<20 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox20 thunderbird<17.0.5 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.5 seamonkey<2.17 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.17 xulrunner17<17.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-30.html xulrunner<20 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-30.html samba>=3.6<3.6.5 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0454 postgresql83-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages postgresql84-server<8.4.17 multiple-vulnerabilities http://www.postgresql.org/about/news/1456/ postgresql90-server<9.0.13 multiple-vulnerabilities http://www.postgresql.org/about/news/1456/ postgresql91-server<9.1.9 multiple-vulnerabilities http://www.postgresql.org/about/news/1456/ postgresql92-server<9.2.4 multiple-vulnerabilities http://www.postgresql.org/about/news/1456/ opera<12.15 multiple-vulnerabilities http://secunia.com/advisories/52859/ haproxy<1.4.23 denial-of-service http://secunia.com/advisories/52725/ php{53,54}-owncloud<5.0.1 multiple-vulnerabilities http://secunia.com/advisories/52833/ mantis<1.2.15 cross-site-scripting http://secunia.com/advisories/52843/ mantis<1.2.14 cross-site-scripting http://secunia.com/advisories/52883/ xenkernel33-[0-9]* privilege-escalation http://secunia.com/advisories/52857/ xenkernel41<4.1.4nb2 privilege-escalation http://secunia.com/advisories/52857/ ap{2,22}-subversion<1.7.9 denial-of-service http://secunia.com/advisories/52966/ adobe-flash-plugin<10.3.183.75 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb13-11.html adobe-flash-plugin>=11<11.2.202.280 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb13-11.html php{53,54}-owncloud<5.0.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1942 php{53,54}-owncloud<5.0.4 weak-password-generator http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1941 php{53,54}-owncloud<5.0.4 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1939 curl<7.30 remote-information-disclosure http://secunia.com/advisories/53051/ suse{,32}_libcurl<12.1nb1 remote-information-disclosure http://support.novell.com/security/cve/CVE-2013-1944.html mediawiki<1.20.4 multiple-vulnerabilities http://secunia.com/advisories/53054/ qemu<1.4.1 local-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1922 mit-krb5<1.10.4nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1416 xenkernel41<4.1.4nb2 denial-of-service http://lists.xen.org/archives/html/xen-announce/2013-04/msg00005.html xenkernel41<4.1.4nb2 denial-of-service http://lists.xen.org/archives/html/xen-announce/2013-04/msg00006.html libxml2<2.9.0nb3 multiple-vulnerabilities http://secunia.com/advisories/53061/ suse{,32}_libxml2<12.1nb6 multiple-vulnerabilities http://support.novell.com/security/cve/CVE-2013-1969.html sun-{jdk,jre}6<6.0.45 multiple-vulnerabilities http://secunia.com/advisories/53008/ sun-{jdk,jre}7<7.0.21 multiple-vulnerabilities http://secunia.com/advisories/53008/ icedtea-web<1.2.3 multiple-vulnerabilities http://secunia.com/advisories/53109/ mysql-server>=5.1<5.1.69 multiple-vulnerabilities http://secunia.com/advisories/53022/ mysql-server>=5.5<5.5.31 multiple-vulnerabilities http://secunia.com/advisories/53022/ mysql-server>=5.6<5.6.11 multiple-vulnerabilities http://secunia.com/advisories/53022/ php{53,54}-owncloud<5.0.5 multiple-vulnerabilities http://secunia.com/advisories/53118/ libxmp<4.1.0 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1980 tinc<1.0.21 remote-system-access http://secunia.com/advisories/53108/ phpmyadmin<3.5.8 remote-system-access http://www.phpmyadmin.net/home_page/security/PMASA-2013-3.php phpmyadmin<3.5.8.1 remote-system-access http://www.phpmyadmin.net/home_page/security/PMASA-2013-2.php clamav<0.97.8 multiple-vulnerabilities http://secunia.com/advisories/53150/ mediawiki<1.20.5 multiple-vulnerabilities http://secunia.com/advisories/53284/ memcached<1.4.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4971 jenkins<1.509.1 multiple-vulnerabilities http://secunia.com/advisories/53286/ jenkins<1.514 multiple-vulnerabilities http://secunia.com/advisories/53286/ xenkernel41<4.1.6.1 denial-of-service http://secunia.com/advisories/53187/ nginx>=1.3.9<1.4.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2028 abcmidi<20130430 arbitrary-code-execution http://secunia.com/advisories/53318/ qemu<1.4.2 data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2007 telepathy-idle<0.1.16 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6746 mit-krb5<1.10.4nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2443 mit-krb5>=1.10.5<1.10.5nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2443 firefox17<17.0.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.6 firefox<21 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox21 thunderbird<17.0.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.6 xulrunner17<17.0.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-41.html xulrunner<21 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-41.html tiff<4.0.3nb3 multiple-vulnerabilities http://secunia.com/advisories/53237/ xenkernel41<4.1.6.1 denial-of-service http://secunia.com/advisories/53312/ apache-tomcat>=7<7.0.33 session-hijack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2067 apache-tomcat>=6<6.0.37 session-hijack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2067 apache-tomcat>=6<6.0.37 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544 adobe-flash-plugin<10.3.183.86 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-14.html adobe-flash-plugin>=11<11.2.202.280 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-14.html php{53,54}-owncloud<5.0.6 multiple-vulnerabilities http://secunia.com/advisories/53392/ ruby193-base<1.9.3p429 local-security-bypass http://secunia.com/advisories/53432/ acroread9<9.5.5 multiple-vulnerabilities https://www.adobe.com/support/security/bulletins/apsb13-15.html libvirt>1.0.0 denial-of-service http://secunia.com/advisories/53440/ wireshark<1.8.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2486 wireshark<1.8.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2487 wireshark<1.8.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2488 moodle<2.4.4 multiple-vulnerabilities http://secunia.com/advisories/52522/ dovecot>=2<2.2.2 denial-of-service http://secunia.com/advisories/53492/ suse{,32}_libtiff<12.1nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2013-1960.html suse{,32}_libtiff<12.1nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2013-1961.html xentools41<4.1.6.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2072 xentools42<4.2.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2072 rt<3.8.17 multiple-vulnerabilities http://secunia.com/advisories/53522/ rt>=4<4.0.13 multiple-vulnerabilities http://secunia.com/advisories/53522/ transifex-client<0.9 ssl-certificate-spoofing http://secunia.com/advisories/53413/ xf86-video-openchrome<0.3.3 buffer-overflow http://secunia.com/advisories/53424/ MesaLib<7.11.2nb3 multiple-vulnerabilities http://secunia.com/advisories/53558/ libXinerama<1.1.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1985 libXtst<1.2.2 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXxf86vm<1.1.3 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXvmc<1.0.8 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXxf86dga<1.1.4 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXext<1.3.2 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXfixes<5.0.1 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXp<1.0.2 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libFS<1.0.5 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXrender<0.9.8 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXrandr<1.4.1 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXt<1.1.4 multiple-vulnerabilities http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXres<1.0.7 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXv<1.0.8 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXcursor<1.1.14 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libxcb<1.9.1 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libX11<1.5.99.902 multiple-vulnerabilities http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libraw<0.15.2 remote-system-access http://secunia.com/advisories/53547/ ap{2,22}-modsecurity{,2}<2.7.4 denial-of-service http://secunia.com/advisories/53535/ apache<2.0.65 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862 apache>=2.2<2.2.24nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862 gnutls>=2.12.23<3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2116 telepathy-gabble<0.16.6 remote-security-bypass http://www.secunia.com/advisories/53626/ subversion-base<1.7.10 denial-of-service http://subversion.apache.org/security/CVE-2013-2112-advisory.txt subversion16-base<1.6.23 denial-of-service http://subversion.apache.org/security/CVE-2013-2112-advisory.txt subversion-base<1.7.10 denial-of-service http://subversion.apache.org/security/CVE-2013-1968-advisory.txt subversion16-base<1.6.23 denial-of-service http://subversion.apache.org/security/CVE-2013-1968-advisory.txt bind>=9.6.3.1.ESV.9<9.6.3.1.ESV.9pl1 denial-of-service https://kb.isc.org/article/AA-00967 bind>=9.8.5<9.8.5pl1 denial-of-service https://kb.isc.org/article/AA-00967 bind>=9.9.3<9.9.3pl1 denial-of-service https://kb.isc.org/article/AA-00967 suse{,32}<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_alsa<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_aspell<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_base<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_compat<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_expat<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_fontconfig<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_freetype2<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_glx<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_gtk2<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_krb5<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libcups<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libcurl<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libdrm<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libjpeg<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libpng<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libsigc++2<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libtiff<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libxml2<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_locale<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openmotif<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openssl<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_qt4<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_slang<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_x11<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php{53,54}-owncloud<5.0.7 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2149 php{53,54}-owncloud<5.0.7 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2150 php>=5.3<5.3.26 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2110 php>=5.4<5.4.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2110 MesaLib<10 memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1872 xenkernel41<4.1.6.1 multiple-vulnerabilities http://secunia.com/advisories/53591/ xenkernel42<4.2.3 multiple-vulnerabilities http://secunia.com/advisories/53591/ wireshark<1.8.8 multiple-vulnerabilities http://secunia.com/advisories/53762/ adobe-flash-plugin<10.3.183.90 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-16.html adobe-flash-plugin>=11<11.2.202.280 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-16.html wordpress<3.5.2 denial-of-service http://secunia.com/advisories/53676/ xenkernel20-[0-9]* privilege-escalation http://secunia.com/advisories/53686/ xenkernel3-[0-9]* privilege-escalation http://secunia.com/advisories/53686/ xenkernel33-[0-9]* privilege-escalation http://secunia.com/advisories/53686/ xenkernel41<4.1.6.1 privilege-escalation http://secunia.com/advisories/53686/ xenkernel42<4.2.3 privilege-escalation http://secunia.com/advisories/53686/ ffmpeg<20130510-1.2.1 multiple-vulnerabilities http://secunia.com/advisories/53825/ dbus<1.6.12 denial-of-service http://secunia.com/advisories/53317/ haproxy<1.4.24 denial-of-service http://secunia.com/advisories/53803/ firefox17<17.0.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.7 firefox<22 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox22 thunderbird<17.0.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.7 xulrunner17<17.0.7 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-49.html xulrunner<22 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-49.html acroread9-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xml-security-c<1.7.1 remote-spoofing http://santuario.apache.org/secadv.data/CVE-2013-2153.txt xml-security-c<1.7.1 arbitrary-code-execution http://santuario.apache.org/secadv.data/CVE-2013-2154.txt xml-security-c<1.7.1 denial-of-service http://santuario.apache.org/secadv.data/CVE-2013-2155.txt xml-security-c<1.7.1 arbitrary-code-execution http://santuario.apache.org/secadv.data/CVE-2013-2156.txt ffmpeg1<1.2.12 multiple-vulnerabilities http://secunia.com/advisories/53766/ ffmpeg010<20150312.0.10.16 multiple-vulnerabilities http://secunia.com/advisories/53766/ #ffmpeg2 not affected by http://secunia.com/advisories/53766/ sun-{jdk,jre}6<6.0.51 multiple-vulnerabilities http://secunia.com/advisories/53846/ sun-{jdk,jre}7<7.0.25 multiple-vulnerabilities http://secunia.com/advisories/53846/ openjdk7{,-bin}<1.7.25 multiple-vulnerabilities http://secunia.com/advisories/53846/ vlc<2.0.7 multiple-vulnerabilities http://www.videolan.org/vlc/releases/2.0.7.html xentools41<4.1.6.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2211 xentools42<4.2.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2211 curl>=7.7<7.30.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2174 xml-security-c<1.7.2 arbitrary-code-execution http://santuario.apache.org/secadv.data/CVE-2013-2210.txt xenkernel41<4.1.6.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1432 xenkernel42<4.2.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1432 ruby18-base<1.8.7.374 remote-spoofing http://www.ruby-lang.org/en/news/2013/06/27/hostname-check-bypassing-vulnerability-in-openssl-client-cve-2013-4073/ ruby193-base<1.9.3p448 remote-spoofing http://www.ruby-lang.org/en/news/2013/06/27/hostname-check-bypassing-vulnerability-in-openssl-client-cve-2013-4073/ ruby18-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gallery-1.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gallery<3.0.8 cross-site-scripting http://secunia.com/advisories/53664/ gallery<3.0.9 unknown http://secunia.com/advisories/53964/ libzrtpcpp<3.2.0 multiple-vulnerabilities http://secunia.com/advisories/53818/ ruby1{8,9,93}-puppet<3.2.2 remote-system-access http://puppetlabs.com/security/cve/CVE-2013-3567/ libvirt<1.1.0 denial-of-service http://secunia.com/advisories/53969/ salt<0.15.1 multiple-vulnerabilities http://secunia.com/advisories/53958/ libXi<1.7.2 multiple-vulnerabilities http://www.debian.org/security/2013/dsa-2683 mantis<1.2.15 multiple-vulnerabilities http://www.mantisbt.org/blog/?p=249 quagga<0.99.22.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2236 suse{,32}_libcurl<13.1 remote-system-access http://support.novell.com/security/cve/CVE-2013-2174.html libkdcraw-[0-9]* remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2126 suse{,32}_x11<13.1 remote-system-access http://support.novell.com/security/cve/CVE-2013-2062.html suse{,32}_x11<13.1 remote-system-access http://support.novell.com/security/cve/CVE-2013-1981.html suse{,32}_x11<13.1 remote-system-access http://support.novell.com/security/cve/CVE-2013-1997.html suse{,32}_x11<13.1 remote-system-access http://support.novell.com/security/cve/CVE-2013-2004.html ffmpeg1<1.2.12 multiple-vulnerabilities http://secunia.com/advisories/54044/ ffmpeg010<20150312.0.10.16 multiple-vulnerabilities http://secunia.com/advisories/54044/ #ffmpeg2 not affected by http://secunia.com/advisories/54044/ subversion16{,-base}-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages adove-flash-plugin-10.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages adobe-flash-plugin>=11<11.2.202.297 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-17.html vlc<2.0.8 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3245 libxml2>2.8.0<2.9.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2877 squid<3.3.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4115 php<5.3.27 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4113 nagstamon<0.9.10 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4114 squid<3.3.8 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2013_3.txt apache<2.2.25 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1896 apache-ant<1.9.2 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1571 ffmpeg1<1.2.12 multiple-vulnerabilities http://secunia.com/advisories/54164/ ffmpeg010<20150312.0.10.16 multiple-vulnerabilities http://secunia.com/advisories/54164/ ffmpeg2<2.1 multiple-vulnerabilities http://secunia.com/advisories/54164/ moodle<2.5.1 multiple-vulnerabilities http://secunia.com/advisories/54130/ cyrus-saslauthd<2.1.26nb2 denial-of-service http://secunia.com/advisories/54098/ php{53,54,55}-tiki6<6.12 multiple-vulnerabilities http://secunia.com/advisories/54149/ openoffice3-[0-9]* remote-system-access http://secunia.com/advisories/54133/ openoffice3-bin-[0-9]* remote-system-access http://secunia.com/advisories/54133/ openafs<1.6.5 sensitive-information-exposure http://www.openafs.org/pages/security/OPENAFS-SA-2013-004.txt openafs>=1.7<1.7.26 sensitive-information-exposure http://www.openafs.org/pages/security/OPENAFS-SA-2013-004.txt xenkernel33-[0-9]* denial-of-service http://secunia.com/advisories/53797/ xenkernel41-[0-9]* denial-of-service http://secunia.com/advisories/53797/ xenkernel42<4.2.4 denial-of-service http://secunia.com/advisories/53797/ libvirt-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/54169/ apache>=2.4<2.4.6 multiple-vulnerabilities http://secunia.com/advisories/54241/ php>=5.4<5.4.17nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4113 icedtea-web<1.5prenb3 multiple-vulnerabilities http://secunia.com/advisories/53846/ minidlna<1.1.0 sql-injection http://secunia.com/advisories/54127/ wireshark<1.8.9 multiple-vulnerabilities http://secunia.com/advisories/54296/ wireshark>=1.9<1.10.1 multiple-vulnerabilities http://secunia.com/advisories/54296/ phpmyadmin<3.5.8.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-9.php phpmyadmin>=4<4.0.4.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-9.php phpmyadmin>=4<4.0.4.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-13.php phpmyadmin<=3.5.8.2 sql-injection http://www.phpmyadmin.net/home_page/security/PMASA-2013-15.php phpmyadmin>=4<4.0.4.2 sql-injection http://www.phpmyadmin.net/home_page/security/PMASA-2013-15.php bind>=9.8<9.8.5pl2 denial-of-service https://kb.isc.org/article/AA-01016 bind>=9.9<9.9.3pl2 denial-of-service https://kb.isc.org/article/AA-01016 py{26,27,32,33}-django<1.6 sensitive-information-exposure http://secunia.com/advisories/54197/ gnupg<1.4.14 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4242 libgcrypt<1.5.3 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4242 typo3<4.5.29 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-002/ typo3>=4.7<4.7.14 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-002/ typo3>=6.0<6.0.8 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-002/ typo3>=6.1<6.1.3 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-002/ libvirt-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4153 libvirt-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4154 apache-2.0.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages samba<3.5.22 denial-of-service http://www.samba.org/samba/security/CVE-2013-4124 samba>3.6<3.6.17 denial-of-service http://www.samba.org/samba/security/CVE-2013-4124 putty<0.62nb10 heap-overflow http://secunia.com/advisories/54354/ php{53,54}-owncloud<5.0.8 cross-site-scripting http://secunia.com/advisories/54357/ firefox<23 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox23 firefox17<17.0.8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.8 thunderbird<17.0.8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.8 seamonkey<2.20 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.20 xulrunner17<17.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-63.html xulrunner<23 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-63.html cacti<0.8.8b sql-injection http://secunia.com/advisories/54386/ filezilla<3.7.2 multiple-vulnerabilities http://secunia.com/advisories/54415/ libmodplug<0.8.8.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4233 libmodplug<0.8.8.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4234 vlc<2.0.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4233 vlc<2.0.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4234 vlc<2.0.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4388 chrony<1.29 multiple-vulnerabilities http://secunia.com/advisories/54385/ polarssl<1.2.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4623 dovecot>=2<2.2.5 denial-of-service http://secunia.com/advisories/54438/ libvirt-[0-9]* denial-of-service http://secunia.com/advisories/54400/ python26<2.6.8nb4 ssl-certificate-spoofing http://secunia.com/advisories/54393/ python27<2.7.5nb1 ssl-certificate-spoofing http://secunia.com/advisories/54393/ python32-[0-9]* ssl-certificate-spoofing http://secunia.com/advisories/54393/ python33<3.3.3 ssl-certificate-spoofing http://secunia.com/advisories/54393/ php>=5.3<5.3.27nb2 ssl-certificate-spoofing http://secunia.com/advisories/54480/ php>=5.4<5.4.17nb1 ssl-certificate-spoofing http://secunia.com/advisories/54480/ php>=5.5<5.5.1nb1 ssl-certificate-spoofing http://secunia.com/advisories/54480/ ruby193-puppet<3.2.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4761 phpmyadmin<4.0.5 clickjacking-attack http://www.phpmyadmin.net/home_page/security/PMASA-2013-10.php py{26,27,32,33}-django>=1.5<1.5.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4249 py{26,27,32,33}-django<1.4.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4249 xenkernel33-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-59.html xenkernel41-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-59.html xenkernel42<4.2.5 denial-of-service http://xenbits.xenproject.org/xsa/advisory-59.html ffmpeg1<1.2.12 denial-of-service http://secunia.com/advisories/54389/ ffmpeg010<20150312.0.10.16 denial-of-service http://secunia.com/advisories/54389/ ffmpeg2<2.1 denial-of-service http://secunia.com/advisories/54389/ py{26,27,32,33}-graphite-web<0.9.11 remote-system-access http://secunia.com/advisories/54556/ ffmpeg2<2.0.1 denial-of-service http://secunia.com/advisories/54541/ ruby1{8,9,93}-puppet<3.2.4 multiple-vulnerabilities http://secunia.com/advisories/54623/ cacti<0.8.8b multiple-vulnerabilities http://secunia.com/advisories/54531/ asterisk>=1.8.17<1.8.23.1 denial-of-service http://downloads.digium.com/pub/security/AST-2013-004.html asterisk>=11.0<11.5.1 denial-of-service http://downloads.digium.com/pub/security/AST-2013-004.html asterisk>=1.8<1.8.23.1 denial-of-service http://downloads.digium.com/pub/security/AST-2013-005.html asterisk>=10.0<10.12.3 information-disclosure http://downloads.digium.com/pub/security/AST-2013-005.html asterisk>=11.0<11.5.1 denial-of-service http://downloads.digium.com/pub/security/AST-2013-005.html roundcube<0.9.3 cross-site-scripting http://secunia.com/advisories/54536/ tiff<4.0.3nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4231 tiff<4.0.3nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4232 tiff<4.0.3nb6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4243 ImageMagick<6.7.8.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4298 mediawiki<1.21.2 multiple-vulnerabilities http://secunia.com/advisories/54715/ mediawiki<1.21.2 remote-security-bypass http://secunia.com/advisories/54723/ ansible<1.2.3 symlink-attack http://secunia.com/advisories/54686/ typo3>=6.0<6.0.9 remote-security-bypass http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-003/ typo3>=6.1<6.1.4 remote-security-bypass http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-003/ py{26,27,32,33}-OpenSSL<0.13.1 information-disclosure http://secunia.com/advisories/54691/ moodle<2.5.2 multiple-vulnerabilities http://secunia.com/advisories/54693/ wireshark<1.10.2 multiple-vulnerabilities http://secunia.com/advisories/54765/ adobe-flash-plugin<11.2.202.310 system-compromise http://www.adobe.com/support/security/bulletins/apsb13-21.html wordpress<3.6.1 multiple-vulnerabilities http://secunia.com/advisories/54803/ py{26,27,32,33}-django>=1.5<1.5.3 sensitive-information-disclosure http://secunia.com/advisories/54772/ py{26,27,32,33}-django<1.4.7 sensitive-information-disclosure http://secunia.com/advisories/54772/ xentools41<4.1.6.1 denial-of-service http://secunia.com/advisories/54593/ xentools42<4.2.3 denial-of-service http://secunia.com/advisories/54593/ py{26,27,32,33}-django>=1.5<1.5.4 denial-of-service http://secunia.com/advisories/54815/ py{26,27,32,33}-django<1.4.8 denial-of-service http://secunia.com/advisories/54815/ ffmpeg2<2.1 multiple-vulnerabilities http://secunia.com/advisories/54857/ firefox<24 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox24 firefox17<17.0.9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.9 thunderbird<17.0.9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird17.0.9 seamonkey<2.21 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.21 xulrunner17<17.0.9 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-76.html xulrunner<24 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-76.html mplayer<1.1.1 remote-data-manipulation http://secunia.com/advisories/54871/ hplip<3.13.10 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4325 polkit<0.112 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4288 ffmpeg2<2.1 multiple-vulnerabilities http://secunia.com/advisories/54921/ libvirt-0.[0-9]* denial-of-service http://secunia.com/advisories/54804/ ffmpeg2<2.1.4 denial-of-service http://secunia.com/advisories/54972/ ffmpeg2<2.1.4 denial-of-service http://secunia.com/advisories/54967/ ruby1{8,9,93}-rubygems<2.0.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4363 ruby193-base<1.9.3p448nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4363 ruby200-base<2.0.0p247nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4363 ffmpeg2<2.1.4 multiple-vulnerabilities http://secunia.com/advisories/55122/ vino<3.9.92 denial-of-service http://secunia.com/advisories/54995/ xenkernel41<4.1.6.1nb1 information-leak http://secunia.com/advisories/54838/ xenkernel42<4.2.4 information-leak http://secunia.com/advisories/54838/ xenkernel33-[0-9]* information-leak http://secunia.com/advisories/54838/ librsvg<2.36.4nb6 information-disclosure http://secunia.com/advisories/55088/ gnupg<1.4.15 denial-of-service http://secunia.com/advisories/55071/ gnupg2<2.0.22 denial-of-service http://secunia.com/advisories/55071/ dropbear<2013.59 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-4421 dropbear<2013.59 username-enumeration https://nvd.nist.gov/vuln/detail/CVE-2013-4434 nss<3.15.2 uninitialized-memory-read http://secunia.com/advisories/55050/ libtar-[0-9]* data-manipulation http://secunia.com/advisories/55138/ libvirt-1.[0-9]* denial-of-service http://secunia.com/advisories/55202/ libtar<1.2.20 arbitrary-code-execution http://secunia.com/advisories/55188/ ap{2,22}-fcgid<2.3.9 buffer-overflow http://secunia.com/advisories/55197/ vino<3.9.92 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5745 libvirt-1.[0-9]* multiple-vulnerabilities http://secunia.com/advisories/54786/ isync<1.0.6 man-in-the-middle-attack http://secunia.com/advisories/55190/ xentools42<4.2.4 denial-of-service http://secunia.com/advisories/55229/ xentools42<4.2.4 denial-of-service http://secunia.com/advisories/55239/ modular-xorg-server<1.12.4nb3 system-compromise http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4396 polarssl<1.2.9 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5915 ffmpeg2<2.1.4 multiple-vulnerabilities http://secunia.com/advisories/55293/ py{26,27,32,33}-scipy<0.12.1 privilege-escalation http://secunia.com/advisories/55256/ opera<12.16 unknown-impact http://www.opera.com/docs/changelogs/unified/1216/ sun-{jdk,jre}6<6.0.65 multiple-vulnerabilities http://secunia.com/advisories/55315/ sun-{jdk,jre}7<7.0.45 multiple-vulnerabilities http://secunia.com/advisories/55315/ openjdk7{,-bin}<1.7.45 multiple-vulnerabilities http://secunia.com/advisories/55315/ icu<51.2nb1 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2924 ruby1{8,9,93}-actionmailer<3.2.15 denial-of-service http://secunia.com/advisories/55240/ openldap-server<2.4.39nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4449 mysql-server>=5.1<5.1.71 multiple-vulnerabilities http://secunia.com/advisories/55327/ mysql-server>=5.5<5.5.33 multiple-vulnerabilities http://secunia.com/advisories/55327/ mysql-server>=5.6<5.6.13 multiple-vulnerabilities http://secunia.com/advisories/55327/ nodejs<0.10.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4450 ffmpeg2<2.2.1 denial-of-service http://secunia.com/advisories/55234/ roundcube<0.9.5 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6172 ffmpeg2<2.2.1 denial-of-service http://secunia.com/advisories/55460/ mantis<1.2.16 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4460 firefox<25 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox25 firefox24<24.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.1 firefox17<17.0.10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.10 thunderbird<17.0.10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird17.0.10 seamonkey<2.22 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.22 xulrunner17<17.0.10 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-93.html xulrunner<25 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-93.html poppler-utils<0.24.3 format-string http://secunia.com/advisories/55258/ php{53,54,55}-tiki6<6.13 multiple-vulnerabilities http://secunia.com/advisories/55403/ varnish<3.0.5 denial-of-service http://secunia.com/advisories/55452/ ffmpeg2<2.2.1 denial-of-service http://secunia.com/advisories/55504/ wireshark<1.10.3 multiple-vulnerabilities http://secunia.com/advisories/55492/ xenkernel41-[0-9]* denial-of-service http://secunia.com/advisories/55200/ xenkernel42<4.2.4 denial-of-service http://secunia.com/advisories/55200/ xenkernel33-[0-9]* denial-of-service http://secunia.com/advisories/55200/ python26-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages openssh>=6.2<6.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4548 samba<3.6.20 security-bypass http://www.samba.org/samba/security/CVE-2013-4475 samba>=4<4.1.1 security-bypass http://www.samba.org/samba/security/CVE-2013-4475 samba>=4<4.1.1 sensitive-information-exposure http://www.samba.org/samba/security/CVE-2013-4476 xenkernel41-[0-9]* denial-of-service http://secunia.com/advisories/55398/ xenkernel42<4.2.4 denial-of-service http://secunia.com/advisories/55398/ blender<2.71 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5105 freeradius<2.2.0 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3547 adobe-flash-plugin<11.2.202.327 remote-system-access http://www.adobe.com/support/security/bulletins/apsb13-26.html libjpeg-turbo<1.3.1 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6629 lighttpd<1.4.34 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4559 salt<0.17.1 multiple-vulnerabilities http://secunia.com/advisories/55625/ mit-krb5<1.10.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1418 mit-krb5<1.10.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6800 mediawiki<1.21.3 multiple-vulnerabilities http://secunia.com/advisories/55743/ nss<3.15.3 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1741 nss<3.14.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5605 nss<3.15.3 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5606 drupal<6.29 multiple-vulnerabilities https://drupal.org/SA-CORE-2013-003 drupal>=7.0<7.24 multiple-vulnerabilities https://drupal.org/SA-CORE-2013-003 python26<2.6.9 multiple-vulnerabilities http://www.python.org/getit/releases/2.6.9/ nginx>=0.8.41<1.4.4 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4547 nginx>=1.5<1.5.7 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4547 ruby193-base<1.9.3p484 arbitrary-code-execution https://www.ruby-lang.org/en/news/2013/11/22/heap-overflow-in-floating-point-parsing-cve-2013-4164/ ruby200-base<2.0.0p353 arbitrary-code-execution https://www.ruby-lang.org/en/news/2013/11/22/heap-overflow-in-floating-point-parsing-cve-2013-4164/ dovecot>=2<2.2.7 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6171 unrealircd<3.2.10.2 multiple-vulnerabilities http://secunia.com/advisories/55839/ moodle<2.5.3 multiple-vulnerabilities http://secunia.com/advisories/55835/ thunderbird<24.1.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.1.1 jetty<7.6.14 remote-security-bypass http://secunia.com/advisories/55861/ subversion{,-base}<1.8.5 remote-security-bypass http://secunia.com/advisories/55855/ php{53,54,55}-owncloud<5.0.13 remote-security-bypass http://secunia.com/advisories/55792/ xenkernel42<4.2.4 privilege-escalation http://secunia.com/advisories/55650/ ffmpeg2<2.1 multiple-vulnerabilities http://secunia.com/advisories/55802/ openttd<1.3.3 denial-of-service http://secunia.com/advisories/55589/ ganglia-webfrontend-[0-9]* cross-site-scripting http://secunia.com/advisories/55854/ links{,-gui}<2.8 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6050 gimp<2.8.10nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1978 pixman<0.32.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6425 ruby{193,200}-i18n<0.6.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4492 libmicrohttpd<0.9.32 multiple-vulnerabilities http://secunia.com/advisories/55903/ ffmpeg1<1.2.12 multiple-vulnerabilities http://secunia.com/advisories/55946/ ffmpeg010<20140629.0.10.14 multiple-vulnerabilities http://secunia.com/advisories/55946/ ffmpeg2<2.2 multiple-vulnerabilities http://secunia.com/advisories/55946/ openjpeg<1.5.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1447 openjpeg<1.5.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6045 openjpeg<1.5.2 information-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6052 openjpeg<1.5.2 information-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6053 openjpeg<1.5.2 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6054 openjpeg<1.5.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6887 xenkernel42<4.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6885 xenkernel41<4.1.6.1nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6885 typo3<4.5.32 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/ typo3>=4.7<4.7.17 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/ typo3>=6.0<6.0.12 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/ typo3>=6.1<6.1.7 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/ gimp<2.8.10nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1913 libwebp<0.2.1 remote-system-access http://secunia.com/advisories/55951/ xenkernel42<4.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6400 firefox17<17.0.10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.10 thunderbird17-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages thunderbird17-[0-9]* multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.2 thunderbird<24.2 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.2 seamonkey<2.23 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.23 xulrunner17-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xulrunner17-[0-9]* arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-104.html xulrunner24<24.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-104.html xulrunner<26 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-104.html modular-xorg-server<1.12.4nb7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6424 adobe-flash-plugin<11.2.202.332 remote-system-access http://www.adobe.com/support/security/bulletins/apsb13-28.html samba>=3.4.0<3.6.22 buffer-overflow http://www.samba.org/samba/security/CVE-2013-4408 samba>=4<4.1.3 buffer-overflow http://www.samba.org/samba/security/CVE-2013-4408 net-snmp<5.7.2nb5 denial-of-service http://secunia.com/advisories/55804/ ruby{193,200}-rails<3.2.16 multiple-vulnerabilities http://secunia.com/advisories/55864/ php>=5.3<5.3.28 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420 php>=5.4<5.4.23 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420 php>=5.5<5.5.7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420 asterisk>=1.8<1.8.24.1 denial-of-service http://downloads.digium.com/pub/security/AST-2013-006.html asterisk>=10.0<10.12.4 denial-of-service http://downloads.digium.com/pub/security/AST-2013-006.html asterisk>=11.0<11.6.1 denial-of-service http://downloads.digium.com/pub/security/AST-2013-006.html asterisk>=1.8<1.8.24.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2013-007.html asterisk>=10.0<10.12.4 privilege-escalation http://downloads.digium.com/pub/security/AST-2013-007.html asterisk>=11.0<11.6.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2013-007.html asterisk>=10<11 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php{53,54,55}-piwigo-[0-9]* cross-site-scripting http://secunia.com/advisories/56099/ wireshark<1.10.4 denial-of-service http://secunia.com/advisories/56097/ qt4-libs<4.8.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4549 gnumeric<1.12.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6836 firefox<26 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox26 firefox24<24.2 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.2 gnupg<1.4.16 information-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4576 py{33,32,27,26}-denyhosts<2.6nb4 denial-of-service http://seclists.org/oss-sec/2013/q4/535 libvirt-[0-9]* denial-of-service http://secunia.com/advisories/56245/ ruby{193,200}-will-paginate<3.0.5 cross-site-scripting http://secunia.com/advisories/56180/ ruby{193,200}-nokogiri<1.5.11 denial-of-service http://secunia.com/advisories/56179/ ruby{19,193,200}-puppet<3.4.1 insecure-temp-file http://secunia.com/advisories/56253/ icinga-base<1.8.5 multiple-vulnerabilities https://www.icinga.org/2013/12/17/icinga-security-releases-1-10-2-1-9-4-1-8-5/ memcached<1.4.17 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7239 poppler<0.24.5 denial-of-service http://secunia.com/advisories/56268/ openssl<1.0.1f denial-of-service http://secunia.com/advisories/56286/ graphviz<2.34.0nb4 buffer-overflow http://secunia.com/advisories/55666/ mapserver<6.4.1 arbitrary-sql-injection http://secunia.com/advisories/56155/ nagios-base-<3.5.0nb2 denial-of-service http://secunia.com/advisories/55976/ p5-Proc-Daemon<0.14nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7135 libXfont>=1.1<1.4.6nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6462 kwallet<4.12 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7252 freerdp-[0-9]* unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0791 ntp<4.2.7p26 traffic-amplification http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5211 flite<2.1 local-symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0027 libvirt-[0-9]* denial-of-service http://secunia.com/advisories/56186/ ffmpeg2<2.2.1 multiple-vulnerabilities http://secunia.com/advisories/56352/ py{33,32,27,26}-jinja2<2.7.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1402 bind<9.6.3.1.ESV.10pl2 denial-of-service https://kb.isc.org/article/AA-01078 bind>=9.7<9.8.6pl2 denial-of-service https://kb.isc.org/article/AA-01078 bind>=9.9<9.9.4pl2 denial-of-service https://kb.isc.org/article/AA-01078 suse{,32}_openssl<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2013-6449.html suse{,32}_openssl<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2013-6450.html nss<3.15.4 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1740 libxslt<1.1.25 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4520 sun-{jdk,jre}7<7.0.51 multiple-vulnerabilities http://secunia.com/advisories/56485/ openjdk7{,-bin}<1.7.51 multiple-vulnerabilities http://secunia.com/advisories/56485/ libvirt-[0-9]* denial-of-service http://secunia.com/advisories/56321/ suse{,32}_x11<13.1nb3 privilege-escalation http://support.novell.com/security/cve/CVE-2013-6462.html ejabberd<2.1.12 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6169 ffmpeg2<2.2.1 denial-of-service http://secunia.com/advisories/56414/ drupal<6.30 multiple-vulnerabilities https://drupal.org/SA-CORE-2014-001 drupal>=7.0<7.26 multiple-vulnerabilities https://drupal.org/SA-CORE-2014-001 ffmpeg2<2.2.1 denial-of-service http://secunia.com/advisories/56525/ moodle<2.5.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0009 moodle<2.5.4 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0010 mediawiki<1.21.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-6451 mediawiki<1.21.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-6452 mediawiki<1.21.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2013-6453 mediawiki<1.21.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-6454 mediawiki<1.21.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2013-6472 mysql-server>=5.1<5.1.73 multiple-vulnerabilities http://secunia.com/advisories/56491/ mysql-server>=5.5<5.5.35 multiple-vulnerabilities http://secunia.com/advisories/56491/ mysql-server>=5.6<5.6.15 multiple-vulnerabilities http://secunia.com/advisories/56491/ jenkins-[0-9]* script-insertion http://secunia.com/advisories/56152/ hplip<3.14.1 multiple-vulnerabilities http://secunia.com/advisories/53644/ mupdf<1.3nb2 buffer-overflow http://secunia.com/advisories/56538/ xenkernel42<4.2.4 memory-corruption http://lists.xen.org/archives/html/xen-announce/2014-01/msg00001.html xenkernel41<4.1.6.1nb6 denial-of-service http://lists.xen.org/archives/html/xen-announce/2014-01/msg00002.html xenkernel42<4.2.4 denial-of-service http://lists.xen.org/archives/html/xen-announce/2014-01/msg00002.html contao211<2.11.14 php-object-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1860 contao31-[0-9]* php-object-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1860 contao32<3.2.5 php-object-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1860 libyaml<0.1.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6393 p5-YAML-LibYAML<0.41nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6393 firefox17-[0-9]* multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.1 firefox17-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages firefox24<24.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.3 firefox<27 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox27 thunderbird<24.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.3 seamonkey<2.24 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.24 xulrunner24<24.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2014-01.html xulrunner<27 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2014-01.html libpurple<2.10.8 multiple-vulnerabilities http://secunia.com/advisories/56693/ VLC<2.1.2 remote-system-access http://secunia.com/advisories/56676/ adobe-flash-plugin<11.2.202.335 remote-system-access http://www.adobe.com/support/security/bulletins/apsb14-02.html adobe-flash-plugin<11.2.202.336 remote-system-access http://www.adobe.com/support/security/bulletins/apsb14-04.html curl>=7.10.6<7.35.0 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0015 mpg123>1.14<1.18.0 remote-system-access http://secunia.com/advisories/56729/ apache-tomcat>=6<6.0.39 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1571 mysql-client<5.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0001 mysql-client>5.5<5.5.37 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0001 mysql-client>5.6<5.6.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0001 mediawiki<1.21.5 multiple-vulnerabilities http://secunia.com/advisories/56695/ ruby{19,193,200}-puppet<3.1.2 denial-of-service http://secunia.com/advisories/56670/ py{33,32,27,26}-denyhosts<2.6nb5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6890 python27<2.7.6nb1 remote-system-access http://secunia.com/advisories/56624/ python31-[0-9]* remote-system-access http://secunia.com/advisories/56624/ python32-[0-9]* remote-system-access http://secunia.com/advisories/56624/ python33<3.3.3nb1 remote-system-access http://secunia.com/advisories/56624/ python31-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages horde-[0-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1691 apache-tomcat>=7<7.0.51 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050 ap{2,22,24}-subversion<1.8.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0032 python32-[0-9]* denial-of-service http://secunia.com/advisories/56627/ python33<3.3.4 denial-of-service http://secunia.com/advisories/56627/ py{33,32,27,26}-logilab-common-[0-9]* insecure-temp-file http://secunia.com/advisories/56720/ xenkernel41-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-84.html xenkernel42<4.2.4 denial-of-service http://xenbits.xenproject.org/xsa/advisory-84.html xenkernel42<4.2.4 multiple-vulnerabilities http://xenbits.xenproject.org/xsa/advisory-85.html mantis<1.2.16 multiple-vulnerabilities http://www.ocert.org/advisories/ocert-2014-001.html contao211<2.11.14 multiple-vulnerabilities http://secunia.com/advisories/56755/ contao32>=3<3.2.5 multiple-vulnerabilities http://secunia.com/advisories/56755/ contao210-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages contao29-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages contao30-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages contao31-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ImageMagick<6.8.8.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1958 ImageMagick<6.8.8.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2030 ffmpeg2<2.2.1 multiple-vulnerabilities http://secunia.com/advisories/56838/ ffmpeg2<2.2.1 arbitrary-code-execution http://secunia.com/advisories/56847/ gnutls<3.2.11 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1959 php55-gd<5.5.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7226 ffmpeg2<2.2.1 arbitrary-code-execution http://secunia.com/advisories/56971/ icinga-base<1.9.5 buffer-overflow https://www.icinga.org/2014/02/11/bugfix-releases-1-10-3-1-9-5-1-8-6/ maradns<2.0.09 denial-of-service http://secunia.com/advisories/57033/ png<1.6.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6954 flite<1.4 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0027 socat<1.7.2.3 buffer-overflow http://www.dest-unreach.org/socat/contrib/socat-secadv5.txt file<5.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943 file<5.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270 ffmpeg2<2.2.1 multiple-vulnerabilities http://secunia.com/advisories/56987/ ffmpeg2<2.2.1 multiple-vulnerabilities http://secunia.com/advisories/57066/ freeradius<2 denial-of-service http://secunia.com/advisories/56956/ freeradius>=2<2.2.0nb8 denial-of-service http://secunia.com/advisories/56956/ ruby{193,200}-actionpack<3.2.17 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0081 ruby{193,200}-actionpack<3.2.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0082 adobe-flash-plugin<11.2.202.341 remote-system-access http://www.adobe.com/support/security/bulletins/apsb14-07.html phpmyadmin<4.0.10nb1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-1.php phpmyadmin>=4.1<4.1.7 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-1.php postgresql84-server<8.4.20 multiple-vulnerabilities http://www.postgresql.org/about/news/1506/ postgresql90-server<9.0.16 multiple-vulnerabilities http://www.postgresql.org/about/news/1506/ postgresql91-server<9.1.12 multiple-vulnerabilities http://www.postgresql.org/about/news/1506/ postgresql92-server<9.2.7 multiple-vulnerabilities http://www.postgresql.org/about/news/1506/ postgresql93-server<9.3.3 multiple-vulnerabilities http://www.postgresql.org/about/news/1506/ libvirt>=1.0.1<1.2.1 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6456 apache-tomcat>=6<6.0.39 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286 apache-tomcat>=6<6.0.39 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322 apache-tomcat>=6<6.0.39 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590 apache-tomcat>=6.0.33<6.0.39 session-fixation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0033 apache-tomcat>=7<7.0.40 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2071 apache-tomcat>=7<7.0.47 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286 apache-tomcat>=7<7.0.50 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322 apache-tomcat>=7<7.0.50 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590 gnutls<3.2.12 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0092 php<5.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943 php>=5.4<5.4.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943 php>=5.5<5.5.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943 libssh<0.63 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0017 typo3-[0-9]* cross-site-scripting http://secunia.com/advisories/57094/ sudo<1.7.10p8 local-security-bypass http://www.sudo.ws/sudo/alerts/env_add.html stunnel<5 multiple-vulnerabilities http://secunia.com/advisories/57118/ net-snmp<5.7.2.1 denial-of-service http://secunia.com/advisories/57124/ icedtea-web<1.4.2 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6493 png<1.6.10rc01 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0333 p5-Capture-Tiny<0.24 insecure-temp-file http://secunia.com/advisories/56823/ ffmpeg2<2.2.1 denial-of-service http://secunia.com/advisories/57282/ ffmpeg2<2.1.4 multiple-vulnerabilities http://secunia.com/advisories/57298/ ffmpeg<20140305.1.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2097 ffmpeg<20140305.1.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2098 ffmpeg<20140305.1.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2099 ffmpeg<20140305.1.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2263 ffmpeg2<2.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2097 ffmpeg2<2.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2098 ffmpeg2<2.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2099 ffmpeg2<2.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2263 wireshark<1.10.6 multiple-vulnerabilities http://secunia.com/advisories/57265/ freetype2>=2.4.12<2.5.4 arbitrary-code-execution http://secunia.com/advisories/57291/ asterisk>=1.8<1.8.26.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-001.html asterisk>=11.0<11.8.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-001.html asterisk>=12.0<12.1.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-001.html asterisk>=1.8<1.8.26.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-002.html asterisk>=11.0<11.8.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-002.html asterisk>=12.0<12.1.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-002.html asterisk>=12.0<12.1.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-003.html asterisk>=12.0<12.1.0 denial-of-service http://downloads.digium.com/pub/security/AST-2014-004.html php{53,54,55}-orangehrm<3.1.2 cross-site-scripting http://secunia.com/advisories/57206/ mediawiki<1.22.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2242 mediawiki<1.22.3 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2243 mediawiki<1.22.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2244 squid<3.4.4 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2014_1.txt adobe-flash-plugin<11.2.202.346 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb14-08.html mutt>=1.5<1.5.23 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0467 lighttpd<1.4.35 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2323 lighttpd<1.4.35 path-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2324 php{53,54,55}-owncloud<6.0.2 multiple-vulnerabilities http://secunia.com/advisories/57283/ php55-gd<5.5.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7327 php>=5.5<5.5.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270 php>=5.4<5.4.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270 php<5.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270 samba-3.5.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages samba>=3.4<3.6.23 brute-force-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4496 imapsync<=1.564 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4279 imapsync<1.584 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2014 gnutls<2.7.6 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5138 oath-toolkit<2.4.1 unauthorized-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7322 suse{,32}_openssl<13.1nb2 denial-of-service http://support.novell.com/security/cve/CVE-2013-4353.html suse{,32}_x11<13.1nb2 denial-of-service http://support.novell.com/security/cve/CVE-2013-6425.html suse{,32}_libpng<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2013-6954.html suse{,32}_qt4<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2013-4549.html suse{,32}_libpng>=13.1<13.1nb2 denial-of-service http://support.novell.com/security/cve/CVE-2014-0333.html php53-gd<5.3.28nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497 php54-gd<5.4.28nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497 php55-gd<5.5.12nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497 moodle<2.5.5 multiple-vulnerabilities http://secunia.com/advisories/57331/ mutt-kz<1.5.22.1rc1nb1 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0467 firefox<28 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox28 firefox24<24.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.4 thunderbird<24.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.4 seamonkey<2.25 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.25 apache>=2.4<2.4.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438 apache>=2.4<2.4.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098 apache>=2.2<2.2.27 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438 apache>=2.2<2.2.27 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098 xulrunner24<24.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2014-15.html xulrunner<28 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2014-15.html jansson<2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-6401 ruby{193,200,21}-rack-ssl<1.3.3nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2538 nss<3.16 multiple-vulnerabilities http://secunia.com/advisories/57465/ openssl>=1.0.1<1.0.1fnb1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 openssh<6.6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2532 cacti<0.8.8c cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2326 cacti<0.8.8c cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2327 cacti<0.8.8c arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2328 icinga-base<1.9.4 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7106 icinga-base<1.9.4 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7108 php>=5.4<5.4.26nb2 denial-of-service http://secunia.com/advisories/57564/ php>=5.5<5.5.10nb2 denial-of-service http://secunia.com/advisories/57564/ claws-mail-vcalendar<3.10.0 remote-spoofing http://secunia.com/advisories/57336/ claws-mail-rssyl<3.10.0 remote-spoofing http://secunia.com/advisories/57336/ libyaml<0.1.5nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2525 p5-YAML-LibYAML<0.41nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2525 curl<7.36.0 multiple-vulnerabilities http://secunia.com/advisories/57434/ couchdb<1.5.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2668 ffmpeg010<20130927.0.10.9 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7009 ffmpeg010<20130927.0.10.9 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7010 ffmpeg010<20130927.0.10.9 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7014 ffmpeg010<20130927.0.10.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7015 ffmpeg010<20130927.0.10.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7018 ffmpeg010<20130927.0.10.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7023 ffmpeg010<20140310.0.10.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2098 ffmpeg010<20140310.0.10.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2099 ffmpeg010<20140310.0.10.12 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2263 {ap22,ap24}-modsecurity<2.7.6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5705 a2ps<4.14nb6 multiple-vulnerabilities http://secunia.com/advisories/57663/ sylpheed<3.3.1 buffer-overflow http://secunia.com/advisories/57584/ suse{,32}_openssl<13.1nb3 sensitive-information-disclosure http://support.novell.com/security/cve/CVE-2014-0076.html PAM-[0-9]* security-bypass http://secunia.com/advisories/57317/ icinga-base<1.9.6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2386 prosody<0.9.4 denial-of-service http://blog.prosody.im/prosody-0-9-4-released/ lua-expat<1.3.0 denial-of-service http://matthewwild.co.uk/projects/luaexpat/index.html#history openssl>=1.0.1<1.0.1g sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 suse{,32}_openssl>=12.3<13.1nb4 sensitive-information-disclosure http://support.novell.com/security/cve/CVE-2014-0160.html cacti<0.8.8c sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2708 cacti<0.8.8c arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2709 adobe-flash-plugin<11.2.202.350 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb14-09.html jbigkit<2.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6369 wordpress<3.8.2 multiple-vulnerabilities http://secunia.com/advisories/57769/ php{53,54,55}-ja-wordpress<3.8.2 multiple-vulnerabilities http://secunia.com/advisories/57769/ wireshark<1.10.4 arbitrary-code-execution http://www.wireshark.org/security/wnpa-sec-2014-05.html py{33,27,26}-Pillow<2.3.1 insecure-temp-file http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1932 py{27,26}-imaging<1.1.7nb8 insecure-temp-file http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1932 py{33,27,26}-Pillow<2.3.1 insecure-temp-file http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1933 py{27,26}-imaging-<1.1.7nb8 insecure-temp-file http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1933 suse{,32}_libcurl<13.1nb3 privilege-escalation http://support.novell.com/security/cve/CVE-2014-0138.html suse{,32}_libcurl<13.1nb3 ssl-certificate-spoofing http://support.novell.com/security/cve/CVE-2014-0139.html dillo<3.0.4 arbitrary-code-execution http://secunia.com/advisories/57797/ openjpeg15<1.5.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1447 openjpeg15<1.5.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4289 openjpeg15<1.5.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4290 openjpeg15<1.5.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6045 openjpeg15<1.5.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6052 openjpeg15<1.5.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6053 openjpeg15<1.5.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6054 openjpeg15<1.5.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6087 cups<1.5.4nb11 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2856 openafs<1.6.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0159 openafs>=1.7<1.7.31 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0159 openssh<6.6.1nb3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2653 file<5.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345 nagios-base<3.5.1nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2386 qemu>=1.4.0<1.7.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4377 libmms<0.6.4 buffer-overflow http://secunia.com/advisories/57875/ sun-{jdk,jre}7<7.0.55 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA openjdk7{,-bin}<1.7.55 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA mysql-server>5.5<5.5.37 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixMSQL mysql-server>5.6<5.6.17 arbitrary-code-execution http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixMSQL qemu<2.0 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2894 qemu<2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4544 json-c<0.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6370 json-c<0.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6371 rsync<3.1.0nb1 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2855 suse{,32}_libjson<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2013-6370.html suse{,32}_libjson<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2013-6371.html wireshark<1.10.7 denial-of-service http://secunia.com/advisories/58217/ bugzilla>=4.5<4.5.3 spoofing-attack http://secunia.com/advisories/58059/ bugzilla>=4.4<4.4.3 spoofing-attack http://secunia.com/advisories/58059/ bugzilla>=4.2<4.2.8 spoofing-attack http://secunia.com/advisories/58059/ bugzilla>=4.0<4.0.12 spoofing-attack http://secunia.com/advisories/58059/ drupal>=6<6.31 sensitive-information-disclosure http://secunia.com/advisories/58132 drupal>=7<7.27 sensitive-information-disclosure http://secunia.com/advisories/58132 qemu<2.0.0nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4151 qemu<2.0.0nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4535 qemu<2.0.0nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4536 qemu<2.0.0nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6399 qemu<2.0.0nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0182 gnustep-base<1.24.0nb11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2980 poco<1.4.6p4 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0350 mediawiki<1.22.6 script-insertion-vulnerability http://lists.wikimedia.org/pipermail/mediawiki-announce/2014-April/000149.html adobe-flash-plugin<11.2.202.356 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-13.html firefox<29 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox29 firefox24<24.5 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.5 thunderbird<24.5 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.5 seamonkey<2.26 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.26 xulrunner24<24.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2014/mfsa2014-34.html xulrunner<29 arbitrary-code-execution http://www.mozilla.org/security/announce/2014/mfsa2014-34.html synergy<1.4.14 sensitive-information-disclosure http://synergy-foss.org/blog/synergy-1-4-14/ py{33,32,27,26}-lxml<3.3.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3146 knot<1.4.5 signature-spoofing https://www.knot-dns.cz/ suse{,32}_openssl<13.1nb6 denial-of-service http://support.novell.com/security/cve/CVE-2010-5298.html suse{,32}_mozilla-nss<13.1nb2 man-in-the-middle-attack http://support.novell.com/security/cve/CVE-2014-1492.html openssl>=1<1.0.0m denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198 openssl>=1.0.1<1.0.1h denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198 python32-[0-9]* insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2667 python33<3.3.5nb2 insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2667 python34<3.4.0nb1 insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2667 python32-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libpng<13.1nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2013-7354.html suse{,32}_libpng<13.1nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2013-7353.html python33<3.3.4rc1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7338 python26-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912 python27<2.7.6nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912 python32-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912 python33<3.3.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912 python34<3.4rc1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912 cacti<0.8.8c cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5588 cacti<0.8.8c sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5589 cacti-spine-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5588 cacti-spine-[0-9]* sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5589 cacti-spine-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2326 cacti-spine-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2328 cacti-spine-[0-9]* sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2708 cacti-spine-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2709 sks<1.1.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3207 openssl>=1<1.0.0m denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298 openssl>=1.0.1<1.0.1h denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298 libxml2<2.9.1nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0191 suse{,32}_libxml2<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2014-0191.html openjdk7{,-bin}<1.7.40 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5772 sun-{jdk,jre}7<7.0.40 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5772 sun-{jdk,jre}6<6.0.60 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5772 openjdk7{,-bin}<1.7.40 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5802 sun-{jdk,jre}7<7.0.40 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5802 sun-{jdk,jre}6<6.0.60 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5802 sun-{jre,jdk}15<5.0.51 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5802 sun-{jre,jdk}15>=5.0.55<5.0.56 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411 sun-{jre,jdk}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411 openssl>=1.0.0<1.0.0l man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6450 openssl>=1.0.1<1.0.1f man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6450 p5-LWP-Protocol-https>=6.04<6.04nb1 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3230 p5-LWP-Protocol-https>=6.06<6.06nb1 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3230 jpeg>=6b<6c sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6629 libjpeg-turbo<1.3.1 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6629 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0446 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0446 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0446 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0448 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0448 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0448 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0449 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0449 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0449 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0449 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0454 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0454 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0454 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0455 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0455 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0455 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0459 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0459 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0459 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0461 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0461 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0461 openjdk7{,-bin}>=1.7.51<1.7.52 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1876 sun-{jdk,jre}7>=7.0.51<7.0.52 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1876 sun-{jdk,jre}8>=8.0.0<8.0.1 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1876 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2401 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2401 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2401 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2401 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2402 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2402 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2402 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2409 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2409 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2409 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2420 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2420 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2420 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2428 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2428 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2428 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2428 fish>=1.16.0<2.1.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2905 fish<2.1.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2014-2906 fish<2.1.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2014-2914 fish<2.1.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2014-3856 tiff<4.0.3nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4244 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5888 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5888 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5888 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5907 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5907 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5907 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5910 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5910 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5910 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0368 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0368 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0368 libvirt>=0.7.5<1.2.5 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0179 rxvt-unicode<9.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3121 mediawiki<1.19.14 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2665 mediawiki>=1.20<1.21 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2665 mediawiki>=1.21<1.21.8 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2665 mediawiki>=1.22<1.22.5 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2665 ruby{193,200,21}-actionpack>=3.2<3.2.18 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0130 bind>=9.10<9.10.0pl1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3214 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5878 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5878 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5878 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5887 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5887 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5887 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5889 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5889 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5889 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5898 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5898 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5898 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5899 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5899 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5899 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0373 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0373 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0373 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0375 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0375 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0375 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0387 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0387 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0387 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0403 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0403 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0403 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0410 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0410 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0410 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0415 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0415 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0415 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0416 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0416 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0416 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0417 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0417 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0417 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0422 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0422 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0422 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0423 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0423 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0423 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0424 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0424 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0424 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428 libvirt<1.1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7336 png<1.5.14beta08 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7353 png<1.5.14rc03 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7354 py{34,33,32,27,26}-jinja2<2.7.2nb1 temporary-files-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0012 emacs23<23.3nb27 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3421 emacs23-nox11<23.3nb3 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3421 emacs24<24.3nb14 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3421 emacs24-nox11<24.3nb1 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3421 emacs23<23.3nb27 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3422 emacs23-nox11<23.3nb3 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3422 emacs24<24.3nb14 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3422 emacs24-nox11<24.3nb1 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3422 emacs23<23.3nb27 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3424 emacs23-nox11<23.3nb3 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3424 emacs24<24.3nb14 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3424 emacs24-nox11<24.3nb1 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3424 adobe-flash-plugin<11.2.202.359 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-14.html suse{,32}_openssl<13.1nb7 denial-of-service http://support.novell.com/security/cve/CVE-2014-0198.html qt4-libs<4.8.6nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0190 qt5-qtbase<5.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0190 libXfont<1.4.7nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0209 libXfont<1.4.7nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0210 libXfont<1.4.7nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0211 ldns<1.6.16nb4 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3209 php53-fpm-[0-9]* local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185 php54-fpm<5.4.28 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185 php55-fpm<5.5.12 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185 nagios-base-<3.5.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1878 icinga-base<1.9.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1878 dovecot<1.2.17nb15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3430 dovecot>=2<2.2.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3430 py{34,33,32,27,26}-django>=1.5<1.6.5 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1418 py{34,33,32,27,26}-django<1.4.13 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1418 py{34,33,32,27,26}-django>=1.5<1.6.5 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3730 py{34,33,32,27,26}-django<1.4.13 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3730 php{53,54,55}-owncloud<6.0.3 unknown-impact http://secunia.com/advisories/58586/ moodle<2.5.6 multiple-vulnerabilities http://docs.moodle.org/dev/Moodle_2.5.6_release_notes suse{,32}_x11<13.1nb5 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-0209.html suse{,32}_x11<13.1nb5 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-0210.html suse{,32}_x11<13.1nb5 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-0211.html typo3<4.5.34 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/ typo3>=4.7<4.7.19 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/ typo3>=6.0<6.0.14 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/ typo3>=6.1<6.1.9 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/ chicken<4.8.0.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4385 chicken<4.8.0.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3776 apache-tomcat>=6.0<6.0.41 multiple-vulnerabilities http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.41 apache-tomcat>=7.0<7.0.53 information-disclosure http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.53 apache-tomcat>=6.0<6.0.39 denial-of-service http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.39 apache-tomcat>=7.0<7.0.53 denial-of-service http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_7.0.53 apache-tomcat>=7.0<7.0.54 information-disclosure http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.54 gnutls<3.2.15 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3466 webmin<1.690 cross-site-scripting http://freecode.com/projects/webmin/releases/363920 suse{,32}_openssl<13.1nb8 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-0195.html suse{,32}_openssl<13.1nb8 denial-of-service http://support.novell.com/security/cve/CVE-2014-0221.html suse{,32}_openssl<13.1nb8 man-in-the-middle-attack http://support.novell.com/security/cve/CVE-2014-0224.html suse{,32}_openssl<13.1nb8 denial-of-service http://support.novell.com/security/cve/CVE-2014-3470.html openssl<0.9.8za man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 openssl>=1<1.0.0m man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 openssl>=1.0.1<1.0.1h man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 openssl<0.9.8za denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 openssl>=1<1.0.0m denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 openssl>=1.0.1<1.0.1h denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 openssl<0.9.8za arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 openssl>=1<1.0.0m arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 openssl>=1.0.1<1.0.1h arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 openssl<0.9.8za denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 openssl>=1<1.0.0m denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 openssl>=1.0.1<1.0.1h denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 openssl<0.9.8za sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 openssl>=1<1.0.0m sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 py{34,33,32,27,26}-gnupg<0.3.6 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7323 py{34,33,32,27,26}-gnupg<0.3.6 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1927 py{34,33,32,27,26}-gnupg<0.3.6 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1928 py{34,33,32,27,26}-gnupg<0.3.6 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1929 python27<2.7.7nb1 denial-of-service http://seclists.org/oss-sec/2013/q4/558 php>=5.4<5.4.29 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237 php>=5.4<5.4.29 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238 php>=5.5<5.5.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237 php>=5.5<5.5.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238 mediawiki<1.22.7 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3966 libtasn1<3.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3467 libtasn1<3.6 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3468 libtasn1<3.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3469 openpam<20140912 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3879 chkrootkit<0.50 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0476 bottle<0.12.6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3137 mupdf<1.4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2013 sendmail<8.14.9 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3956 dpkg<1.16.15 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3864 dpkg<1.16.15 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3865 firefox<30 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox30 firefox24<24.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.6 thunderbird<24.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.6 xulrunner24<24.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2014/mfsa2014-48.html xulrunner<30 arbitrary-code-execution http://www.mozilla.org/security/announce/2014/mfsa2014-48.html file<5.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237 file<5.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238 nspr<4.10.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2014/mfsa2014-55.html emacs24{,-nox11}<24.5 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3423 icinga-base<1.9.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7107 icinga-base>1.9.5<1.10.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7107 icinga-base>1.9.5<1.10.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1878 icinga-base<1.10.3 stack-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2386 tor<0.2.4.20 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7295 gnupg2<2.0.22 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4351 gnupg<1.4.15 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4351 gnupg2<2.0.22 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4402 gnupg<1.4.15 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4402 py{34,33,32,27,26}-django>=1.5<1.6.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0472 py{33,32,27,26}-django<1.4.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0472 py{34,33,32,27,26}-django>=1.5<1.6.3 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0473 py{33,32,27,26}-django<1.4.11 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0473 py{33,32,27,26}-django<1.4.11 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0474 adobe-flash-plugin<11.2.202.379 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-16.html php{53,54,55}-soycms<=1.4.0c cross-site-scripting http://jvn.jp/en/jp/JVN54650130/index.html asterisk>=12.0<12.3.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-005.html asterisk>=11.0<11.10.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2014-006.html asterisk>=12.0<12.3.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2014-006.html asterisk>=1.8<1.8.28.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-007.html asterisk>=11.0<11.10.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-007.html asterisk>=12.0<12.3.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-007.html asterisk>=12.0<12.3.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-008.html libarchive>=2.9<3.1.2 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1779 bind>=9.10<9.10.0pl2 denial-of-service https://kb.isc.org/article/AA-01166/0/CVE-2014-3859%3A-BIND-named-can-crash-due-to-a-defect-in-EDNS-printing-processing.html ruby18-puppet<3.6.2 arbitrary-code-execution http://puppetlabs.com/security/cve/cve-2014-3248 ruby18-hiera<1.3.4 arbitrary-code-execution http://puppetlabs.com/security/cve/cve-2014-3248 ruby18-mcollective<2.5.2 arbitrary-code-execution http://puppetlabs.com/security/cve/cve-2014-3248 wireshark>=1.10.0<1.10.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2014-07.html ap{22,24}-py{33,32,27,26}-wsgi<3.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0240 ap{22,24}-py{33,32,27,26}-wsgi<3.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0242 suse{,32}_base<13.1nb10 denial-of-service http://support.novell.com/security/cve/CVE-2014-4043.html xalan-j>=2.7.0<2.7.2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0107 gnutls>=3.0<3.1.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3465 gnutls>=3.2<3.2.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3465 lighttpd<1.4.34 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4560 lighttpd>=1.4.24<1.4.34 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4508 suse{,32}_mozilla-nspr<13.1nb2 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-1545.html mysql-client-5.1.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-server-5.1.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel33-[0-9]* sensitive-information-exposure http://xenbits.xenproject.org/xsa/advisory-100.html xenkernel41<4.1.6.1nb1 sensitive-information-exposure http://xenbits.xenproject.org/xsa/advisory-100.html xenkernel42<4.2.5 sensitive-information-exposure http://xenbits.xenproject.org/xsa/advisory-100.html suse{,32}_libdbus<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2014-3477.html memcached<1.4.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0179 memcached<1.4.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7290 memcached<1.4.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7291 kdirstat-[0-9]* arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2527 kdirstat-[0-9]* arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2528 seamonkey<2.26.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.26.1 iodine<0.7.0 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4168 samba>=3.6<3.6.24 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493 samba>=3.6<3.6.24 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244 p5-Email-Address<1.905 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0477 php>=5.4<5.4.30 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049 php>=5.5<5.5.14 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049 nagios-plugins<2.0.2 sensitive-information-disclosure http://seclists.org/fulldisclosure/2014/May/74 openafs>=1.6.8<1.6.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4044 gnupg2<2.0.24 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617 gnupg<1.4.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617 php-5.2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php{53,54,55}-piwigo<2.6.3 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4649 kdelibs4<4.13.3 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3494 php>=5.4<5.4.30 multiple-vulnerabilities http://www.php.net/ChangeLog-5.php#5.4.30 php>=5.5<5.5.14 multiple-vulnerabilities http://www.php.net/ChangeLog-5.php#5.5.14 php{53,54,55}-owncloud<6.0.4 unknown-impact http://secunia.com/advisories/59543/ python27<2.7.7nb2 directory-traversal http://bugs.python.org/issue21766 python32-[0-9]* directory-traversal http://bugs.python.org/issue21766 python33<3.3.5nb4 directory-traversal http://bugs.python.org/issue21766 python34<3.4.1nb1 directory-traversal http://bugs.python.org/issue21766 lzo<2.0.7 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4607 pulseaudio<5.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3970 cacti<0.8.8c multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4002 dbus<1.8.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3532 dbus<1.8.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3533 libreoffice4>=4.1.4<4.2.5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0247 libreoffice4-bin>=4.1.4<4.2.5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0247 adobe-flash-plugin<11.2.202.379 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-17.html suse{,32}_base<13.1nb5 directory-traversal http://support.novell.com/security/cve/CVE-2014-0475.html openttd>=0.3.6<1.3.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6411 vlc<2.0.4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1868 vlc<2.0.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1954 dbus>1.6.20<1.8.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3477 dbus<1.6.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3477 php>=5.4<5.4.30nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4698 php>=5.5<5.5.14nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4698 php>=5.4<5.4.30nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670 php>=5.5<5.5.14nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670 file<5.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478 php>=5.4<5.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478 php>=5.5<5.5.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478 file<5.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479 php>=5.4<5.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479 php>=5.5<5.5.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479 file<5.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480 php>=5.4<5.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480 php>=5.5<5.5.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480 file<5.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487 php>=5.4<5.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487 php>=5.5<5.5.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487 ffmpeg<20140623.1.2.7 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2263 ffmpeg2<2.2.4 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2263 ffmpeg010<20140629.0.10.14 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4609 ffmpeg010<20140629.0.10.14 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4610 php>=5.4<5.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515 php>=5.5<5.5.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515 file<5.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207 php>=5.4<5.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207 php>=5.5<5.5.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207 php>=5.4<5.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721 php>=5.5<5.5.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721 phpmyadmin>=4.2<4.2.4 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-2.php phpmyadmin>=4.1<4.1.14.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-3.php phpmyadmin>=4.2<4.2.4 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-3.php samba>=3.6.6<3.6.24 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178 samba>=4.1<4.1.8 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178 ruby{193,200,21}-activerecord>=3.2<3.2.19 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3482 transmission<2.84 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4909 polarssl<1.2.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4911 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4227 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4219 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2490 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4216 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4247 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4283 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4223 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4262 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4209 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4220 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4218 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4252 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4266 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4268 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4264 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4221 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4244 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4263 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4208 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4227 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4219 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2490 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4216 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4247 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4283 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4223 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4262 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4209 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4220 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4218 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4252 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4266 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4268 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4264 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4221 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4244 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4263 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4208 ruby1{8,9,93}-rubygems<1.8.23 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2125 ruby1{8,9,93}-rubygems<2.0.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4287 ruby200-base<2.0.0p247nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4287 ruby193-base<1.9.3p448nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4287 mit-krb5<1.10.7nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341 mit-krb5>=1.7<1.10.7nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342 mit-krb5>=1.10<1.10.7nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343 mit-krb5>=1.5<1.10.7nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344 ansible<1.6.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4657 ansible<1.6.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4678 drupal>=6<6.32 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2014-003 drupal>=7<7.29 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2014-003 php>=5.5<5.5.16 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587 php>=5.4<5.4.32 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587 mysql-server>=5.6<5.6.19 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2484 mysql-server>=5.5<5.5.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2494 mysql-server>=5.5<5.5.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4207 mysql-server>=5.6<5.6.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4214 mysql-server>=5.6<5.6.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4233 mysql-server>=5.6<5.6.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4228 mysql-server>=5.6<5.6.19 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4240 mysql-server>=5.6<5.6.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4243 mysql-server>=5.5<5.5.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4243 mysql-server>=5.6<5.6.19 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4258 mysql-server>=5.5<5.5.38 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4258 mysql-server>=5.6<5.6.19 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4260 mysql-server>=5.5<5.5.38 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4260 phpmyadmin<=3.5.8.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-8.php phpmyadmin>=4<4.0.4.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-8.php phpmyadmin<=3.5.8.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-11.php phpmyadmin>=4<4.0.4.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-11.php phpmyadmin<=3.5.8.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-14.php phpmyadmin>=4<4.0.4.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-14.php php>=5.5<5.5.14 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3981 php>=5.4<5.4.30 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3981 php<5.3.29 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3981 suse{,32}_libdbus<13.1nb2 denial-of-service http://support.novell.com/security/cve/CVE-2014-3532.html suse{,32}_libdbus<13.1nb2 denial-of-service http://support.novell.com/security/cve/CVE-2014-3533.html apache>=2.2<2.2.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231 apache>=2.4<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231 apache>=2.4<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3523 apache>=2.4.6<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0117 apache>=2.2<2.2.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118 apache>=2.4<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118 apache>=2.2<2.2.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226 apache>=2.4<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226 softhsm<1.3.7nb2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3209 xpdf<3.04 multiple-vulnerabilities http://www.foolabs.com/xpdf/CHANGES ansible<1.6.9 input-validation http://www.ocert.org/advisories/ocert-2014-004.html phpmyadmin<4.2.6 multiple-vulnerabilities http://www.phpmyadmin.net/home_page/security/PMASA-2014-6.php phpmyadmin<4.2.6 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-7.php firefox<31 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox31 firefox24<24.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.7 nss<3.16.2 memory-corruption https://www.mozilla.org/security/announce/2014/mfsa2014-63.html cups<1.7.4 symlink-attack http://www.cups.org/str.php?L4450 exim<4.83 input-validation https://lists.exim.org/lurker/message/20140722.152452.d6c019e8.en.html tor<0.2.4.23 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5117 tor>=0.2.5<0.2.5.7 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5117 mysql-server>=5.6<5.6.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 mysql-server>=5.5<5.5.39 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 mediawiki<1.22.9 multiple-vulnerabilities https://www.mediawiki.org/wiki/Release_notes/1.22#MediaWiki_1.22.9 suse{,32}_mozilla-nss<13.1nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-1544.html wireshark<1.10.9 multiple-vulnerabilities https://www.wireshark.org/docs/relnotes/wireshark-1.10.9.html#_bug_fixes kdelibs4<4.14 privilege-escalation http://www.kde.org/info/security/advisory-20140730-1.txt samba>=4<4.1.11 buffer-overflow http://www.samba.org/samba/security/CVE-2014-3560 gpgme<1.4.4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3564 file<5.1.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538 nginx>=1.5.6<1.6 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3556 nginx>=1.6<1.6.1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3556 nginx>=1.7<1.7.4 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3556 php>=5.4<5.4.32 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538 php>=5.5<5.5.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538 php{53,54,55}-owncloud<5.0.17 unspecified http://owncloud.org/changelog/ phpmyadmin<4.2.6 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-4.php phpmyadmin>=4.2<4.2.6 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-5.php phpmyadmin>=4.1<4.1.14.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-5.php phpmyadmin>=4.0<4.0.10.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-5.php liblive<20131129 buffer-overflow http://live555.com/liveMedia/public/changelog.txt nss<3.15.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1491 nss<3.16 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1492 gcc{,34,44,45,46,47}-[0-9]* denial-of-service https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61601 gcc3-c++-[0-9]* denial-of-service https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61601 gcc48-cc++-[0-9]* denial-of-service https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61601 gcc{,34,44,45,46,47}-[0-9]* memory-corruption https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61582 gcc3-c++-[0-9]* memory-corruption https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61582 gcc48-cc++-[0-9]* memory-corruption https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61582 ruby{18,193,200,21}-puppet<3.3.3 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4969 ruby{18,193,200,21}-puppet>=3.4<3.4.1 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4969 ruby{18,193,200,21}-puppet>=2.8.4<3.1.1 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4969 ruby18-base>=1.8.7<1.8.7.331 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4481 curl>=7.27.0<7.35.1 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2522 openssl>=0.9.8<0.9.8zb multiple-vulnerabilities https://www.openssl.org/news/secadv_20140806.txt openssl>=1.0.0<1.0.0n multiple-vulnerabilities https://www.openssl.org/news/secadv_20140806.txt openssl>=1.0.1<1.0.1i multiple-vulnerabilities https://www.openssl.org/news/secadv_20140806.txt suse{,32}_openssl<13.1nb9 multiple-vulnerabilities https://www.openssl.org/news/secadv_20140806.txt cups<1.7.4 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5029 cups<2.0 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5030 cups<2.0 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5031 readline>=6.2<6.3 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2524 openssl>=0.9.8<0.9.8y sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169 openssl>=1.0.0<1.0.0k sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169 openssl>=1.0.1<1.0.1d sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169 durupal>=6<6.33 denial-of-service https://www.drupal.org/SA-CORE-2014-004 durupal>=7<7.31 denial-of-service https://www.drupal.org/SA-CORE-2014-004 wordpress>=3.8<3.8.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2053 wordpress>=3.7<3.7.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2053 php{53,54,55}-ja-wordpress>=3.8<3.8.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2053 php{53,54,55}-ja-wordpress>=3.7<3.7.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2053 py{34,33,27,26}-ipython<1.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3429 serf<1.3.7 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3504 subversion-base>=1.8<1.8.10 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3522 adobe-flash-plugin<11.2.202.400 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-18.html suse{,32}_libtiff<13.1nb1 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2013-6369.html suse{,32}_krb5<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2014-4341.html suse{,32}_krb5<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2014-4342.html suse{,32}_krb5<13.1nb1 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-4343.html suse{,32}_krb5<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2014-4344.html poppler<0.13.3 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5110 php-5.3.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages subversion-base>=1.8<1.8.10 spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3528 qemu>=1.6<2.0.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5263 py{34,33,27,26}-Pillow<2.5.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3589 cacti<0.8.8c arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-5261 cacti<0.8.8c sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-5262 py{26,27}-moin<1.9.7 script-insertion-vulnerability http://moinmo.in/SecurityFixes mit-krb5>=1.6<1.10.7nb3 buffer-overflow http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2014-001.txt py{27,26}-imaging<1.1.7nb9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3589 py{33,32,27,26}-django<1.4.14 multiple-vulnerabilities https://docs.djangoproject.com/en/1.4/releases/1.4.14/ py{33,32,27,26}-django>=1.5<1.6.6 multiple-vulnerabilities https://docs.djangoproject.com/en/1.6/releases/1.6.6/ phpmyadmin<4.2.7.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-8.php phpmyadmin<4.2.7.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-9.php salt<2014.1.10 data-manipulation http://docs.saltstack.com/en/latest/topics/releases/2014.1.10.html squid<3.4.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3609 bozohttpd<20140708 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5015 procmail<3.22nb4 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3618 firefox<31.1 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox31.1 thunderbird<31.1 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird31.1 firefox>31.1<32 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox32 firefox24<24.8 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.8 thunderbird24<24.8 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.8 ImageMagick<6.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1958 ImageMagick<6.9 stack-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1947 ImageMagick<6.8.8 stack-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1947 php>=5.4<5.4.32 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587 php>=5.5<5.5.16 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587 php>=5.4<5.4.32 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597 php>=5.5<5.5.16 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597 php54-gd>=5.4<5.4.32 remote-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5120 php55-gd>=5.5<5.5.16 remote-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5120 net-snmp>=5.7<5.7.2.1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3565 net-snmp>=5.6<=5.6.2.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3565 net-snmp>=5.5<=5.5.2.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3565 net-snmp>=5.4<=5.4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3565 lua51<5.1.5nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5461 lua52>=5.2<5.2.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5461 nodejs<0.10.30 denial-of-service http://blog.nodejs.org/2014/07/31/v8-memory-corruption-stack-overflow/ thunderbird24<24.8.1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5369 thunderbird<31.5.0nb1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5369 seamonkey<2.32.1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5369 libreoffice4<4.3.1 multiple-vulnerabilities http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/ dhcpcd<6.4.3 denial-of-service http://advisories.mageia.org/MGASA-2014-0334.html bugzilla<4.0 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1546 libvncserver<0.9.10 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4607 file<=5.19 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587 cups<1.7.4 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3537 cups<1.7.4 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5029 cups<2.0 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5030 cups<2.0 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5031 suse{,32}_libcups-[0-9]* symlink-attack http://support.novell.com/security/cve/CVE-2014-3537.html suse{,32}_libcups-[0-9]* symlink-attack http://support.novell.com/security/cve/CVE-2014-5029.html suse{,32}_libcups-[0-9]* symlink-attack http://support.novell.com/security/cve/CVE-2014-5030.html suse{,32}_libcups-[0-9]* symlink-attack http://support.novell.com/security/cve/CVE-2014-5031.html ruby193-base<1.9.3p547nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4975 ruby200-base<2.0.0p481nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4975 ruby21-base<2.1.2nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4975 libgcrypt<1.5.4 side-channel http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5270 pppd<2.4.7 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3158 adobe-flash-plugin<11.2.202.406 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-21.html curl<7.38.0 data-manipulation http://curl.haxx.se/docs/adv_20140910A.html curl>7.31.0<7.38.0 data-manipulation http://curl.haxx.se/docs/adv_20140910B.html apache-tomcat>7<7.0.40 script-insertion-vulnerability http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.40 suse{,32}_base<13.1nb5 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-5119.html suse{,32}_base<13.1nb5 denial-of-service http://support.novell.com/security/cve/CVE-2014-6040.html haproxy<1.5.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-6269 squid<3.4.8 buffer-overflow http://www.squid-cache.org/Advisories/SQUID-2014_3.txt squid<3.4.8 buffer-overflow http://www.squid-cache.org/Advisories/SQUID-2014_4.txt fengoffice<2.7.0 cross-site-scripting http://sourceforge.net/projects/opengoo/files/fengoffice/fengoffice_2.7.0/ wireshark<1.10 denial-of-service https://www.wireshark.org/docs/relnotes/wireshark-1.10.10.html asterisk>=12.0<12.5.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-009.html asterisk>=11.0<11.12.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-010.html asterisk>=12.0<12.5.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-010.html dbus<1.8.8 arbitrary-code-execution https://bugs.freedesktop.org/show_bug.cgi?id=83622 dbus<1.8.8 denial-of-service https://bugs.freedesktop.org/show_bug.cgi?id=82820 dbus<1.8.8 denial-of-service https://bugs.freedesktop.org/show_bug.cgi?id=80559 dbus<1.8.8 denial-of-service https://bugs.freedesktop.org/show_bug.cgi?id=81053 dbus<1.8.8 denial-of-service https://bugs.freedesktop.org/show_bug.cgi?id=80919 nodejs<0.10.31 unspecified http://blog.nodejs.org/2014/08/19/node-v0-10-31-stable/ nginx>=1.7<1.7.5 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3616 nginx<1.6.2 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3616 phpmyadmin<4.2.8.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-10.php moodle<2.7.2 security-bypass https://moodle.org/mod/forum/discuss.php?d=269590 qemu<2.2 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3615 bash>=4.3<4.3.025 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271 bash>=4.3<4.3.025nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169 xenkernel41<4.1.6.1nb11 local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-104.html xenkernel41<4.1.6.1nb11 local-privilege-escalation http://xenbits.xenproject.org/xsa/advisory-105.html xenkernel41<4.1.6.1nb11 local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-106.html xenkernel42<4.2.5 local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-104.html xenkernel42<4.2.5 local-privilege-escalation http://xenbits.xenproject.org/xsa/advisory-105.html xenkernel42<4.2.5 local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-106.html xenkernel33-[0-9]* local-privilege-escalation http://xenbits.xenproject.org/xsa/advisory-105.html xenkernel33-[0-9]* local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-106.html xenkernel33-[0-9]* local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-104.html xenkernel3-[0-9]* local-privilege-escalation http://xenbits.xenproject.org/xsa/advisory-105.html xenkernel3-[0-9]* local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-106.html xenkernel3-[0-9]* local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-104.html nss>=3.16.2<3.16.2.1 spoofing https://www.mozilla.org/security/announce/2014/mfsa2014-73.html nss>=3.16.3<3.16.5 spoofing https://www.mozilla.org/security/announce/2014/mfsa2014-73.html nss>=3.17<3.17.1 spoofing https://www.mozilla.org/security/announce/2014/mfsa2014-73.html mediawiki<1.23.4 filtering-bypass https://www.mediawiki.org/wiki/Release_notes/1.23#MediaWiki_1.23.4 libvncserver-[0-9]* multiple-vulnerabilities http://www.ocert.org/advisories/ocert-2014-007.html perl<5.20.0nb2 stack-overflow https://www.lsexperts.de/advisories/lse-2014-06-10.txt wordpress<3.8.3 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6242 php{53,54,55}-ja-wordpress<3.8.3 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6242 c-icap<2.6 denial-of-service http://www.gentoo.org/security/en/glsa/glsa-201409-07.xml bash>=2.05<2.05.2.9nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271 bash>=2.05<2.05.2.9nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169 libvirt>=0.7.5<1.2.5 denial-of-service http://security.libvirt.org/2014/0003.html libvirt<1.2.9 sensitive-information-disclosure http://security.libvirt.org/2014/0004.html mediawiki<1.23.5 cross-site-scripting https://www.mediawiki.org/wiki/Release_notes/1.23#MediaWiki_1.23.5 phpmyadmin<4.2.9.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-11.php elasticsearch<1.4.0 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6439 xenkernel41<4.1.6.1nb12 denial-of-service http://xenbits.xenproject.org/xsa/advisory-108.html xenkernel41<4.1.6.1nb13 denial-of-service http://xenbits.xenproject.org/xsa/advisory-109.html xenkernel41<4.1.6.1nb13 denial-of-service http://xenbits.xenproject.org/xsa/advisory-110.html xenkernel41<4.1.6.1nb13 denial-of-service http://xenbits.xenproject.org/xsa/advisory-111.html xenkernel41<4.1.6.1nb13 denial-of-service http://xenbits.xenproject.org/xsa/advisory-112.html xenkernel41<4.1.6.1nb13 denial-of-service http://xenbits.xenproject.org/xsa/advisory-113.html xenkernel42<4.2.5nb1 denial-of-service http://xenbits.xenproject.org/xsa/advisory-108.html bash>=4.3<4.3.027 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7186 bash>=4.3<4.3.027 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7187 qemu<2.1.2 denial-of-service https://lists.gnu.org/archive/html/qemu-stable/2014-09/msg00231.html apache>=2.4<2.4.10nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3581 exctags<5.8nb1 denial-of-service http://seclists.org/oss-sec/2014/q3/842 php>=5.5<5.5.18 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3669 php55-exif<5.5.18 heap-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3670 php55-xmlrpc<5.5.18 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3668 php>=5.4<5.4.34 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3669 php54-exif<5.4.34 heap-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3670 php54-xmlrpc<5.4.34 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3668 php>=5.3<5.3.29nb1 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3669 php53-exif<5.3.29nb1 heap-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3670 php53-xmlrpc<5.3.29nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3668 bugzilla<4.5.6 multiple-vulnerabilities http://www.bugzilla.org/security/4.0.14/ bash>=4.3<4.3.027 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277 bash>=3.0<4.3.027 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6278 bash>=2.05<2.05.2.13 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277 bash>=2.05<2.05.2.13 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6278 libvirt<1.2.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3633 libvirt<1.2.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3657 kdelibs4<4.14 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5033 jenkins<1.565.3 multiple-vulnerabilities https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01 rsyslog<8.4.2 denial-of-service http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/ python26-[0-9]* integer-overflow http://bugs.python.org/issue22518 python33<3.3.6 integer-overflow http://bugs.python.org/issue22518 python27<2.7.8nb1 integer-overflow http://bugs.python.org/issue22518 python34<3.4.3 integer-overflow http://bugs.python.org/issue22520 python33<3.3.6 integer-overflow http://bugs.python.org/issue22520 adobe-flash-plugin<11.2.202.411 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-22.html mysql-server>=5.5<5.5.40 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL mysql-client>=5.5<5.5.40 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL sun-{jdk,jre}7<7.0.72 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixJAVA sun-{jdk,jre}6-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixJAVA openjdk7<1.7.72 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixJAVA durupal>=7<7.32 sql-injection https://www.drupal.org/SA-CORE-2014-005 openssl>=0.9.8<0.9.8zc multiple-vulnerabilities https://www.openssl.org/news/secadv_20141015.txt openssl>=1.0.0<1.0.0o multiple-vulnerabilities https://www.openssl.org/news/secadv_20141015.txt openssl>=1.0.1<1.0.1j multiple-vulnerabilities https://www.openssl.org/news/secadv_20141015.txt wpa_supplicant<2.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3686 getmail<4.46.0 spoofing http://pyropus.ca/software/getmail/CHANGELOG libxml2<2.9.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660 suse{,32}_libxml2-[0-9]* denial-of-service http://support.novell.com/security/cve/CVE-2014-0191.html python27<2.7.8 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7185 suse{,32}_base<13.1nb6 multiple-vulnerabilities http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html file<5.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710 libpurple<2.10.10 ssl-certificate-spoofing http://pidgin.im/news/security/?id=86 libpurple<2.10.10 denial-of-service http://pidgin.im/news/security/?id=87 libpurple<2.10.10 denial-of-service http://pidgin.im/news/security/?id=88 libpurple<2.10.10 sensitive-information-disclosure http://pidgin.im/news/security/?id=90 phpmyadmin<4.2.10.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-12.php claws-mail<3.10.0 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2576 ejabberd<14.07nb4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8760 wget<1.16 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4877 ruby193-base<1.9.3p550 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8080 ruby200-base<2.0.0p594 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8080 ruby21-base<2.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8080 tnftp<20141031 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8517 wireshark<1.10.11 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8710 wireshark<1.10.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8711 wireshark<1.10.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8712 wireshark<1.10.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8713 wireshark<1.10.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8714 thunderbird<31.2 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird/#thunderbird31.2 firefox>31<31.2 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox-esr/#firefoxesr31.2 libreoffice4>=4.2<4.2.7 arbitrary-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2014-3693/ libreoffice4-bin>=4.2<4.2.7 arbitrary-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2014-3693/ libreoffice4>=4.3<4.3.3 arbitrary-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2014-3693/ libreoffice4-bin>=4.3<4.3.3 arbitrary-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2014-3693/ suse{,32}_openssl<13.1nb10 multiple-vulnerabilities https://www.openssl.org/news/secadv_20141015.txt qemu<2.2.0 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3689 qemu<2.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7815 konversation>=1.5<1.5.1 denial-of-service http://openwall.com/lists/oss-security/2014/10/26/1 ffmpeg1<1.2.9 multiple-vulnerabilities http://secunia.com/advisories/60739/ ffmpeg2<2.4.2 multiple-vulnerabilities http://secunia.com/advisories/60739/ curl>=7.17.1<7.39.0 sensitive-information-disclosure http://curl.haxx.se/docs/adv_20141105.html ap{22,24}-auth-mellon<0.8.1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8566 ap{22,24}-auth-mellon<0.8.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8567 libvirt<1.2.11 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7823 libvirt<1.2.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8131 adobe-flash-plugin<11.2.202.418 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-24.html gnutls>=3.3<3.3.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8564 gnutls>=3.2<3.2.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8564 gnutls>=3.1<3.1.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8564 polarssl>=1.2<1.2.12 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8627 polarssl>=1.3<1.3.9 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8627 polarssl>=1.2<1.2.12 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8628 polarssl>=1.3<1.3.9 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8628 php{53,54,55}-owncloud<5.0.18 unspecified http://owncloud.org/releases/Changelog php{53,54,55}-owncloud>=6.0<6.0.6 unspecified http://owncloud.org/releases/Changelog krfb<4.14.3 multiple-vulnerabilities http://www.ocert.org/advisories/ocert-2014-007.html ImageMagick<6.8.9.9 multiple-vulnerabilities http://secunia.com/advisories/61943/ GraphicsMagick<1.3.21 heap-overflow http://sourceforge.net/p/graphicsmagick/code/ci/4426024497f9ed26cbadc5af5a5de55ac84796ff/ zeromq<4.0.5 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7202 zeromq<4.0.5 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7203 tcpdump>=3.8<4.7.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8769 tcpdump>=3.5.0<4.7.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8768 tcpdump>=3.9.6<4.7.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8767 xenkernel42<4.2.5nb2 denial-of-service http://xenbits.xenproject.org/xsa/advisory-109.html xenkernel42<4.2.5nb2 denial-of-service http://xenbits.xenproject.org/xsa/advisory-110.html xenkernel42<4.2.5nb2 denial-of-service http://xenbits.xenproject.org/xsa/advisory-111.html xenkernel42<4.2.5nb2 denial-of-service http://xenbits.xenproject.org/xsa/advisory-112.html xenkernel42<4.2.5nb2 denial-of-service http://xenbits.xenproject.org/xsa/advisory-113.html moodle>=2.5<2.5.9 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275146 moodle>=2.6<2.6.6 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275146 moodle>=2.7<2.7.3 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275146 moodle>=2.5<2.5.9 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275147 moodle>=2.6<2.6.6 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275147 moodle>=2.7<2.7.3 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275147 moodle-2.7 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275153 moodle-2.7.2 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275153 moodle>=2.5<2.5.9 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275154 moodle>=2.6<2.6.6 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275154 moodle>=2.7<2.7.3 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275154 moodle>=2.5<2.5.9 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275155 moodle>=2.6<2.6.6 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275155 moodle>=2.7<2.7.3 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275155 moodle>=2.5<2.5.9 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275159 moodle>=2.6<2.6.6 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275159 moodle>=2.7<2.7.3 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275159 moodle>=2.6<2.6.6 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275161 moodle>=2.7<2.7.3 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275161 moodle>=2.5<2.5.9 cross-site-request-forgery https://moodle.org/mod/forum/discuss.php?d=275162 moodle>=2.6<2.6.6 cross-site-request-forgery https://moodle.org/mod/forum/discuss.php?d=275162 moodle>=2.7<2.7.3 cross-site-request-forgery https://moodle.org/mod/forum/discuss.php?d=275162 moodle>=2.5<2.5.9 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=275163 moodle>=2.6<2.6.6 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=275163 moodle>=2.7<2.7.3 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=275163 moodle>=2.5<2.5.9 cross-site-request-forgery https://moodle.org/mod/forum/discuss.php?d=275164 moodle>=2.6<2.6.6 cross-site-request-forgery https://moodle.org/mod/forum/discuss.php?d=275164 moodle>=2.7<2.7.3 cross-site-request-forgery https://moodle.org/mod/forum/discuss.php?d=275164 clamav<0.98.5 denial-of-service https://bugzilla.clamav.net/show_bug.cgi?id=11088 drupal>=6<6.34 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2014-006 drupal>=7<7.34 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2014-006 asterisk>=1.8<1.8.32.1 security-bypass http://downloads.digium.com/pub/security/AST-2014-012.html asterisk>=11<11.14.1 security-bypass http://downloads.digium.com/pub/security/AST-2014-012.html asterisk>=11<11.14.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2014-017.html asterisk>=1.8<1.8.32.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2014-018.html asterisk>=11<11.14.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2014-018.html wordpress<4.0.1 multiple-vulnerabilities https://wordpress.org/news/2014/11/wordpress-4-0-1/ php{53,54,55}-ja-wordpress<4.0.1 multiple-vulnerabilities https://wordpress.org/news/2014/11/wordpress-4-0-1/ dbus<1.8.10 denial-of-service https://bugs.freedesktop.org/show_bug.cgi?id=85105 suse{,32}_libdbus-[0-9]* denial-of-service https://bugs.freedesktop.org/show_bug.cgi?id=85105 mit-krb5<1.10.7nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5351 ruby193-base<1.9.3p551 denial-of-service https://www.ruby-lang.org/en/news/2014/11/13/rexml-dos-cve-2014-8090/ ruby200-base<2.0.0p598 denial-of-service https://www.ruby-lang.org/en/news/2014/11/13/rexml-dos-cve-2014-8090/ ruby21-base<2.1.5 denial-of-service https://www.ruby-lang.org/en/news/2014/11/13/rexml-dos-cve-2014-8090/ phpmyadmin<4.2.12 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-13.php phpmyadmin<4.2.12 local-file-reading http://www.phpmyadmin.net/home_page/security/PMASA-2014-14.php phpmyadmin<4.2.12 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-15.php ImageMagick<6.8.9.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8716 flac<1.3.1 multiple-vulnerabilities http://www.ocert.org/advisories/ocert-2014-008.html qemu<2.2.0 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7840 adobe-flash-plugin<11.2.202.424 arbitrary-code-execution http://helpx.adobe.com/security/products/flash-player/apsb14-26.html phpmyadmin<4.2.12 input-validation http://www.phpmyadmin.net/home_page/security/PMASA-2014-16.php pcre<8.36nb1 denial-of-service http://bugs.exim.org/show_bug.cgi?id=1546 gcpio-[0-9]* out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9112 libksba<1.3.2 heap-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2014q4/000359.html clamav<0.98.5 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9050 mediawiki<1.23.7 multiple-vulnerabilities https://www.mediawiki.org/wiki/Release_notes/1.23#MediaWiki_1.23.7 icecast<2.4.1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9018 mantis<1.2.18 arbitrary-code-execution http://seclists.org/oss-sec/2014/q4/576 mantis<1.2.18 cross-site-scripting http://seclists.org/oss-sec/2014/q4/617 mantis<1.2.18 multiple-vulnerabilities http://seclists.org/oss-sec/2014/q4/577 mantis<1.2.18 sensitive-information-disclosure http://seclists.org/oss-sec/2014/q4/623 mantis<1.2.18 sql-injection http://seclists.org/oss-sec/2014/q4/795 p5-Plack<1.0031 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5269 python{26,33}-[0-9]* arbitrary-code-execution http://bugs.python.org/issue22885 python27<2.7.9nb1 arbitrary-code-execution http://bugs.python.org/issue22885 python34<3.4.3 arbitrary-code-execution http://bugs.python.org/issue22885 libyaml<0.1.6 denial-of-service http://www.openwall.com/lists/oss-security/2014/11/28/1 p5-YAML-LibYAML<0.54 denial-of-service http://www.openwall.com/lists/oss-security/2014/11/28/1 graphviz<2.38.0nb3 format-string https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9157 p5-Mojolicious<5.48 parameter-injection http://advisories.mageia.org/MGASA-2014-0488.html libjpeg-turbo<1.4.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9092 jasper<1.900.1nb8 arbitrary-code-execution http://www.ocert.org/advisories/ocert-2014-009.html nss<3.17.3 security-bypass https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.3_release_notes phpmyadmin<4.2.13.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-18.php phpmyadmin<4.2.13.1 denial-of-service http://www.phpmyadmin.net/home_page/security/PMASA-2014-17.php wpa_supplicant<2.3 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3686 mutt<1.5.23nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9116 gettext-tools<0.19.4 denial-of-service https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769901 opera<26 multiple-vulnerabilities http://www.opera.com/docs/changelogs/unified/2600/ firefox>=33<34 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox34 seamonkey<2.31 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/seamonkey/#seamonkey2.31 thunderbird<31.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.3 firefox31>=31<31.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.3 openvpn<2.3.6 denial-of-service https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-97597e732b mpfr<3.1.2pl11 buffer-overflow http://www.mpfr.org/mpfr-3.1.2/#p11 getmail>=4.0.0<4.43.0 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7273 getmail>=4.44.0<4.45.0 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7274 getmail>=4.0.0<4.44.0 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7275 qemu<2.2.0 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8106 bind>=9.0<9.9.6pl1 denial-of-service https://kb.isc.org/article/AA-01216/74/CVE-2014-8500 bind>=9.10<9.10.1pl1 denial-of-service https://kb.isc.org/article/AA-01216/74/CVE-2014-8500 ap{22,24}-py{34,33,27,26}-wsgi<4.2.4 security-bypass http://modwsgi.readthedocs.org/en/latest/release-notes/version-4.2.4.html xenkernel42<4.2.5nb3 denial-of-service http://xenbits.xenproject.org/xsa/advisory-114.html adobe-flash-plugin<11.2.202.425 arbitrary-code-execution http://helpx.adobe.com/security/products/flash-player/apsb14-27.html binutils<2.25 multiple-vulnerabilities https://sourceware.org/bugzilla/show_bug.cgi?id=17510 binutils<2.25 multiple-vulnerabilities https://sourceware.org/bugzilla/show_bug.cgi?id=17552 php{53,54,55,56}-concrete5<5.7.4.2 cross-site-scripting http://morxploit.com/morxploits/morxconxss.txt ghostscript-gpl<9.06nb3 arbitrary-code-execution http://www.ocert.org/advisories/ocert-2014-009.html asterisk>=11.0<11.14.2 denial-of-service http://downloads.asterisk.org/pub/security/AST-2014-019.html asterisk>=12.0<12.7.2 denial-of-service http://downloads.asterisk.org/pub/security/AST-2014-019.html asterisk>=13.0<13.0.2 denial-of-service http://downloads.asterisk.org/pub/security/AST-2014-019.html modular-xorg-server<1.12.4nb6 multiple-vulnerabilities http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/ pdns-recursor<3.6.2 denial-of-service https://doc.powerdns.com/md/security/powerdns-advisory-2014-02/ unbound<1.4.22nb1 denial-of-service http://www.unbound.net/downloads/CVE-2014-8602.txt libxml2<2.9.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660 suse{,32}_libxml2-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660 file<5.21 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116 file<5.21 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117 ffmpeg2<2.5 multiple-vulnerabilities http://ffmpeg.org/security.html typo3>=4.5.0<4.5.37 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-002/ typo3>=4.7.0<4.7.20 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-002/ typo3>=6.1.0<6.1.11 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-002/ typo3>=4.5.0<4.5.39 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003/ typo3>=4.7.0<4.7.21 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003/ typo3>=6.1.0<6.1.12 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003/ rpm<4.11.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6435 rpm<4.12.0.1nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8118 libyaml<0.1.6nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9130 p5-YAML-LibYAML<0.53 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9130 python26-[0-9]* security-bypass http://bugs.python.org/issue22417 python27<2.7.9 security-bypass http://bugs.python.org/issue22417 python33-[0-9]* security-bypass http://bugs.python.org/issue22417 python34<3.4.3 security-bypass http://bugs.python.org/issue22417 suse{,32}_gtk2<13.1nb4 arbitrary-code-execution http://lists.opensuse.org/opensuse-updates/2014-12/msg00062.html git-base<2.2.1 client-code-execution-from-hostile-server http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9390 c-icap<0.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7401 c-icap<0.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7402 ruby{193,200,215}-mcollective<2.5.3 security-bypass http://puppetlabs.com/security/cve/cve-2014-3251 ettercap-[0-9]* multiple-vulnerabilities https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/ heirloom-mailx<12.5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2771 heirloom-mailx<12.5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7844 rrdtool<1.4.9 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2131 ap{22,24}-subversion<1.8.11 denial-of-service http://subversion.apache.org/security/CVE-2014-3580-advisory.txt ap{22,24}-subversion<1.8.11 denial-of-service http://subversion.apache.org/security/CVE-2014-8108-advisory.txt ruby{193,200,215}-puppet<3.7.1 sensitive-information-disclosure http://puppetlabs.com/security/cve/cve-2014-9355 php>=5.4<5.4.36 denial-of-service http://php.net/ChangeLog-5.php#5.4.36 mit-krb5>=1.5<1.10.7nb3 multiple-vulnerabilities http://web.mit.edu/kerberos/krb5-1.12/ libvirt<1.2.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8135 libvirt<1.2.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8136 varnish<3.0.4 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0345 varnish<3.0.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4484 jasper<1.900.1nb9 heap-overflow http://www.ocert.org/advisories/ocert-2014-012.html ghostscript-gpl<9.06nb4 heap-overflow http://www.ocert.org/advisories/ocert-2014-012.html php>=5.5<5.5.20 denial-of-service http://php.net/ChangeLog-5.php#5.5.20 php>=5.6<5.6.4 denial-of-service http://php.net/ChangeLog-5.php#5.6.4 ntp<4.2.8 multiple-vulnerabilities http://www.kb.cert.org/vuls/id/852879 unzip<6.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8139 unzip<6.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8140 unzip<6.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8141 unzip<6.0nb2 denial-of-service http://seclists.org/oss-sec/2014/q4/1131 sox<1.14.2 heap-overflow http://www.ocert.org/advisories/ocert-2014-010.html mediawiki<1.24.1 multiple-vulnerabilities https://www.mediawiki.org/wiki/Release_notes/1.23#MediaWiki_1.23.8 libssh<0.64 multiple-vulnerabilities http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/ exiv2<0.25 heap-overflow http://dev.exiv2.org/issues/960 libsndfile<1.0.25nb2 multiple-vulnerabilities http://secunia.com/advisories/61132 wireshark<1.10.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2015-03.html wireshark<1.10.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2015-04.html wireshark<1.10.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2015-05.html ImageMagick<6.9.0.2 denial-of-service http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26682 ImageMagick<6.9.0.2 denial-of-service http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26699 libreoffice4>=4.3<4.3.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9093 libreoffice4-bin>=4.3<4.3.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9093 apache>=2.4<2.4.10nb3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8109 gnupg2<2.0.26 arbitrary-code-execution http://secunia.com/advisories/61939/ png>=1.5<1.5.21 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9495 png>=1.6<1.6.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9495 png>=1.5<1.5.21 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0973 png>=1.6<1.6.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0973 libevent<2.0.22 integer-overflow https://raw.githubusercontent.com/libevent/libevent/release-2.0.22-stable/ChangeLog arc-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2015-9275 privoxy<3.0.22 multiple-vulnerabilities http://secunia.com/advisories/62123 zoneminder<1.28.0 system-compromise https://github.com/ZoneMinder/ZoneMinder/releases/tag/v1.28.0 curl>=7.31.0<7.39.0nb1 security-bypass http://curl.haxx.se/docs/adv_20150108B.html lftp<4.4.6nb4 ssl-certificate-spoofing https://github.com/lavv17/lftp/issues/116 webmin<1.730 sensitive-information-disclosure http://www.webmin.com/changes.html pwgen<2.07 weak-password-generator http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4440 pwgen<2.07 insufficiently-random-numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4442 mit-krb5<1.10.7nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5353 file<5.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116 file<5.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117 openssl>=0.9.8<0.9.8zd multiple-vulnerabilities http://www.openssl.org/news/secadv_20150108.txt openssl>=1.0.0<1.0.0p multiple-vulnerabilities http://www.openssl.org/news/secadv_20150108.txt openssl>=1.0.1<1.0.1k multiple-vulnerabilities http://www.openssl.org/news/secadv_20150108.txt mantis<1.2.19 multiple-vulnerabilities https://www.mantisbt.org/bugs/changelog_page.php?version_id=238 adobe-flash-plugin<11.2.202.429 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb15-01.html chicken<4.9.0.2 multiple-vulnerabilities http://lists.gnu.org/archive/html/chicken-announce/2015-01/msg00001.html firefox>=34<35 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox35 seamonkey<2.32 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/seamonkey/#seamonkey2.32 thunderbird<31.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.4 firefox31>=31<31.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.4 py{33,32,27}-django>=1.5<1.7.3 multiple-vulnerabilities https://docs.djangoproject.com/en/1.7/releases/1.7.3/ samba>=4<4.1.16 security-bypass https://www.samba.org/samba/security/CVE-2014-8143 asterisk>=12.0<12.8.1 denial-of-service http://downloads.digium.com/pub/security/AST-2015-001.html asterisk>=13.0<13.1.1 denial-of-service http://downloads.digium.com/pub/security/AST-2015-001.html asterisk>=1.8<1.8.32.2 security-bypass http://downloads.digium.com/pub/security/AST-2015-002.html asterisk>=11.0<11.15.1 security-bypass http://downloads.digium.com/pub/security/AST-2015-002.html asterisk>=12.0<12.8.1 security-bypass http://downloads.digium.com/pub/security/AST-2015-002.html asterisk>=13.0<13.1.1 security-bypass http://downloads.digium.com/pub/security/AST-2015-002.html djvulibre-tools-[0-9]* insecure-temp-file https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775193 xdg-utils>=1.1.0-rc2<1.1.0-rc4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9622 moodle>=2.8<2.8.2 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=278612 moodle>=2.8<2.8.2 cross-site-request-forgery https://moodle.org/mod/forum/discuss.php?d=278613 moodle>=2.8<2.8.2 information-leak https://moodle.org/mod/forum/discuss.php?d=278614 moodle>=2.8<2.8.2 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=278615 moodle>=2.8<2.8.2 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=278616 moodle>=2.8<2.8.2 denial-of-service https://moodle.org/mod/forum/discuss.php?d=278617 kde-workspace-[0-9]* sensitive-information-disclosure https://www.kde.org/info/security/advisory-20150122-2.txt websvn-[0-9]* symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6892 py{34,33,27,26}-Pillow<2.7.0 denial-of-service http://pillow.readthedocs.org/releasenotes/2.7.0.html#png-text-chunk-size-limits ffmpeg2<2.5.2 multiple-vulnerabilities http://ffmpeg.org/security.html mysql-server>=5.5<5.5.42 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL mysql-client>=5.5<5.5.42 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL mysql-server>=5.6<5.6.23 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL mysql-client>=5.6<5.6.23 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL sympa<6.1.24 remote-file-access https://www.sympa.org/security_advisories#security_breaches_in_newsletter_posting_cve-2015-1306 jasper<1.900.1nb10 multiple-vulnerabilities http://www.ocert.org/advisories/ocert-2015-001.html adobe-flash-plugin<11.2.202.438 security-bypass http://helpx.adobe.com/security/products/flash-player/apsb15-02.html adobe-flash-plugin<11.2.202.440 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb15-03.html sun-{jdk,jre}7<7.0.76 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA sun-{jdk,jre}6-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA openjdk7<1.7.76 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA rabbitmq<3.4.1 multiple-vulnerabilities https://www.rabbitmq.com/release-notes/README-3.4.1.txt polarssl-[0-9]* arbitrary-code-execution https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04 bugzilla<4.4.7 multiple-vulnerabilities http://www.bugzilla.org/security/4.0.15/ libvirt<1.2.12 security-bypass http://security.libvirt.org/2015/0001.html webkit-gtk<2.4.8 multiple-vulnerabilities http://webkitgtk.org/security/WSA-2015-0001.html privoxy<3.0.23 multiple-vulnerabilities http://secunia.com/advisories/62147/ clamav<0.98.6 multiple-vulnerabilities http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html adobe-flash-plugin<11.2.202.442 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb15-04.html php{53,54,55}-piwigo<2.5.6 sql-injection http://piwigo.org/forum/viewtopic.php?id=25016 rabbitmq<3.4.3 multiple-vulnerabilities https://www.rabbitmq.com/release-notes/README-3.4.3.txt mit-krb5<1.10.7nb5 multiple-vulnerabilities http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt icu<54.1nb2 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923 icu<54.1nb2 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926 ntp<4.2.8p1 multiple-vulnerabilities http://www.kb.cert.org/vuls/id/852879 squid<3.4.12 security-bypass http://bugs.squid-cache.org/show_bug.cgi?id=4066 squid>=3.5.0<3.5.2 security-bypass http://bugs.squid-cache.org/show_bug.cgi?id=4066 py{34,33,27,26}-requests<2.3.0 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1830 py{34,33,27,26}-requests<2.3.0 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1829 openldap>=2.4.13<2.4.41 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1545 openldap<2.4.41 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1546 moodle<2.8.3 directory-traversal http://www.secunia.com/advisories/62769/ php>=5.4<5.4.36 http-response-splitting http://secunia.com/advisories/62831 php>=5.5<5.5.22 http-response-splitting http://secunia.com/advisories/62831 php>=5.6<5.6.6 http-response-splitting http://secunia.com/advisories/62831 postgresql90-server<9.0.19 multiple-vulnerabilities https://www.postgresql.org/about/news/1569/ postgresql91-server<9.1.15 multiple-vulnerabilities https://www.postgresql.org/about/news/1569/ postgresql92-server<9.2.10 multiple-vulnerabilities https://www.postgresql.org/about/news/1569/ postgresql93-server<9.3.6 multiple-vulnerabilities https://www.postgresql.org/about/news/1569/ postgresql94-server<9.4.1 multiple-vulnerabilities https://www.postgresql.org/about/news/1569/ postgresql90-pgcrypto<9.0.19 buffer-overrun http://secunia.com/advisories/62806 postgresql91-pgcrypto<9.1.15 buffer-overrun http://secunia.com/advisories/62806 postgresql92-pgcrypto<9.2.10 buffer-overrun http://secunia.com/advisories/62806 postgresql93-pgcrypto<9.3.6 buffer-overrun http://secunia.com/advisories/62806 postgresql94-pgcrypto<9.4.1 buffer-overrun http://secunia.com/advisories/62806 ghostscript-gpl<9.06nb4 multiple-vulnerabilities http://www.ocert.org/advisories/ocert-2015-001.html e2fsprogs<1.42.12 heap-overflow http://www.ocert.org/advisories/ocert-2015-002.html vorbis-tools<1.4.0nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9640 apache-tomcat>=7.0<7.0.55 security-bypass http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55 apache-tomcat>=6.0<6.0.43 security-bypass http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.43 modular-xorg-server<1.12.4nb8 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0255 cabextract<1.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9556 ruby{18,193,200,215}-facter<2.4.1 information-leakage http://puppetlabs.com/security/cve/cve-2015-1426 elasticsearch<1.4.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1427 ruby18-base>=1.8.7<1.8.7.374nb2 denial-of-service http://secunia.com/advisories/62920 antiword<0.37nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8123 cups<2.0.2 buffer-overflow https://www.cups.org/str.php?L4551 contao33-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages contao32<3.2.19 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0269 contao33<3.3.7nb1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0269 contao34<3.4.4 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0269 jabberd>=2<999 information-disclosure https://github.com/jabberd2/jabberd2/issues/85 py{25,26,27,33,34}-django<1.6.6 multiple-vulnerabilities http://secunia.com/advisories/60181/ ffmpeg1<1.2.11 multiple-vulnerabilities http://secunia.com/advisories/62968/ ffmpeg2<2.5.2 multiple-vulnerabilities http://secunia.com/advisories/62968/ gnupg2<2.0.27 multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2015/02/13/14 roundcube<1.0.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1433 gcpio<2.13 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1197 sun-j{re,dk}7<7.0.71 multiple-vulnerabilities http://secunia.com/advisories/62516 sudo<1.7.10p9 arbitrary-file-access http://www.sudo.ws/sudo/alerts/tz.html patch>=2.7.1<2.7.3 multiple-vulnerabilities http://seclists.org/oss-sec/2015/q1/189 zoneminder<1.28.1 security-bypass http://secunia.com/advisories/62918/ php>=5.4<5.4.37nb1 multiple-vulnerabilities https://bugs.php.net/bug.php?id=68942 php>=5.5<5.5.21nb1 multiple-vulnerabilities https://bugs.php.net/bug.php?id=68942 php>=5.6<5.6.5nb1 multiple-vulnerabilities https://bugs.php.net/bug.php?id=68942 php{53,54,55,56}-piwigo<2.7.4 sql-injection http://seclists.org/fulldisclosure/2015/Feb/73 bind>=9.7.0<9.9.6pl2 denial-of-service https://kb.isc.org/article/AA-01235/0 bind>=9.10.1<9.10.1pl2 denial-of-service https://kb.isc.org/article/AA-01235/0 cabextract<1.6 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2015-2060 suse{,32}_base<13.1 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235 typo3>=4.5.0<4.5.39 authentication-bypass http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-001/ lame<3.99.5nb2 arbitrary-code-execution http://secunia.com/advisories/62995/ php>=5.4<5.4.37 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231 php>=5.5<5.5.21 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231 php>=5.6<5.6.5 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231 php>=5.4<5.4.36 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9427 php>=5.5<5.5.20 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9427 php>=5.6<5.6.4 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9427 ffmpeg2<2.5.4 unknown http://secunia.com/advisories/62944 ffmpeg1<1.2.12 unknown http://secunia.com/advisories/63009 clamav<0.96.6 denial-of-service http://secunia.com/advisories/62443 sun-{jdk,jre}7>=6.0.85<6.0.86 unspecified http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA sun-{jdk,jre}7>=7.0.72<7.0.73 unspecified http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA mit-krb5<1.10.7nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5355 php>=5.4<5.4.36 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8142 php>=5.5<5.5.20 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8142 php>=5.6<5.6.4 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8142 php>=5.4<5.4.37 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0232 php>=5.5<5.5.21 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0232 php>=5.6<5.6.5 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0232 php>=5.4<5.4.37 out-of-bounds-read https://bugs.php.net/bug.php?id=68735 php>=5.5<5.5.21 out-of-bounds-read https://bugs.php.net/bug.php?id=68735 php>=5.6<5.6.5 out-of-bounds-read https://bugs.php.net/bug.php?id=68735 mysql-client>5.6<5.6.21 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL mysql-server>5.6<5.6.21 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL suse{,32}_krb5-[0-9]* denial-of-service http://www.secunia.com/advisories/62976 openjdk7-bin-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages samba>=3.6<3.6.25 unexpected-code-execution https://www.samba.org/samba/security/CVE-2015-0240 ruby{18,193,200,215}-redcloth-[0-9]* cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6684 xdg-utils<1.1.1 command-injection https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777722 xentools45<4.5.0nb2 unexpected-backend http://xenbits.xen.org/xsa/#XSA-119 xentools42<4.2.5nb3 unexpected-backend http://xenbits.xen.org/xsa/#XSA-119 xentools41-[0-9]* possibly-unexpected-backend http://xenbits.xen.org/xsa/#XSA-119 xentools33-[0-9]* possibly-unexpected-backend http://xenbits.xen.org/xsa/#XSA-119 xentools3-[0-9]* possibly-unexpected-backend http://xenbits.xen.org/xsa/#XSA-119 xentools3-hvm-[0-9]* possibly-unexpected-backend http://xenbits.xen.org/xsa/#XSA-119 xenkernel45<4.5.0nb1 information-leak http://xenbits.xen.org/xsa/advisory-121.html xenkernel42<4.2.5nb4 information-leak http://xenbits.xen.org/xsa/advisory-121.html xenkernel41<4.1.6.1nb14 information-leak http://xenbits.xen.org/xsa/advisory-121.html xenkernel33-[0-9]* information-leak http://xenbits.xen.org/xsa/advisory-121.html xenkernel3-[0-9]* information-leak http://xenbits.xen.org/xsa/advisory-121.html xenkernel45<4.5.0nb1 information-leak http://xenbits.xen.org/xsa/advisory-122.html xenkernel42<4.2.5nb4 information-leak http://xenbits.xen.org/xsa/advisory-122.html xenkernel41<4.1.6.1nb14 information-leak http://xenbits.xen.org/xsa/advisory-122.html xenkernel33-[0-9]* information-leak http://xenbits.xen.org/xsa/advisory-122.html xenkernel3-[0-9]* information-leak http://xenbits.xen.org/xsa/advisory-122.html xenkernel45<4.5.0nb2 memory-corruption http://xenbits.xen.org/xsa/advisory-123.html xenkernel42<4.2.5nb5 memory-corruption http://xenbits.xen.org/xsa/advisory-123.html xenkernel41<4.1.6.1nb15 memory-corruption http://xenbits.xen.org/xsa/advisory-123.html xenkernel33-[0-9]* memory-corruption http://xenbits.xen.org/xsa/advisory-123.html xenkernel3-[0-9]* memory-corruption http://xenbits.xen.org/xsa/advisory-123.html ImageMagick<6.9.0.5 denial-of-service http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26929 ImageMagick<6.9.0.5 denial-of-service http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26931 ImageMagick<6.9.0.5 denial-of-service http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26932 ImageMagick<6.9.0.5 denial-of-service http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26933 suse{,32}_base<13.1nb8 denial-of-service http://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html firefox31>=31<31.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.5 xulrunner31>=31<31.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.5 thunderbird<31.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.5 firefox>=35.0.1<36 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox36 dojo<1.10.3 multiple-vulnerabilities http://dojotoolkit.org/blog/dojo-security-advisory-2014-12-08 p5-gtk2-[0-9]* arbitrary-code-execution https://www.debian.org/security/2015/dsa-3173 rt4<4.2.10 multiple-vulnerabilities http://blog.bestpractical.com/2015/02/rt-4210-released.html rt<3.8.17nb4 multiple-vulnerabilities http://blog.bestpractical.com/2015/02/security-vulnerabilities-in-rt.html tcllib<1.15nb1 cross-site-scripting http://core.tcl.tk/tcllib/tktview/09110adc430de8c91d26015f9697cdd099755e63 tcl-snack-[0-9]* heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6303 glusterfs<3.5.3 denial-of-service https://github.com/gluster/glusterfs/blob/v3.5.3/doc/release-notes/3.5.3.md gnupg<1.4.19 multiple-vulnerabilities http://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000363.html libgcrypt<1.6.3 multiple-vulnerabilities http://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000364.html jenkins<1.596.1 multiple-vulnerabilities https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27 qt4-libs<4.8.6nb4 denial-of-service http://lists.qt-project.org/pipermail/announce/2015-February/000059.html qt5-qtbase<5.4.0nb1 denial-of-service http://lists.qt-project.org/pipermail/announce/2015-February/000059.html unace-[0-9]* buffer-overflow https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775003 gnats<4.2.0 local-privilege-escalation http://permalink.gmane.org/gmane.org.fsf.announce/2284 py{26,27}-rope-[0-9]* remote-code-execution https://github.com/python-rope/rope/issues/105 wireshark<1.10.13 multiple-vulnerabilities https://www.wireshark.org/docs/relnotes/wireshark-1.10.13.html openssl>1.0.2<1.0.2a denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209 openssl>1.0.2<1.0.2a denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288 tcpdump<4.6.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9140 tcpdump<4.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0261 tcpdump<4.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2153 tcpdump<4.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2154 tcpdump<4.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2155 librsvg<2.40.8 denial-of-service https://download.gnome.org/sources/librsvg/2.40/librsvg-2.40.8.news libssh2<1.5.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1782 cups-filters<1.0.66 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4336 cups-filters<1.0.53 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4337 opera<28 unknown-impact http://www.opera.com/docs/changelogs/unified/2800/ suse{,32}_freetype2-<13.1nb2 multiple-vulnerabilities http://www.suse.com/support/update/announcement/2015/suse-su-20150463-1.html adobe-flash-plugin<11.2.202.451 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb15-05.html py{26,27,33,34}-django<1.7.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2241 percona-toolkit<2.2.13 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1027 libXfont<1.5.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1802 libXfont<1.5.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1803 libXfont<1.5.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1804 phpmyadmin<4.3.11.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2015-1.php openssl>0.9.8<0.9.8zf multiple-vulnerabilities https://www.openssl.org/news/secadv_20150319.txt openssl>1.0.0<1.0.0r multiple-vulnerabilities https://www.openssl.org/news/secadv_20150319.txt openssl>1.0.1<1.0.1m multiple-vulnerabilities https://www.openssl.org/news/secadv_20150319.txt openssl>1.0.2<1.0.2a multiple-vulnerabilities https://www.openssl.org/news/secadv_20150319.txt suse{,32}_openssl>=12.1 multiple-vulnerabilities https://www.openssl.org/news/secadv_20150319.txt suse{,32}_openssl>=13.1 multiple-vulnerabilities https://www.openssl.org/news/secadv_20150319.txt binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/ binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/ binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/ avr-binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/ avr-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/ avr-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/ binutils-mips-current<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/ binutils-mips-current<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/ binutils-mips-current<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/ freemint-binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/ freemint-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/ freemint-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/ h8300-elf-binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/ h8300-elf-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/ h8300-elf-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/ h8300-hms-binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/ h8300-hms-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/ h8300-hms-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/ mingw-binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/ mingw-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/ mingw-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/ nios2-binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/ nios2-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/ nios2-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/ cross-binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/ cross-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/ cross-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/ xerces-c<3.1.2 multiple-vulnerabilities http://secunia.com/advisories/63516/ firefox<36.0.3 privilege-escalation https://www.mozilla.org/en-US/security/advisories/mfsa2015-29/ firefox<36.0.4 privilege-escalation https://www.mozilla.org/en-US/security/advisories/mfsa2015-28/ firefox31<31.5.2 privilege-escalation https://www.mozilla.org/en-US/security/advisories/mfsa2015-29/ firefox31<31.5.3 privilege-escalation https://www.mozilla.org/en-US/security/advisories/mfsa2015-28/ seamonkey<2.33.1 privilege-escalation https://www.mozilla.org/en-US/security/advisories/mfsa2015-28/ seamonkey<2.33.1 privilege-escalation https://www.mozilla.org/en-US/security/advisories/mfsa2015-29/ icu<55.1 integer-overflow http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654 nodejs<0.10.37 privilege-escalation http://blog.nodejs.org/2015/03/14/node-v0-10-37-stable tiff<4.0.4beta multiple-vulnerabilities http://advisories.mageia.org/MGASA-2015-0112.html suse{,32}_libtiff>=10.0 multiple-vulnerabilities http://advisories.mageia.org/MGASA-2015-0112.html suse{,32}_libtiff>=12.1 multiple-vulnerabilities http://advisories.mageia.org/MGASA-2015-0112.html suse{,32}_libtiff>=13.1 multiple-vulnerabilities http://advisories.mageia.org/MGASA-2015-0112.html putty<0.64 privacy-leak http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html ffmpeg2<2.5.1 use-after-free http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7933 gnutls<3.1.0 signature-forgery https://nvd.nist.gov/vuln/detail/CVE-2015-0282 gnutls<3.3.13 ssl-certificate-spoofing https://nvd.nist.gov/vuln/detail/CVE-2015-0294 moodle>=2.6<2.6.8 multiple-vulnerabilities http://secunia.com/advisories/62957/ moodle>=2.7<2.7.5 multiple-vulnerabilities http://secunia.com/advisories/62957/ moodle>=3.8<3.8.3 multiple-vulnerabilities http://secunia.com/advisories/62957/ lasso<2.4.1 denial-of-service http://secunia.com/advisories/63310/ cups-filters<1.0.66 remote-code-execution http://secunia.com/advisories/63033/ file<5.21 multiple-vulnerabilities http://secunia.com/advisories/63423/ file<5.22 denial-of-service https://www.debian.org/security/2015/dsa-3196 php>=5.4<5.4.39 multiple-vulnerabilities https://www.debian.org/security/2015/dsa-3195.en.html php>=5.5<5.5.23 multiple-vulnerabilities https://www.debian.org/security/2015/dsa-3195.en.html php>=5.6<5.6.7 multiple-vulnerabilities https://www.debian.org/security/2015/dsa-3195.en.html py{26,27,33,34}-django>=1.4<1.4.20 cross-site-scripting https://www.djangoproject.com/weblog/2015/mar/18/security-releases/ py{26,27,33,34}-django>=1.6<1.6.11 cross-site-scripting https://www.djangoproject.com/weblog/2015/mar/18/security-releases/ py{26,27,33,34}-django>=1.7<1.7.7 cross-site-scripting https://www.djangoproject.com/weblog/2015/mar/18/security-releases/ python27<2.7.7 arbitrary-memory-access http://openwall.com/lists/oss-security/2014/06/24/7 python33<3.3.6 arbitrary-memory-access http://openwall.com/lists/oss-security/2014/06/24/7 python34<3.4.1 arbitrary-memory-access http://openwall.com/lists/oss-security/2014/06/24/7 python33<3.3.4 denial-of-service http://seclists.org/oss-sec/2013/q4/558 python34<3.4.0 denial-of-service http://seclists.org/oss-sec/2013/q4/558 drupal>=6<6.35 spoofing-attacks https://www.drupal.org/SA-CORE-2015-001 drupal>=7<7.35 spoofing-attacks https://www.drupal.org/SA-CORE-2015-001 suse{,32}_base>=10.0<13.1nb9 invalid-file-descriptor-reuse http://www.openwall.com/lists/oss-security/2015/01/28/20 suse{,32}_base>=10.0<13.1nb9 buffer-overrun http://www.openwall.com/lists/oss-security/2015/02/04/1 libzip<0.11.2nb1 integer-overflow http://www.openwall.com/lists/oss-security/2015/03/18/1 py{26,27,34,35,36}-mercurial<3.2.4 command-injection http://chargen.matasano.com/chargen/2015/3/17/this-new-vulnerability-mercurial-command-injection-cve-2014-9462.html php>5.5<5.5.22 use-after-free https://bugs.php.net/bug.php?id=68901 php>5.6<5.6.6 use-after-free https://bugs.php.net/bug.php?id=68901 tor>=0.2.4<0.2.4.26 denial-of-service https://lists.torproject.org/pipermail/tor-talk/2015-March/037281.html tor>=0.2.5<0.2.5.11 denial-of-service https://lists.torproject.org/pipermail/tor-talk/2015-March/037281.html gnupg<1.4.19 sensitive-information-disclosure http://lists.gnupg.org/pipermail/gnupg-users/2015-March/053276.html gnupg2<2.0.27 sensitive-information-disclosure http://lists.gnupg.org/pipermail/gnupg-users/2015-March/053276.html php>=5.4<5.4.39 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.4.39 php>=5.5<5.5.23 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.5.23 php>=5.6<5.6.7 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.7 mono>=3<3.12.1 multiple-vulnerabilities http://seclists.org/oss-sec/2015/q1/869 jenkins<1.596.2 multiple-vulnerabilities https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23 qemu<2.3.0 denial-of-service https://lists.gnu.org/archive/html/qemu-devel/2015-03/msg04894.html suse{,32}_qt4-[0-9]* denial-of-service http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html e2fsprogs<1.42.12 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1572 py{26,27,33,34}-numpy<1.9.2 insecure-temp-file https://github.com/numpy/numpy/commit/0bb46c1448b0d3f5453d5182a17ea7ac5854ee15 libtasn1<4.4 stack-overflow http://lists.gnu.org/archive/html/help-libtasn1/2015-03/msg00002.html nginx>=1.5<1.5.12 heap-overflow http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html nginx>=1.3.15<1.4.7 heap-overflow http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html py{26,27,33,34}-dulwich<0.9.9 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9706 py{26,27,33,34}-dulwich<0.9.9 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0838 shibboleth-sp<2.5.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2684 mailman<2.1.20 input-validation https://mail.python.org/pipermail/mailman-announce/2015-March/000207.html stunnel<5.14 security-bypass http://www.stunnel.org/pipermail/stunnel-announce/2015-March/000096.html subversion<1.8.13 denial-of-service http://subversion.apache.org/security/CVE-2015-0202-advisory.txt ap{22,24}-subversion<1.8.13 denial-of-service http://subversion.apache.org/security/CVE-2015-0248-advisory.txt ap{22,24}-subversion<1.8.13 spoofing http://subversion.apache.org/security/CVE-2015-0251-advisory.txt mediawiki<1.24.2 multiple-vulnerabilities https://www.mediawiki.org/wiki/Release_notes/1.24#MediaWiki_1.24.2 xentools45<4.5.0nb3 denial-of-service http://xenbits.xenproject.org/xsa/advisory-125.html xentools42<4.2.5nb4 denial-of-service http://xenbits.xenproject.org/xsa/advisory-125.html xentools41<4.1.6.1nb7 denial-of-service http://xenbits.xenproject.org/xsa/advisory-125.html xentools33-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-125.html xentools3-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-125.html xentools3-hvm-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-125.html xenkernel45<4.5.0nb3 denial-of-service http://xenbits.xenproject.org/xsa/advisory-126.html xenkernel42<4.2.5nb6 denial-of-service http://xenbits.xenproject.org/xsa/advisory-126.html xenkernel41<4.1.6.1nb16 denial-of-service http://xenbits.xenproject.org/xsa/advisory-126.html xenkernel33-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-126.html xenkernel3-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-126.html apache-cassandra<2.1.4 remote-code-execution http://www.openwall.com/lists/oss-security/2015/04/01/6 firefox<37 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox37 firefox<37.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox37.0.1 firefox31<31.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.6 thunderbird<31.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.6 tor<0.2.5.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2928 ntp<4.2.8p2 spoofing-attacks http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1798 ntp<4.2.8p2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1799 pigz<2.3.3 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1191 chrony<1.31.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1853 asterisk>=1.8<1.8.32.3 man-in-the-middle http://downloads.digium.com/pub/security/AST-2015-003.html asterisk>=11.0<11.17.1 man-in-the-middle http://downloads.digium.com/pub/security/AST-2015-003.html asterisk>=12.0<12.8.2 man-in-the-middle http://downloads.digium.com/pub/security/AST-2015-003.html asterisk>=13.0<13.3.2 man-in-the-middle http://downloads.digium.com/pub/security/AST-2015-003.html dpkg<1.16.16 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0840 icecast<2.4.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3026 php55-gd<5.5.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9709 php56-gd<5.6.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9709 gd<2.1.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9709 arj<3.10.22nb2 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0556 arj<3.10.22nb2 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0557 arj<3.10.22nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2782 coreutils<8.22nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9471 less<475 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9488 gtk3+<3.11.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1949 erlang<17.0 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1693 xlockmore{,-lite}<5.45 security-bypass http://calypso.tux.org/pipermail/xlock-announce/2014/000059.html jetty-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0254 wesnoth<1.12.2 remote-file-read https://bugs.mageia.org/show_bug.cgi?id=15685 php{53,54,55,56}-orangehrm-[0-9]* multiple-vulnerabilities http://www.securityfocus.com/archive/1/535245 tor>=0.2.4.0<0.2.4.27 multiple-vulnerabilities https://blog.torproject.org/blog/tor-02512-and-0267-are-released tor>=0.2.5.0<0.2.5.12 multiple-vulnerabilities https://blog.torproject.org/blog/tor-02512-and-0267-are-released socat<1.7.3.0 denial-of-service http://www.dest-unreach.org/socat/contrib/socat-secadv6.txt xenkernel45<4.5.0nb4 denial-of-service http://xenbits.xen.org/xsa/advisory-127.html xenkernel33-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-125.html xenkernel41<4.1.6.1nb16 denial-of-service http://xenbits.xen.org/xsa/advisory-125.html xenkernel42<4.2.5nb6 denial-of-service http://xenbits.xen.org/xsa/advisory-125.html xenkernel45<4.5.0nb3 denial-of-service http://xenbits.xen.org/xsa/advisory-125.html libX11<1.6.0 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7439 chrony<1.31.1 multiple-vulnerabilities https://www.debian.org/security/2015/dsa-3222 php>=5.4<5.4.40 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.4.40 php>=5.5<5.5.24 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.5.24 php>=5.6<5.6.8 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.8 qt4-libs<4.8.7 multiple-vulnerabilities http://lists.qt-project.org/pipermail/announce/2015-April/000067.html qt5-libs<5.4.2 multiple-vulnerabilities http://lists.qt-project.org/pipermail/announce/2015-April/000067.html suse{,32}_qt4-[0-9]* multiple-vulnerabilities http://lists.qt-project.org/pipermail/announce/2015-April/000067.html adobe-flash-plugin<11.2.202.457 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-06.html ruby200-base<2.0.0p645 ssl-cert-spoofing https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ ruby21-base<2.1.6 ssl-cert-spoofing https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ ruby22-base<2.2.2 ssl-cert-spoofing https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ libX11<1.5.1 multiple-vulnerabilities http://www.x.org/wiki/Development/Security/Advisory-2015-03-17/ sun-{jdk,jre}6-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA sun-{jdk,jre}7-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA openjdk7<1.7.80 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA openjdk8<1.8.45 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA libxml2<2.9.2nb2 denial-of-service https://bugzilla.redhat.com/show_bug.cgi?id=1211278 #not applicable: mod_copy not enabled and no option to enable it #proftpd-[0-9]* security-bypass http://bugs.proftpd.org/show_bug.cgi?id=4169 sqlite3<3.8.9 multiple-vulnerabilities http://lcamtuf.blogspot.dk/2015/04/finding-bugs-in-sqlite-easy-way.html suse{,32}_sqlite3-[0-9]* multiple-vulnerabilities http://lcamtuf.blogspot.dk/2015/04/finding-bugs-in-sqlite-easy-way.html icecast<2.4.2 denial-of-service http://lists.xiph.org/pipermail/icecast-dev/2015-April/002460.html ruby18-rest-client<1.7.3 sensitive-information-exposure https://github.com/rest-client/rest-client/issues/349 ruby193-rest-client<1.7.3 sensitive-information-exposure https://github.com/rest-client/rest-client/issues/349 ruby200-rest-client<1.7.3 sensitive-information-exposure https://github.com/rest-client/rest-client/issues/349 ruby215-rest-client<1.7.3 sensitive-information-exposure https://github.com/rest-client/rest-client/issues/349 gst-plugins0.10-bad-[0-9]* arbitrary-code-execution https://www.debian.org/security/2015/dsa-3225 pppd<2.4.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3310 gnutls<3.3.14 arbitrary-code-execution http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/8077 libksba<1.3.3 multiple-vulnerabilities https://blog.fuzzing-project.org/7-Multiple-vulnerabilities-in-GnuPG,-libksba-and-GpgOL-TFPA-0032015.html openssl>=1.0.2<1.0.2d multiple-vulnerabilities http://www.securityfocus.com/archive/1/535303 suse{,32}_openssl<1.0.2d multiple-vulnerabilities http://www.securityfocus.com/archive/1/535303 mysql-server>=5.5<5.5.43 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL mysql-client>=5.5<5.5.43 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL libxml2<2.9.2nb3 arbitrary-memory-access https://bugzilla.gnome.org/show_bug.cgi?id=746048 firefox<37.0.2 arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2015-45/ p5-Module-Signature<0.75 multiple-vulnerabilities http://seclists.org/oss-sec/2015/q2/59 xenkernel42<4.2.5nb8 sensitive-information-exposure http://xenbits.xenproject.org/xsa/advisory-132.html xenkernel45<4.5.1 sensitive-information-exposure http://xenbits.xenproject.org/xsa/advisory-132.html curl>=7.37.0<7.42.0 security-bypass http://curl.haxx.se/docs/adv_20150422A.html curl>=7.10.6<7.42.0 security-bypass http://curl.haxx.se/docs/adv_20150422B.html curl>=7.10.6<7.42.0 arbitrary-memory-access http://curl.haxx.se/docs/adv_20150422C.html curl>=7.37.0<7.42.0 arbitrary-memory-access http://curl.haxx.se/docs/adv_20150422D.html wordpress<4.1.2 multiple-vulnerabilities https://wordpress.org/news/2015/04/wordpress-4-1-2/ php{53,54,55}-ja-wordpress<4.1.2 multiple-vulnerabilities https://wordpress.org/news/2015/04/wordpress-4-1-2/ salt<2014.7.4 symlink-attack http://docs.saltstack.com/en/latest/topics/releases/2014.7.4.html net-snmp<5.7.3nb1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2015-5621 wpa_supplicant>=1.0<2.5 heap-overflow http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt dnsmasq<2.73rc4 arbitrary-memory-access https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1502/ pdns-recursor<3.7.2 denial-of-service http://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ powerdns<3.4.4 denial-of-service http://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ file<5.22nb1 denial-of-service https://github.com/file/file/commit/3046c231e1a2fcdd5033bea0603c23f435a00bd7 t1utils<1.39 buffer-overflow https://github.com/kohler/t1utils/issues/4 magento-[0-9]* multiple-vulnerabilities http://blog.checkpoint.com/2015/04/20/analyzing-magento-vulnerability/ libreoffice4<4.4.2.2 arbitrary-code-execution https://www.libreoffice.org/about-us/security/advisories/cve-2015-1774/ libreoffice4-bin<4.4.2 arbitrary-code-execution https://www.libreoffice.org/about-us/security/advisories/cve-2015-1774/ wordpress<4.2.2 cross-site-scripting https://wordpress.org/news/2015/05/wordpress-4-2-2/ php{53,54,55}-ja-wordpress<4.2.2 cross-site-scripting https://wordpress.org/news/2015/05/wordpress-4-2-2/ librsync<1.0.0 weak-hash https://github.com/librsync/librsync/issues/5 elasticsearch>1.4<=1.4.4 directory-traversal https://www.elastic.co/blog/elasticsearch-1-5-2-and-1-4-5-released elasticsearch>1.5<=1.5.2 directory-traversal https://www.elastic.co/blog/elasticsearch-1-5-2-and-1-4-5-released glusterfs<3.5.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3619 glusterfs-3.6.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3619 ffmpeg<2.6.2 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3395 horde<5.2.5 cross-site-scripting http://lists.horde.org/archives/announce/2015/001088.html imp<6.2.8 cross-site-scripting http://lists.horde.org/archives/announce/2015/001089.html mysql-client<5.7.3 ssl-downgrade http://www.ocert.org/advisories/ocert-2015-003.html libarchive<3.1.2nb1 denial-of-service https://github.com/libarchive/libarchive/issues/502 clamav<0.98.7 multiple-vulnerabilities http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html testdisk<7.0 multiple-vulnerabilities http://www.cgsecurity.org/wiki/TestDisk_7.0_Release libtasn1<4.5 heap-overflow https://lists.gnu.org/archive/html/help-libtasn1/2015-04/msg00000.html squid<3.5.4 ssl-cert-spoofing http://www.squid-cache.org/Advisories/SQUID-2015_1.txt curl>=7.1<7.42.1 sensitive-information-exposure http://curl.haxx.se/docs/adv_20150429.html libssh<0.65 double-free https://www.libssh.org/2015/04/30/libssh-0-6-5-security-and-bugfix-release/ p5-XML-LibXML<2.0119 remote-file-read http://seclists.org/oss-sec/2015/q2/313 mariadb-server<5.5.43 multiple-vulnerabilities https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ pound<2.7 man-in-the-middle-attack https://www.debian.org/security/2015/dsa-3253 apache-tomcat>=6.0<6.0.44 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230 apache-tomcat>=7.0<7.0.55 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230 apache-tomcat>=8.0<8.0.9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230 salt<2015.5.0 multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2015/05/02/1 wpa_supplicant<2.5 multiple-vulnerabilities http://seclists.org/bugtraq/2015/May/77 icu<55.1 multiple-vulnerabilities https://raw.githubusercontent.com/pedrib/PoC/master/generic/i-c-u-fail.txt postgresql9{0,1,2,3,4}-postgis2<2.1.3 security-bypass http://postgis.net/2014/05/19/postgis-2.0.6_and_2.1.3 libraw<0.16.1 denial-of-service http://www.ocert.org/advisories/ocert-2015-006.html ruby{193,200,215}-redcarpet<3.2.3 cross-site-scripting http://openwall.com/lists/oss-security/2015/04/07/11 dcraw-[0-9]* denial-of-service http://www.ocert.org/advisories/ocert-2015-006.html gimp-ufraw-[0-9]* denial-of-service http://www.ocert.org/advisories/ocert-2015-006.html adobe-flash-plugin<11.2.202.460 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-09.html wireshark<1.10.14 multiple-vulnerabilities https://www.wireshark.org/docs/relnotes/wireshark-1.10.14.html firefox<38.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox38 firefox31<31.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.7 firefox36-[0-9]* multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/ thunderbird<31.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7 firefox24-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages thunderbird24-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages openssh<6.6.1nb6 heap-overflow http://www.openwall.com/lists/oss-security/2015/05/16/3 php{54,55,56}-concrete5<5.7.4 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2250 testdisk<7.0 multiple-vulnerabilities http://www.cgsecurity.org/wiki/TestDisk_7.0_Release p5-Module-Signature<0.75 multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2015/04/07/1 phpmyadmin<4.3.13.1 man-in-the-middle-attack http://www.phpmyadmin.net/home_page/security/PMASA-2015-3.php qemu<2.2.1nb1 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3456 qemu>=2.3.0<2.3.0nb1 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3456 xentools42<4.2.5nb5 privilege-escalation http://xenbits.xen.org/xsa/advisory-133.html xentools45<4.5.0nb4 privilege-escalation http://xenbits.xen.org/xsa/advisory-133.html apache-tomcat>=6.0<6.0.44 local-security-bypass http://mail-archives.us.apache.org/mod_mbox/www-announce/201505.mbox/%3C5554AB1C.7050606@apache.org%3E apache-tomcat>=7.0<7.0.59 local-security-bypass http://mail-archives.us.apache.org/mod_mbox/www-announce/201505.mbox/%3C5554AB1C.7050606@apache.org%3E apache-tomcat>=8.0<8.0.18 local-security-bypass http://mail-archives.us.apache.org/mod_mbox/www-announce/201505.mbox/%3C5554AB1C.7050606@apache.org%3E php>=5.4<5.4.41 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.4.41 php>=5.5<5.5.25 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.5.25 php>=5.6<5.6.9 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.9 qemu<2.3.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9718 qemu<2.3.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2756 fcgi<2.4.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6687 ipsec-tools<0.7.3nb3 null-dereference https://www.altsci.com/ipsec/ipsec-tools-sa.html zeromq<4.0.6 protocol-downgrade https://www.debian.org/security/2015/dsa-3255 zeromq>=4.1.0<4.1.1 protocol-downgrade https://www.debian.org/security/2015/dsa-3255 moodle>=2.8<2.8.6 multiple-vulnerabilities http://secunia.com/advisories/64167/ moodle>=2.7<2.7.8 multiple-vulnerabilities http://secunia.com/advisories/64167/ moodle>=2.6<2.6.11 multiple-vulnerabilities http://secunia.com/advisories/64167/ avidemux-[0-9]* multiple-vulnerabilities http://advisories.mageia.org/MGASA-2015-0233.html libntfs-[0-9]* privilege-escalation https://www.debian.org/security/2015/dsa-3268 fuse-ntfs-3g-[0-9]* privilege-escalation https://www.debian.org/security/2015/dsa-3268 postgresql90-server<9.0.20 multiple-vulnerabilities http://www.postgresql.org/about/news/1587/ postgresql91-server<9.1.16 multiple-vulnerabilities http://www.postgresql.org/about/news/1587/ postgresql92-server<9.2.11 multiple-vulnerabilities http://www.postgresql.org/about/news/1587/ postgresql93-server<9.3.7 multiple-vulnerabilities http://www.postgresql.org/about/news/1587/ postgresql94-server<9.4.2 multiple-vulnerabilities http://www.postgresql.org/about/news/1587/ pgbouncer<1.5.5 denial-of-service http://pgbouncer.github.io/2015/04/pgbouncer-1-5-5/ cups<2.0.3 privilege-escalation http://www.cups.org/str.php?L4609 php>=5.4<5.4.42nb1 use-after-free https://bugs.php.net/bug.php?id=69737 php>=5.5<5.5.26nb1 use-after-free https://bugs.php.net/bug.php?id=69737 php>=5.6<5.6.10nb1 use-after-free https://bugs.php.net/bug.php?id=69737 elasticsearch<1.6.0 unknown-impact https://www.elastic.co/blog/elasticsearch-1-6-0-released concrete5<5.7.4.1 sql-injection http://karmainsecurity.com/KIS-2015-03 concrete5<5.7.4 cross-site-scripting http://karmainsecurity.com/KIS-2015-02 concrete5<5.7.4 remote-code-execution http://karmainsecurity.com/KIS-2015-01 openssl>1.0.1<1.0.1n multiple-vulnerabilities https://www.openssl.org/news/secadv_20150611.txt openssl>1.0.2<1.0.2b multiple-vulnerabilities https://www.openssl.org/news/secadv_20150611.txt suse{,32}_openssl-[0-9]* multiple-vulnerabilities https://www.openssl.org/news/secadv_20150611.txt jdbc-mysql<5.1.35 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2575 xentools42<4.2.5nb12 heap-overflow http://xenbits.xen.org/xsa/advisory-135.html xentools45<4.5.3 heap-overflow http://xenbits.xen.org/xsa/advisory-135.html qemu<2.4.0 heap-overflow https://lists.gnu.org/archive/html/qemu-devel/2015-06/msg02847.html qemu<2.4.0 denial-of-service http://www.openwall.com/lists/oss-security/2015/05/23/4 xentools33-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-128.html xentools41-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-128.html xentools42<4.2.5nb12 denial-of-service http://xenbits.xen.org/xsa/advisory-128.html xentools45<4.5.1 denial-of-service http://xenbits.xen.org/xsa/advisory-128.html xentools33-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-129.html xentools41-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-129.html xentools42<4.2.5nb12 denial-of-service http://xenbits.xen.org/xsa/advisory-129.html xentools45<4.5.1 denial-of-service http://xenbits.xen.org/xsa/advisory-129.html xentools33-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-130.html xentools41-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-130.html xentools42<4.2.5nb12 denial-of-service http://xenbits.xen.org/xsa/advisory-130.html xentools45<4.5.1 denial-of-service http://xenbits.xen.org/xsa/advisory-130.html xentools33-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-131.html xentools41-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-131.html xentools42<4.2.5nb12 denial-of-service http://xenbits.xen.org/xsa/advisory-131.html xentools45<4.5.1 denial-of-service http://xenbits.xen.org/xsa/advisory-131.html xentools3-[0-9]* null-dereference http://xenbits.xen.org/xsa/advisory-136.html xentools33-[0-9]* null-dereference http://xenbits.xen.org/xsa/advisory-136.html xentools41-[0-9]* null-dereference http://xenbits.xen.org/xsa/advisory-136.html xentools42<4.2.5nb12 null-dereference http://xenbits.xen.org/xsa/advisory-136.html xenkernel42<4.2.5nb8 null-dereference http://xenbits.xen.org/xsa/advisory-136.html xentools45<4.5.1 null-dereference http://xenbits.xen.org/xsa/advisory-136.html xenkernel45<4.5.1 null-dereference http://xenbits.xen.org/xsa/advisory-136.html ffmpeg2<2.6.2 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3395 ffmpeg2<2.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3417 sqlite3<3.8.9 stack-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3416 p7zip-9.20.1 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1038 suse{,32}_base>=13.1<13.1nb9 privilege-escalation http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00020.html drupal>=6<6.36 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2015-002 drupal>=7<7.38 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2015-002 cacti<0.8.8d sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2665 libmimedir-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3205 wpa_supplicant<2.5 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4141 wpa_supplicant<2.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4146 wpa_supplicant<2.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4145 xentools42<4.2.5nb12 null-dereference http://xenbits.xen.org/xsa/advisory-134.html xenkernel42<4.2.5nb8 null-dereference http://xenbits.xen.org/xsa/advisory-134.html xentools45<4.5.1 null-dereference http://xenbits.xen.org/xsa/advisory-134.html xenkernel45<4.5.1 null-dereference http://xenbits.xen.org/xsa/advisory-134.html wpa_supplicant<2.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4142 wpa_supplicant<2.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4143 adobe-flash-plugin<11.2.202.466 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-11.html libxml2<2.9.2 denial-of-service https://git.gnome.org/browse/libxml2/commit/?id=9cd1c3cfbd32655d60572c0a413e017260c854df nginx>=1.6<1.6.2 man-in-the-middle-attack http://mailman.nginx.org/pipermail/nginx-announce/2014/000147.html nginx>=1.7<1.7.5 man-in-the-middle-attack http://mailman.nginx.org/pipermail/nginx-announce/2014/000147.html mantis<1.2.16 multiple-vulnerabilities http://www.mantisbt.org/blog/?p=275 freeradius<2.2.8 invalid-crl-checks http://www.ocert.org/advisories/ocert-2015-008.html adobe-flash-plugin<11.2.202.468 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-14.html curl<7.43.0 sensitive-information-exposure http://curl.haxx.se/docs/adv_20150617A.html curl<7.43.0 sensitive-information-exposure http://curl.haxx.se/docs/adv_20150617B.html wireshark<1.12.6 multiple-vulnerabilities https://www.wireshark.org/docs/relnotes/wireshark-1.12.6.html ruby{18,193,200,215}-rubygems<2.4.8 remote-hijacking https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4020 cryptopp-[0-9]* sensitive-information-exposure http://www.mail-archive.com/cryptopp-users@googlegroups.com/msg07835.html haproxy<1.5.14 information-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3281 openssl<1.0.1o signature-forgery https://www.openssl.org/news/secadv_20150709.txt openssl>1.0.2<1.0.2c signature-forgery https://www.openssl.org/news/secadv_20150709.txt suse{,32}_openssl<1.0.2c signature-forgery https://www.openssl.org/news/secadv_20150709.txt geeklog>=2.1.0<2.1.0nb1 cross-site-scripting https://www.geeklog.net/article.php/file-manager-vulnerability contao34-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages libwmf<0.2.8.4nb16 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0848 libwmf<0.2.8.4nb16 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4696 fuse>=2.0<2.9.4 arbitrary-file-overwrite https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3202 libwmf<0.2.8.4nb16 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4695 libwmf<0.2.8.4nb16 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4588 firefox<39 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox39 firefox31<31.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.8 firefox38<38.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.1 thunderbird<38.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.1 thunderbird31-[0-9]* multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.8 nss<3.19.1 ssl-downgrade https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes bind>=9.7.1<9.9.7pl1 denial-of-service https://kb.isc.org/article/AA-01267 bind>=9.10.1<9.10.2pl2 denial-of-service https://kb.isc.org/article/AA-01267 adobe-flash-plugin<11.2.202.481 use-after-free https://helpx.adobe.com/security/products/flash-player/apsb15-16.html cups-filters<1.0.71 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3279 cups-filters<1.0.70 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3258 ntp<4.2.8p3 multiple-vulnerabilities http://bugs.ntp.org/show_bug.cgi?id=2853 nodejs<0.12.6 memory-corruption http://blog.nodejs.org/2015/07/03/node-v0-12-6-stable/ adobe-flash-plugin<11.2.202.491 remote-hijacking https://helpx.adobe.com/security/products/flash-player/apsa15-04.html py{26,27,33,34}-django>=1.4<1.4.21 multiple-vulnerabilities https://www.djangoproject.com/weblog/2015/jul/08/security-releases/ py{26,27,33,34}-django>=1.7<1.7.9 multiple-vulnerabilities https://www.djangoproject.com/weblog/2015/jul/08/security-releases/ py{26,27,33,34}-django>=1.8<1.8.3 multiple-vulnerabilities https://www.djangoproject.com/weblog/2015/jul/08/security-releases/ cacti<0.8.8d cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2967 ruby{18,193,200,21,22}-redcarpat<3.3.2 stack-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5147 elasticsearch<1.6.1 remote-code-execution https://discuss.elastic.co/t/elasticsearch-remote-code-execution-cve-2015-5377/25736 elasticsearch>=1.0.0<1.6.1 directory-traversal https://discuss.elastic.co/t/elasticsearch-directory-traversal-vulnerability-cve-2015-5531/25737 mysql-server>=5.5<5.5.44 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL mysql-client>=5.5<5.5.44 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL mysql-server>=5.6<5.6.25 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL mysql-client>=5.6<5.6.25 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL db5-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixBDB sun-{jdk,jre}7-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA oracle-{jdk,jre}8<8.0.51 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA openjdk7-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA openjdk8<1.8.51 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA xentools41-[0-9]* privilege-escalation http://xenbits.xen.org/xsa/advisory-137.html xentools42<4.2.5nb12 privilege-escalation http://xenbits.xen.org/xsa/advisory-137.html xentools45<4.5.1nb5 privilege-escalation http://xenbits.xen.org/xsa/advisory-137.html tidy>=20000804<20091027nb6 multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2015/07/15/3 apache>=2.2<2.2.31 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3183 apache>=2.4<2.4.14 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3183 apache>=2.4<2.4.14 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3185 cacti<0.8.8e sql-injection http://www.openwall.com/lists/oss-security/2015/07/18/4 openssh<6.9.1nb1 brute-force-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5600 expat<2.1.0nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1283 bind>=9.7.1<9.9.7pl2 denial-of-service https://kb.isc.org/article/AA-01272 bind>=9.10.1<9.10.2pl3 denial-of-service https://kb.isc.org/article/AA-01272 dhcpcd<6.2.0 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7912 dhcpcd<6.10.2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7913 xmltooling<1.5.5 denial-of-service http://shibboleth.net/community/advisories/secadv_20150721.txt opensaml<2.5.5 denial-of-service http://shibboleth.net/community/advisories/secadv_20150721.txt wordpress<4.2.1 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3440 php{54,55,56}-ja-wordpress<4.2.3 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5622 php{54,55,56}-ja-wordpress<4.2.3 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5623 wordpress<4.2.3 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5622 wordpress<4.2.3 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5623 squid<3.5.6 security-bypass http://www.squid-cache.org/Advisories/SQUID-2015_2.txt ruby{18,193,200,21,22}-redmine<3.1.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3227 ruby{18,193,200,21,22}-redmine<3.1.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3226 ruby{18,193,200,21,22}-activesupport-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3226 ruby{18,193,200,21,22}-rack<1.5.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3225 ruby{18,193,200,21,22}-rack>=1.6<1.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3225 nbpatch<20151107 arbitrary-code-execution https://www.freebsd.org/security/advisories/FreeBSD-SA-15:14.bsdpatch.asc openafs<1.6.13 sensitive-information-disclosure http://www.openafs.org/pages/security/OPENAFS-SA-2015-001.txt openafs<1.6.13 remote-code-execution http://www.openafs.org/pages/security/OPENAFS-SA-2015-002.txt openafs<1.6.13 sensitive-information-disclosure http://www.openafs.org/pages/security/OPENAFS-SA-2015-003.txt openafs<1.6.13 denial-of-service http://www.openafs.org/pages/security/OPENAFS-SA-2015-004.txt openafs<1.6.13 authentication-bypass http://www.openafs.org/pages/security/OPENAFS-SA-2015-005.txt openafs<1.6.13 denial-of-service http://www.openafs.org/pages/security/OPENAFS-SA-2015-006.txt ghostscript-gpl<9.06nb7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3228 ghostscript-agpl<9.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3228 wordpress<4.2.2 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3429 php{54,55,56}-ja-wordpress<4.2.2 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3429 openssh<6.9 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5352 wordpress<4.1.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3438 php{54,55,56}-ja-wordpress<4.1.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3438 suse_openldap<13.1nb1 denial-of-service https://www.suse.com/security/cve/CVE-2015-1546.html firefox<40.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40 firefox38<38.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.2 adobe-flash-plugin<11.2.202.508 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-19.html libxml2<2.9.2nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819 gnutls<2.9.10 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8155 vlc<2.2.0 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9743 openssh<7.0 privilege-escalation http://seclists.org/fulldisclosure/2015/Aug/54 ap24-subversion<1.8.14 information-disclosure http://subversion.apache.org/security/CVE-2015-3184-advisory.txt ap{22,24}-subversion<1.8.14 information-disclosure http://subversion.apache.org/security/CVE-2015-3187-advisory.txt gdk-pixbuf2<2.30.8nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4491 rt4<4.2.12 multiple-vulnerabilities https://bestpractical.com/release-notes/rt/4.2.12 xentools42<4.2.5nb12 privilege-escalation http://xenbits.xen.org/xsa/advisory-139.html xentools45<4.5.1nb5 privilege-escalation http://xenbits.xen.org/xsa/advisory-139.html xentools42<4.2.5nb12 arbitrary-code-execution http://xenbits.xen.org/xsa/advisory-138.html xentools45<4.5.1nb5 arbitrary-code-execution http://xenbits.xen.org/xsa/advisory-138.html xentools42<4.2.5nb12 information-disclosure http://xenbits.xen.org/xsa/advisory-140.html xentools45<4.5.1nb5 information-disclosure http://xenbits.xen.org/xsa/advisory-140.html ansible<1.9.2 ssl-cert-spoofing http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3908 jabberd>=2<999 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2058 clutter<1.16.2 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3213 libidn<1.31 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2059 firefox<38.0 arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2015-93/ firefox38<38.2.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.2 py{27,33,34}-django>=1.8<1.8.4 denial-of-service https://www.djangoproject.com/weblog/2015/aug/18/security-releases/ vlc<2.2.2 arbitrary-code-execution http://www.ocert.org/advisories/ocert-2015-009.html gnutls<3.3.17 double-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6251 thunderbird<38.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.2 xfsprogs<3.2.4 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2150 mantis<1.2.18 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8987 drupal>=6<6.37 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2015-003 drupal>=7<7.39 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2015-003 wireshark<1.12.7 multiple-vulnerabilities https://www.wireshark.org/docs/relnotes/wireshark-1.12.7.html qemu<2.4.0 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4037 firefox<40.0.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40.0.3 firefox38<38.2.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.2.1 bind>=9.0.0<9.9.7pl2nb1 denial-of-service https://kb.isc.org/article/AA-01287/0 bind>=9.9.7<9.9.7pl2nb1 denial-of-service https://kb.isc.org/article/AA-01291/0 bind>=9.10.0<9.10.2pl3nb1 denial-of-service https://kb.isc.org/article/AA-01287/0 bind>=9.10.2<9.10.2pl3nb1 denial-of-service https://kb.isc.org/article/AA-01291/0 qemu<2.3.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3214 screen<4.3.1 stack-overflow https://savannah.gnu.org/bugs/?45713 ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6818 ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6826 ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6819 ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6825 ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6824 ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6823 ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6821 ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6822 ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6820 xentools44-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-141.html xentools45<4.5.3 denial-of-service http://xenbits.xen.org/xsa/advisory-141.html openslp<1.2.1nb8 denial-of-service https://security-tracker.debian.org/tracker/CVE-2015-5177 rt4<4.2.12 code-injection http://blog.bestpractical.com/2015/08/rt-4212-released.html libvdpau<1.1.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5198 libvdpau<1.1.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5199 libvdpau<1.1.1 arbitrary-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5200 openldap-server<2.4.43 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6908 magento-[0-9]* input-validation http://www.vulnerability-lab.com/get_content.php?id=1570 magento<1.9.2.1 file-inclusion https://nvd.nist.gov/vuln/detail/CVE-2015-6497 powerdns>=3.4.0<3.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5230 mediawiki>=1.23.0<1.23.10 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7444 mediawiki>=1.24.0<1.24.3 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7444 mediawiki>=1.25.0<1.25.2 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7444 mediawiki>=1.23.0<1.23.10 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6727 mediawiki>=1.24.0<1.24.3 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6727 mediawiki>=1.25.0<1.25.2 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6727 mediawiki>=1.23.0<1.23.10 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6729 mediawiki>=1.24.0<1.24.3 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6729 mediawiki>=1.25.0<1.25.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6729 mediawiki>=1.23.0<1.23.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6735 mediawiki>=1.24.0<1.24.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6735 mediawiki>=1.25.0<1.25.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6735 gnutls<3.3.14 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3308 mediawiki>=1.23.0<1.23.10 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6730 mediawiki>=1.24.0<1.24.3 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6730 mediawiki>=1.25.0<1.25.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6730 mediawiki>=1.23.0<1.23.10 multiple-vulnerabilities https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6728 mediawiki>=1.24.0<1.24.3 multiple-vulnerabilities https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6728 mediawiki>=1.25.0<1.25.2 multiple-vulnerabilities https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6728 mediawiki>=1.23.0<1.23.10 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6734 mediawiki>=1.24.0<1.24.3 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6734 mediawiki>=1.25.0<1.25.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6734 mediawiki>=1.23.0<1.23.10 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6737 mediawiki>=1.24.0<1.24.3 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6737 mediawiki>=1.25.0<1.25.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6737 rt4<4.2.12 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6506 jenkins-[0-9]* cross-site-request-forgeries http://seclists.org/bugtraq/2015/Aug/161 qemu<2.4.0 information-disclosure http://xenbits.xen.org/xsa/advisory-140.html qemu<2.4.0 buffer-overflow http://seclists.org/oss-sec/2015/q3/302 qemu<2.4.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5154 firefox31-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages thunderbird31-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xulrunner31-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages squid<3.5.9 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2015_3.txt qemu<2.4.0.1 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2015-5225 qemu<2.4.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5278 qemu<2.4.0.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-5279 qemu<2.4.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-6815 go<1.4.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2015-5739 go<1.4.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2015-5740 go<1.4.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2015-5741 go14<1.4.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2015-5739 go14<1.4.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2015-5740 go14<1.4.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2015-5741 bugzilla<5.0.1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4499 phpmyadmin<4.3.13.2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830 icu<55.1nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1270 adobe-flash-plugin<11.2.202.521 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5575 vorbis-tools<1.4.0nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6749 firefox<41 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox41 firefox38<38.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.3 h2o<1.4.5 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5638 owncloudclient<1.8.2 man-in-the-middle https://owncloud.org/security/advisory/?id=oc-sa-2015-009 freetype2<2.5.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9745 typo3<6.2.15 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5956 suse{,32}_base-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1781 remind<3.1.15 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5957 freeimage<3.17.0nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0852 ipython>=3.0<3.2.2 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7337 php>=5.4<5.4.45 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.4.45 php>=5.5<5.5.29 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.5.29 php>=5.6<5.6.13 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.13 dojo<1.2 cross-site-scripting http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000153.html icu<53.1 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5922 icedtea-web<1.5.3 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5234 icedtea-web>=1.6<1.6.1 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5234 icedtea-web<1.5.3 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5235 icedtea-web>=1.6<1.6.1 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5235 php{54,55,56}-matcha-sns<1.3.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5644 php{54,55,56}-matcha-sns<1.3.7 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5645 p5-Email-Address<1.912 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7686 freetype2<2.5.3 multiple-vulnerabilities http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8b281f83e8516535756f92dbf90940ac44bd45e1 php{54,55,56}-basercms<3.0.8 remote-information-modification http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5640 php{54,55,56}-basercms<3.0.8 remote-information-modification http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5641 opensmtpd<5.7.3 multiple-vulnerabilities https://www.opensmtpd.org/announces/release-5.7.3.txt adobe-flash-plugin<11.2.202.535 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-25.html adobe-flash-plugin<11.2.202.540 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsa15-05.html firefox<41.0.2 security-bypass https://www.mozilla.org/en-US/security/advisories/mfsa2015-115/ postgresql90-server<9.0.23 denial-of-service http://www.postgresql.org/about/news/1615/ postgresql91-server<9.1.19 denial-of-service http://www.postgresql.org/about/news/1615/ postgresql92-server<9.2.14 denial-of-service http://www.postgresql.org/about/news/1615/ postgresql93-server<9.3.10 denial-of-service http://www.postgresql.org/about/news/1615/ postgresql94-server<9.4.5 denial-of-service http://www.postgresql.org/about/news/1615/ postgresql90-pgcrypto<9.0.23 information-leak http://www.postgresql.org/about/news/1615/ postgresql91-pgcrypto<9.1.19 information-leak http://www.postgresql.org/about/news/1615/ postgresql92-pgcrypto<9.2.14 information-leak http://www.postgresql.org/about/news/1615/ postgresql93-pgcrypto<9.3.10 information-leak http://www.postgresql.org/about/news/1615/ postgresql94-pgcrypto<9.4.5 information-leak http://www.postgresql.org/about/news/1615/ postgresql84-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages postgresql90-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php{54,55,56}-owncloud<8.1.2 remote-code-execution https://owncloud.org/security/advisory/?id=oc-sa-2015-017 php{54,55,56}-owncloud<8.1.2 remote-code-execution https://owncloud.org/security/advisory/?id=oc-sa-2015-018 mysql-client>=5.5<5.5.45 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixMSQL mysql-server>=5.6<5.6.26 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixMSQL openjdk8<1.8.65 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA oracle-{jdk,jre}8<8.0.65 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA openjdk7-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages sun-{jdk7,jre7}-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ntp<4.2.8p4 multiple-vulnerabilities http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner wordpress<4.3.1 security-bypass https://wordpress.org/news/2015/09/wordpress-4-3-1/ openafs<1.6.15 information-leak https://www.openafs.org/pages/security/OPENAFS-SA-2015-007.txt openafs>=1.7<1.7.33 information-leak https://www.openafs.org/pages/security/OPENAFS-SA-2015-007.txt asterisk>=1.8<10 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages policykit<0.113 integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4625 policykit<0.113 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3218 policykit<0.113 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3255 policykit<0.113 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3256 php>=5.5<5.5.30 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.5.30 gdk-pixbuf2<2.32.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7674 phpmyadmin>=4.3<4.3.13.2 brute-force-attack https://www.phpmyadmin.net/security/PMASA-2015-4 phpmyadmin>=4.4<4.4.14.1 brute-force-attack https://www.phpmyadmin.net/security/PMASA-2015-4 phpmyadmin>=4.4<4.4.15.1 spoofing-attack https://www.phpmyadmin.net/security/PMASA-2015-5 phpmyadmin>=4.5<4.5.1 spoofing-attack https://www.phpmyadmin.net/security/PMASA-2015-5 xenkernel41<4.1.6.1nb17 privilege-escalation http://xenbits.xen.org/xsa/advisory-148.html xenkernel42<4.2.5nb9 privilege-escalation http://xenbits.xen.org/xsa/advisory-148.html xenkernel45<4.5.1nb1 privilege-escalation http://xenbits.xen.org/xsa/advisory-148.html owncloudclient<2.0.1 man-in-the-middle https://owncloud.org/security/advisory/?id=oc-sa-2015-016 gdk-pixbuf2<2.32.0 buffer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7673 gdk-pixbuf2-jasper<2.32.0 buffer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7673 gdk-pixbuf2-xlib<2.32.0 buffer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7673 wordpress<4.2.4 cross-site-scripting https://codex.wordpress.org/Version_4.2.4 php{54,55,56}-ja-wordpress<4.2.4 cross-site-scripting https://codex.wordpress.org/Version_4.2.4 wordpress<4.3.1 cross-site-scripting https://github.com/WordPress/WordPress/commit/f91a5fd10ea7245e5b41e288624819a37adf290a php{54,55,56}-ja-wordpress<4.3.1 cross-site-scripting https://github.com/WordPress/WordPress/commit/f91a5fd10ea7245e5b41e288624819a37adf290a jasper<1.900.1nb12 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3520 jasper<1.900.1nb12 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3522 jasper<1.900.1nb6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4516 jasper<1.900.1nb6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4517 jasper<1.900.1nb9 double-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8137 jasper<1.900.1nb8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9029 xenkernel33-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-152.html xenkernel41<4.1.6.1nb17 denial-of-service http://xenbits.xen.org/xsa/advisory-152.html xenkernel42<4.2.5nb9 denial-of-service http://xenbits.xen.org/xsa/advisory-152.html xenkernel45<4.5.1nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-152.html xenkernel41<4.1.6.1nb17 denial-of-service http://xenbits.xen.org/xsa/advisory-149.html xenkernel42<4.2.5nb9 denial-of-service http://xenbits.xen.org/xsa/advisory-149.html xenkernel45<4.5.1nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-149.html xenkernel41<4.1.6.1nb17 denial-of-service http://xenbits.xen.org/xsa/advisory-151.html xenkernel42<4.2.5nb9 denial-of-service http://xenbits.xen.org/xsa/advisory-151.html xenkernel45<4.5.1nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-151.html mariadb55-server<5.5.46 multiple-vulnerabilities https://mariadb.com/kb/en/mariadb/mariadb-5546-release-notes/ mariadb55-server<5.5.45 multiple-vulnerabilities https://mariadb.com/kb/en/mariadb/mariadb-5545-release-notes/ unzip<6.0nb5 remote-code-execution http://www.cvedetails.com/cve/CVE-2015-7696/ unzip<6.0nb5 denial-of-service http://www.cvedetails.com/cve/CVE-2015-7697/ postgresql90-server<9.0.23 buffer-overflow http://www.postgresql.org/about/news/1615/ postgresql91-server<9.1.19 buffer-overflow http://www.postgresql.org/about/news/1615/ postgresql92-server<9.2.14 buffer-overflow http://www.postgresql.org/about/news/1615/ postgresql93-server<9.3.10 buffer-overflow http://www.postgresql.org/about/news/1615/ postgresql94-server<9.4.5 buffer-overflow http://www.postgresql.org/about/news/1615/ xenkernel41-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-150.html xenkernel42-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-150.html xenkernel45<4.5.1nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-150.html xenkernel41-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-153.html xenkernel42-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-153.html xenkernel45<4.5.3 denial-of-service http://xenbits.xen.org/xsa/advisory-153.html p5-HTML-Scrubber<0.15 cross-site-scripting http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000171.html mit-krb5<1.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695 mit-krb5<1.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696 mit-krb5<1.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697 firefox38<38.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.4 firefox<42.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox42 nss<3.20.1 multiple-vulnerabilities https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.20.1_release_notes mediawiki>=1.25.0<1.25.3 multiple-vulnerabilities https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.html mediawiki>=1.24.0<1.24.4 multiple-vulnerabilities https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.html mediawiki>=1.23.0<1.23.11 multiple-vulnerabilities https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.html adobe-flash-plugin<11.2.202.548 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-28.html roundcube<1.1.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8105 libreoffice>=5.0<5.0.1 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/ libreoffice4>=4.0<4.4.6 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/ libreoffice4-bin>=4.0<4.4.6 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/ libreoffice43-[0-9]* denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/ libreoffice>=5.0<5.0.0 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/ libreoffice4>=4.0<4.4.5 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/ libreoffice4-bin>=4.0<4.4.5 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/ libreoffice43-[0-9]* denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/ libreoffice4>=4.0<4.4.5 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/ libreoffice4-bin>=4.0<4.4.5 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/ libreoffice43-[0-9]* denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/ libreoffice4>=4.0<4.4.5 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/ libreoffice4-bin>=4.0<4.4.5 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/ libreoffice43-[0-9]* denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/ mbedtls<1.3.14 heap-overflow https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01 libvdpau<1.1.1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5198 libvdpau<1.1.1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5199 libvdpau<1.1.1 arbitrary-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5200 p5-HTML-Scrubber<0.15 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5667 elasticsearch<1.6.0 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4165 elasticsearch<1.6.1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5377 qemu<2.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6855 qemu<2.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7295 squid<3.5.2 unauthorized-access http://bugs.squid-cache.org/show_bug.cgi?id=4066 xscreensaver<5.34 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8025 png>=1.0<1.0.64 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8126 png>=1.1<1.2.54 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8126 png>=1.3<1.4.17 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8126 png>=1.5<1.5.24 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8126 png>=1.6<1.6.19 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8126 mit-krb5<1.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2698 wireshark<1.12.8 denial-of-service https://www.wireshark.org/security/wnpa-sec-2015-30.html openssl>1.0.1<1.0.1m denial-of-service https://www.openssl.org/news/secadv/20150319.txt openssl>1.0.0<1.0.0r denial-of-service https://www.openssl.org/news/secadv/20150319.txt openssl>0.9.8<0.9.8zf denial-of-service https://www.openssl.org/news/secadv/20150319.txt openssl>1.0.1<1.0.1m denial-of-service https://www.openssl.org/news/secadv/20150319.txt openssl>1.0.0<1.0.0r denial-of-service https://www.openssl.org/news/secadv/20150319.txt openssl>0.9.8<0.9.8zf denial-of-service https://www.openssl.org/news/secadv/20150319.txt pcre<8.36 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2327 pcre<8.36 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2328 pcre<8.38 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8380 pcre<8.37 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8382 pcre<8.38 uninitialized-memory-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8390 pcre<8.38 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8383 pcre<8.38 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8394 pcre<8.38 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8381 pcre2<10.20 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8381 pcre<8.38 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8392 pcre<8.38 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8386 pcre<8.38 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8385 pcre<8.38 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8388 pcre<8.38 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8384 pcre<8.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8389 pcre<8.38 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8393 pcre<8.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8391 pcre<8.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8395 ffmpeg2<2.8.2 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8218 ffmpeg2<2.8.2 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8216 ffmpeg2<2.8.2 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8217 ffmpeg2<2.8.2 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8219 ffmpeg2<2.8.3 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8363 ffmpeg2<2.8.3 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8365 ffmpeg2<2.8.3 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8364 magento-[0-9]* cross-site-request-forgeries http://www.vulnerability-lab.com/get_content.php?id=1643 magento-[0-9]* input-validation http://www.vulnerability-lab.com/get_content.php?id=1636 proftpd<1.3.5b heap-overflow http://seclists.org/bugtraq/2015/Nov/109 libxml2<2.9.3 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942 libxml2<2.9.3 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941 libxml2<2.9.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035 suse{,32}_libxml2-[0-9]* out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942 suse{,32}_libxml2-[0-9]* out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941 suse{,32}_libxml2-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035 suse{,32}_base-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2327 suse{,32}_base-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2328 suse{,32}_base-[0-9]* heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8380 suse{,32}_base-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8382 suse{,32}_base-[0-9]* uninitialized-memory-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8390 suse{,32}_base-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8383 suse{,32}_base-[0-9]* integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8394 suse{,32}_base-[0-9]* heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8381 suse{,32}_base-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8392 suse{,32}_base-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8386 suse{,32}_base-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8385 suse{,32}_base-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8388 suse{,32}_base-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8384 suse{,32}_base-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8389 suse{,32}_base-[0-9]* sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8393 suse{,32}_base-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8391 suse{,32}_base-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8395 libsndfile<1.0.25 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7805 libsndfile<1.0.25 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9756 suse{,32}_libsndfile<13.1nb2 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7805 suse{,32}_libsndfile<13.1nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9756 libxslt<1.1.29 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995 openssl>=1.0.2<1.0.2e multiple-vulnerabilities https://www.openssl.org/news/secadv/20151203.txt suse{,32}_openssl-[0-9]* multiple-vulnerabilities https://www.openssl.org/news/secadv/20151203.txt cyrus-imapd>=2.3<2.5.7 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8077 cyrus-imapd>=2.3<2.3.19 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8076 cyrus-imapd>=2.4<2.4.18 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8076 cyrus-imapd>=2.5<2.5.4 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8076 cyrus-imapd>=2.3<2.5.7 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8078 gcc48{,-libs}-[0-9]* insufficiently-random-numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5276 gcc49{,-libs}<4.9.4 insufficiently-random-numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5276 gcc50{,-libs}-[0-9]* insufficiently-random-numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5276 redis<3.0.6 integer-overflow https://security-tracker.debian.org/tracker/CVE-2015-8080 cups-filters<1.0.70 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3258 jenkins<1.625.2 multiple-vulnerabilities https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 putty>=0.54<0.66 integer-overflow http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html nautilus-[0-9]* denial-of-service http://seclists.org/bugtraq/2015/Dec/11 gdm<3.18.2 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7496 nss<3.20.1 arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2015-133/ suse{,32}_mozilla-nss[0-9]* arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2015-133/ xenkernel45<4.5.3 denial-of-service http://xenbits.xen.org/xsa/advisory-145.html powerdns>=3.4.4<3.4.7 denial-of-service https://doc.powerdns.com/md/security/powerdns-advisory-2015-03/ sudo<1.8.15 symlink-attack http://www.sudo.ws/stable.html#1.8.15 salt<2015.8.3 multiple-vulnerabilities https://docs.saltstack.com/en/develop/topics/releases/2015.8.3.html thunderbird<38.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.3 thunderbird<38.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.4 seamonkey<2.39 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/seamonkey/#seamonkey2.39 openldap<2.4.44nb2 input-validation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3276 py{27,33,34}-django>=1.8<1.8.7 information-leak https://www.djangoproject.com/weblog/2015/nov/24/security-releases/ adobe-flash-plugin<11.2.202.554 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-32.html cups-filters<1.2.0 input-validation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8327 cups-filters<1.4.0 input-validation https://www.debian.org/security/2015/dsa-3419 png>=1.6<1.6.20 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8472 ap{22,24}-subversion<1.9.3 information-disclosure http://subversion.apache.org/security/CVE-2015-5343-advisory.txt cacti<0.8.8g sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8377 cups-filters<1.5.0 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8560 go<1.5.2nb1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8618 grub2<2.0.3 authentication-bypass http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html xenkernel3-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel33-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel41-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel42-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel45<4.5.3 privilege-escalation http://xenbits.xen.org/xsa/advisory-162.html xenkernel45<4.5.3 privilege-escalation http://xenbits.xen.org/xsa/advisory-164.html xenkernel45<4.5.1nb2 information-disclosure http://xenbits.xen.org/xsa/advisory-165.html xenkernel45<4.5.1nb2 privilege-escalation http://xenbits.xen.org/xsa/advisory-166.html firefox<43.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox43 firefox38<38.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.5 bind>=9.9.0<9.9.8pl2 denial-of-service https://kb.isc.org/article/AA-01319/0/ bind>=9.10.0<9.10.3pl2 denial-of-service https://kb.isc.org/article/AA-01319/0/ giflib-util<5.1.2 heap-overflow https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-7555 tiff<4.0.8nb1 arbitrary-memory-access https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7554 suse{,32}_libtiff-[0-9]* arbitrary-memory-access http://www.securityfocus.com/archive/1/537205 tiff<4.0.7 heap-overflow http://www.securityfocus.com/archive/1/537208 suse{,32}_libtiff-[0-9]* heap-overflow http://www.securityfocus.com/archive/1/537208 phpmyadmin>=4.0.0.0<4.0.10.12 information-disclosure https://www.phpmyadmin.net/security/PMASA-2015-6/ phpmyadmin>=4.4.0.0<4.4.15.2 information-disclosure https://www.phpmyadmin.net/security/PMASA-2015-6/ phpmyadmin>=4.5.0.0<4.5.3.1 information-disclosure https://www.phpmyadmin.net/security/PMASA-2015-6/ bugzilla>=2.6<4.2.16 cross-site-scripting https://bugzilla.mozilla.org/show_bug.cgi?id=1221518 bugzilla>=4.3.1<4.4.11 cross-site-scripting https://bugzilla.mozilla.org/show_bug.cgi?id=1221518 bugzilla>=4.5.1<5.0.2 cross-site-scripting https://bugzilla.mozilla.org/show_bug.cgi?id=1221518 bugzilla>=2.17.1<4.216 information-leak https://bugzilla.mozilla.org/show_bug.cgi?id=1232785 bugzilla>=4.3.1<4.4.11 information-leak https://bugzilla.mozilla.org/show_bug.cgi?id=1232785 bugzilla>=4.5.1<5.0.2 information-leak https://bugzilla.mozilla.org/show_bug.cgi?id=1232785 ffmpeg2<2.8.4 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8662 ffmpeg2<2.8.3 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8661 ffmpeg2<2.8.4 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8663 libxml2<2.9.3 multiple-vulnerabilities https://www.debian.org/security/2015/dsa-3430 suse{,32}_libxml2-[0-9]* multiple-vulnerabilities https://www.debian.org/security/2015/dsa-3430 thunderbird<38.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.5 py{27,33,34,35}-trytond>=3.2<3.8.1 unauthorized-access https://security-tracker.debian.org/tracker/CVE-2015-0861 adobe-flash-plugin<11.2.202.559 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-01.html webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2015-0002.html webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2015-0002.html webkit-gtk{,3}<2.10.3 multiple-vulnerabilities http://webkitgtk.org/security/WSA-2015-0002.html netsurf<3.4 multiple-vulnerabilities https://marc.info/?l=oss-security&m=145028560403474&w=2 dpkg<1.16.17 off-by-one http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0860 samba>=4.0.0<4.1.22 memory-corruption https://www.samba.org/samba/security/CVE-2015-7540.html samba>=4.0.0<4.3.2 privilege-escalation https://www.samba.org/samba/security/CVE-2015-8467.html samba>=4.0.0<4.3.2 out-of-bounds-write https://www.samba.org/samba/security/CVE-2015-5330.html samba>=3.2.0<4.3.2 privilege-escalation https://www.samba.org/samba/security/CVE-2015-5299.html samba>=3.2.0<4.3.2 man-in-the-middle https://www.samba.org/samba/security/CVE-2015-5296.html samba>=3.0.0<4.3.2 symlink-attack https://www.samba.org/samba/security/CVE-2015-5252.html samba>=4.0.0<4.3.2 denial-of-service https://www.samba.org/samba/security/CVE-2015-3223.html nodejs>=0.12<0.12.9 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/december-2015-security-releases/ nodejs>=4<4.2.3 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/december-2015-security-releases/ nodejs>=5<5.1.1 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/december-2015-security-releases/ pcre<8.38nb1 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1283 bugzilla<4.2.16 code-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8508 bugzilla>=4.3<4.4.11 code-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8508 bugzilla<4.2.16 code-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8508 bugzilla>=4.3<4.4.11 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8509 bugzilla>=5.0<5.0.2 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8509 wireshark<1.12.9 multiple-vulnerabilities https://www.wireshark.org/docs/relnotes/wireshark-1.12.9.html git-base<2.6.1 arbitrary-code-execution http://www.openwall.com/lists/oss-security/2015/10/06/1 php{54,55,56}-owncloud>8.2.0<8.2.2 cross-site-scripting https://owncloud.org/security/advisory/?id=oc-sa-2016-001 php{54,55,56}-owncloud>8.2.0<8.2.2 information-disclosure https://owncloud.org/security/advisory/?id=oc-sa-2016-002 php{54,55,56}-owncloud>8.2.0<8.2.2 information-disclosure https://owncloud.org/security/advisory/?id=oc-sa-2016-003 subversion>1.9<1.9.3 heap-overflow http://subversion.apache.org/security/CVE-2015-5259-advisory.txt qemu<2.6.0 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7512 nss<3.20.2 arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2015-150/ suse{,32}_mozilla-nss[0-9]* arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2015-150/ gummi<0.6.6 symlink-attack http://www.openwall.com/lists/oss-security/2015/10/08/5 typo3>=6.2<6.2.16 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-010/ typo3>=6.2<6.2.16 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-011/ typo3>=6.2<6.2.16 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-012/ typo3>=6.2<6.2.16 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-013/ typo3>=6.2<6.2.16 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-014/ typo3>=6.2<6.2.16 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-015/ py{35,34,33,27}-pygments<2.0.2nb1 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8557 foomatic-filters>4 input-validation https://www.debian.org/security/2015/dsa-3419 foomatic-filters>4 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8560 ffmpeg2<2.8.5 information-leak https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1897 ffmpeg2<2.8.5 information-leak https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1898 gnutls<3.3.15 ssl-downgrade http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575 gnutls>=3.4<3.4.1 ssl-downgrade http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575 prosody<0.9.9 multiple-vulnerabilities http://blog.prosody.im/prosody-0-9-9-security-release/ p5-PathTools<3.62 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8607 php{54,55,56}-owncloud<8.0.9 information-leak https://owncloud.org/security/advisory/?id=oc-sa-2016-004 php{54,55,56}-owncloud>8.1.0<8.1.4 information-leak https://owncloud.org/security/advisory/?id=oc-sa-2016-004 php{54,55,56}-owncloud<7.0.12 cross-site-scripting https://owncloud.org/security/advisory/?id=oc-sa-2016-001 php{54,55,56}-owncloud>8.0.0<8.0.10 cross-site-scripting https://owncloud.org/security/advisory/?id=oc-sa-2016-001 php{54,55,56}-owncloud>8.1.0<8.1.5 cross-site-scripting https://owncloud.org/security/advisory/?id=oc-sa-2016-001 php{54,55,56}-owncloud<8.0.10 information-disclosure https://owncloud.org/security/advisory/?id=oc-sa-2016-002 php{54,55,56}-owncloud<8.1.0 information-disclosure https://owncloud.org/security/advisory/?id=oc-sa-2016-002 php{54,55,56}-owncloud<7.0.12 information-disclosure https://owncloud.org/security/advisory/?id=oc-sa-2016-003 php{54,55,56}-owncloud>8.0.0<8.0.10 information-disclosure https://owncloud.org/security/advisory/?id=oc-sa-2016-003 qemu<2.6.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1779 nghttp2<1.6.0 unknown-impact https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8659 py{27,33,34,35}-rsa<3.3 signature-spoofing https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1494 openssh<7.1.1nb2 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777 openssh<7.1.1nb2 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0778 openssh<7.1.1nb3 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1907 isc-dhclient<4.3.3p1 denial-of-service https://kb.isc.org/article/AA-01334 isc-dhcp<4.3.3p1 denial-of-service https://kb.isc.org/article/AA-01334 isc-dhcpd<4.3.3p1 denial-of-service https://kb.isc.org/article/AA-01334 isc-dhcrelay<4.3.3p1 denial-of-service https://kb.isc.org/article/AA-01334 roundcube<1.1.4 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8770 roundcube<1.1.2 code-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8793 roundcube<1.1.2 arbitrary-file-reading https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8794 gajim<0.16.5 man-in-the-middle https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8688 h2o<1.6.2 http-response-splitting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1133 bind>=9.9.0<9.9.8pl3 denial-of-service https://kb.isc.org/article/AA-01335 bind>=9.10.0<9.10.3pl3 denial-of-service https://kb.isc.org/article/AA-01335 bind>=9.9.0<9.9.8pl3 denial-of-service https://kb.isc.org/article/AA-01336 bind>=9.10.0<9.10.3pl3 denial-of-service https://kb.isc.org/article/AA-01336 php>=5.5<5.5.28 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.5.28 php>=5.6<5.6.12 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.12 php>=5.5<5.5.27 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.5.27 php>=5.6<5.6.11 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.11 php>=7.0<7.0.1 multiple-vulnerabilities http://php.net/ChangeLog-7.php#7.0.1 php>=5.5<5.5.31 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.5.31 php>=5.6<5.6.17 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.17 php>=7.0<7.0.2 multiple-vulnerabilities http://php.net/ChangeLog-7.php#7.0.2 oracle-{jdk,jre}8<8.0.71 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367955.html#AppendixJAVA openjdk8<1.8.71 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367955.html#AppendixJAVA mysql-server>=5.5<5.5.47 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL mysql-server>=5.6<5.6.28 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL mysql-server>=5.7<5.7.10 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL cgit<0.12 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1899 cgit<0.12 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1900 cgit<0.12 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1901 jasper<1.900.2 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867 suse{,32}_base<13.1nb11 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8777 suse{,32}_base-[0-9]* stack-overflow https://sourceware.org/bugzilla/show_bug.cgi?id=17905 prosody<0.9.10 spoofing-attack https://prosody.im/security/advisory_20160127/ xenkernel45<4.5.3 multiple-vulnerabilities http://xenbits.xen.org/xsa/advisory-167.html xenkernel45<4.5.3 denial-of-service http://xenbits.xen.org/xsa/advisory-168.html claws-mail<3.13.1 arbitrary-code-execution https://security-tracker.debian.org/tracker/CVE-2015-8614 php55-fpm<5.5.31 buffer-overflow https://bugs.php.net/bug.php?id=70755 php55-fpm<5.6.17 buffer-overflow https://bugs.php.net/bug.php?id=70755 php70-fpm<7.0.2 buffer-overflow https://bugs.php.net/bug.php?id=70755 ruby{18,193,200,21,22}-activesupport>=3.0<4.0 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3226 ruby{18,193,200,21,22}-activesupport<4.1.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3227 ruby{18,193,200,21,22}-actionpack<3.2.22.1 security-bypass https://marc.info/?l=oss-security&m=145375027528562&w=2 ruby{18,193,200,21,22}-activesupport<3.2.22.1 security-bypass https://marc.info/?l=oss-security&m=145375027528562&w=2 ruby{18,193,200,21,22}-actionpack<3.2.22.1 denial-of-service https://marc.info/?l=oss-security&m=145375035828624&w=2 ruby{18,193,200,21,22}-actionpack<3.2.22.1 directory-traversal https://marc.info/?l=oss-security&m=145375068928706&w=2 privoxy<3.0.24 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1982 privoxy<3.0.24 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1983 mariadb-client<5.5.47 man-in-the-middle https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2047 magento-[0-9]* validation-bypass http://www.vulnerability-lab.com/get_content.php?id=1203 magento<2.0.1 man-in-the-middle https://cxsecurity.com/issue/WLB-2016010129 ntp<4.2.8p6 multiple-vulnerabilities http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit chrony<1.31.2 validation-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1567 openssl>=1.0.1<1.0.1r multiple-vulnerabilities https://www.openssl.org/news/secadv/20160128.txt openssl>=1.0.2<1.0.2f multiple-vulnerabilities https://www.openssl.org/news/secadv/20160128.txt suse{,32}_openssl-[0-9]* multiple-vulnerabilities https://www.openssl.org/news/secadv/20151203.txt go<1.5.3 weak-cryptography https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8618 libebml<1.3.3 use-after-free https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8789 libebml<1.3.3 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8790 libebml<1.3.3 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8791 curl<7.47.0 ntlm-authentication-hijack http://curl.haxx.se/docs/adv_20160127A.html curl<7.47.0 directory-traversal http://curl.haxx.se/docs/adv_20160127B.html firefox<44.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox44 firefox38<38.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.6 Radicale<1.1 multiple-vulnerabilities http://radicale.org/news/#2015-12-31@11:54:03 asterisk>=11.0<11.21.1 man-in-the-middle http://downloads.digium.com/pub/security/AST-2016-001.html asterisk>=13.0<13.7.1 man-in-the-middle http://downloads.digium.com/pub/security/AST-2016-001.html asterisk>=11.0<11.21.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-002.html asterisk>=13.0<13.7.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-002.html asterisk>=11.0<11.21.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-003.html asterisk>=13.0<13.7.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-003.html webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0001.html webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0001.html webkit-gtk{,3}<2.10.7 multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0001.html tiff<4.0.6nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8781 suse{,32}_libtiff-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8781 tiff<4.0.6nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8782 suse{,32}_libtiff-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8782 tiff<4.0.6nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8783 suse{,32}_libtiff-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8783 openjpeg<2.1.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1923 openjpeg<2.1.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1924 ffmpeg2<2.8.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2213 mit-krb5<1.14.1 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8629 mit-krb5<1.14.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8630 mit-krb5<1.14.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8631 salt<2015.8.4 remote-code-execution https://docs.saltstack.com/en/latest/topics/releases/2015.8.4.html firefox<44.0.2 security-bypass https://www.mozilla.org/en-US/security/advisories/mfsa2016-13/ firefox38<38.6.1 arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2016-14/ xymon<4.3.25 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2054 xymon<4.3.25 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2055 xymon<4.3.25 code-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2056 xymon<4.3.25 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2057 xymon<4.3.25 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2058 ffmpeg2<2.8.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2213 ffmpeg2<2.8.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2328 ffmpeg2<2.8.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2329 ffmpeg2<2.8.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2330 adobe-flash-plugin<11.2.202.569 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-04.html nodejs>=0.12<0.12.10 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/february-2016-security-releases/ nodejs>=4<4.3.0 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/february-2016-security-releases/ nodejs>=5<5.6.0 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/february-2016-security-releases/ wordpress<4.4.2 request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2221 wordpress<4.4.2 request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2222 php{54,55,56}-ja-wordpress<4.4.2 request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2221 php{54,55,56}-ja-wordpress<4.4.2 request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2222 postgresql91-server<9.1.20 buffer-overflow http://www.postgresql.org/about/news/1644/ postgresql92-server<9.2.15 buffer-overflow http://www.postgresql.org/about/news/1644/ postgresql93-server<9.3.11 buffer-overflow http://www.postgresql.org/about/news/1644/ postgresql94-server<9.4.6 buffer-overflow http://www.postgresql.org/about/news/1644/ nginx<1.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0742 nginx<1.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0746 nginx<1.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0747 nginx>=1.9<1.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0742 nginx>=1.9<1.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0746 nginx>=1.9<1.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0747 libgcrypt<1.6.5 side-channel https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html ruby{18,193,200,21,22}-redmine-[0-9]* security-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7576 ruby{18,193,200,21,22}-redmine-[0-9]* cross-site-scripting http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7578 ruby{18,193,200,21,22}-activerecord32<3.2.22.1 security-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7577 ruby{18,193,200,21,22}-redmine-[0-9]* security-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7577 libssh2<1.7.0 weak-cryptography https://www.libssh2.org/adv_20160223.html suse{,32}_base<13.1nb11 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3481 gtk2+<2.24.29nb1 integer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7447 gtk3+<3.9.8 integer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7447 apache-tomcat>=6.0<6.0.45 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5174 apache-tomcat>=7.0<7.0.65 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5174 apache-tomcat>=8.0<8.0.27 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5174 apache-tomcat>=7.0<7.0.68 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0763 apache-tomcat>=8.0<8.0.31 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0763 apache-tomcat>=7.0<7.0.66 session-hijack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5346 apache-tomcat>=8.0<8.0.30 session-hijack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5346 apache-tomcat>=7.0<7.0.68 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0714 apache-tomcat>=8.0<8.0.31 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0714 apache-tomcat>=6.0<6.0.45 remote-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345 apache-tomcat>=7.0<7.0.67 remote-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345 apache-tomcat>=8.0<8.0.30 remote-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345 apache-tomcat>=7.0<7.0.68 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5351 apache-tomcat>=8.0<8.0.31 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5351 apache-tomcat>=6.0<6.0.45 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706 apache-tomcat>=7.0<7.0.68 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706 apache-tomcat>=8.0<8.0.31 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706 xerces-c<3.1.3 remote-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0729 gajim<0.16.5 remote-information-modification https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8688 thunderbird<38.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.6 websvn-[0-9]* cross-site-scripting https://marc.info/?l=full-disclosure&m=145614987429774&w=2 magento<1.9.2.3 weak-authentication https://magento.com/security/patches/supee-7405 phpmyadmin>=4.0.0.0<4.0.10.13 password-exposure https://www.phpmyadmin.net/security/PMASA-2016-4/ phpmyadmin>=4.4.0.0<4.4.15.3 password-exposure https://www.phpmyadmin.net/security/PMASA-2016-4/ phpmyadmin>=4.5.0.0<4.5.4 password-exposure https://www.phpmyadmin.net/security/PMASA-2016-4/ nettle<3.2 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8805 nettle<3.2 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8804 nettle<3.2 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8803 moodle>=3.0<3.0.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0725 moodle>=3.0<3.0.2 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0724 gcpio<2.13 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2037 phpmyadmin>=4.5.0.0<4.5.4 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-9/ phpmyadmin>=4.5.0.0<4.5.4 cross-site-request-forgery https://www.phpmyadmin.net/security/PMASA-2016-2/ phpmyadmin>=4.5.0.0<4.5.4 information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-1/ phpmyadmin>=4.5.0.0<4.5.4 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-3/ phpmyadmin>=4.5.0.0<4.5.4 information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-6/ phpmyadmin>=4.5.0.0<4.5.4 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-7/ phpmyadmin>=4.5.0.0<4.5.4 information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-8/ phpmyadmin>=4.5.0.0<4.5.4 cross-site-request-forgery https://www.phpmyadmin.net/security/PMASA-2016-5/ php{55,56,70}-basercms<3.0.9 code-injection http://basercms.net/security/JVN69854312 php{55,56,70}-owncloud>8.2<8.2.2 information-disclosure https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2015-062.txt libreoffice<5.0.4 memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0794 libreoffice4-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0794 libreoffice43-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0794 libreoffice4-bin-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0794 libreoffice5-bin-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0794 libreoffice<5.0.5 memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0795 libreoffice4-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0795 libreoffice43-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0795 libreoffice4-bin-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0795 libreoffice5-bin-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0795 squid>=3.5<3.5.15 multiple-vulnerabilities http://www.squid-cache.org/Advisories/SQUID-2016_2.txt wireshark<1.12.10 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-11.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-11.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-09.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-07.html wireshark<1.12.10 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-10.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-10.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-06.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-05.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-03.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-02.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-08.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-04.html firefox<43.0 arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2016-14/ graphite2<1.3.5 arbitrary-code-execution http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html ruby{18,193,200,21,22}-actionpack-[0-9]* denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7581 ruby{18,193,200,21,22}-actionpack-[0-9]* code-injection http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7579 ruby{18,193,200,21,22}-redmine-[0-9]* cross-site-scripting http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7580 drupal-6.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby192-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby193-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby200-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages postfix<3.0 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages horde<5.2.9 cross-site-scripting http://lists.horde.org/archives/announce/2016/001140.html py{34,33,27,26}-Pillow<3.1.1 multiple-vulnerabilities https://pillow.readthedocs.org/en/3.1.x/releasenotes/3.1.1.html drupal<7.43 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2016-001 openssl>=1.0.2<1.0.2g multiple-vulnerabilities https://www.openssl.org/news/secadv/20160301.txt phpmyadmin>=4.5.0.0<4.5.5.1 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-10/ phpmyadmin>=4.5.0.0<4.5.5.1 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-11/ phpmyadmin>=4.5.0.0<4.5.5.1 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-12/ phpmyadmin>=4.5.0.0<4.5.5.1 man-in-the-middle https://www.phpmyadmin.net/security/PMASA-2016-13/ roundup<1.5.1 sensitive-information-disclosure https://pypi.python.org/pypi/roundup/1.5.1 libotr<4.1.1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2851 firefox<45.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox45 firefox38<38.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.7 xfce4-thunar<1.6.10nb2 integer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7447 jasper<1.900.1nb11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1577 jasper<1.900.1nb11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2116 jasper<1.900.1nb11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2089 php>=5.5<5.5.33 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.5.33 php>=5.6<5.6.19 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.6.19 php>=7.0<7.0.4 multiple-vulnerabilities https://secure.php.net/ChangeLog-7.php#7.0.4 bind>=9.10.0<9.10.3pl4 denial-of-service https://kb.isc.org/article/AA-01351/0 bind>=9.9.0<9.9.8pl4 denial-of-service https://kb.isc.org/article/AA-01352/0 bind>=9.10.0<9.10.3pl4 denial-of-service https://kb.isc.org/article/AA-01352/0 bind>=9.9.0<9.9.8pl4 denial-of-service https://kb.isc.org/article/AA-01353/0 bind>=9.10.0<9.10.3pl4 denial-of-service https://kb.isc.org/article/AA-01353/0 isc-dhcpd<4.3.4 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2774 nss<3.21.1 remote-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1950 adobe-flash-plugin<11.2.202.577 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-08.html samba>=3<3.9999 security-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7560 samba>=4<4.3.6 security-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7560 samba>=4<4.3.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0771 openssh<7.2.2 command-injection http://www.openssh.com/txt/x11fwd.adv ruby{18,193,200,21,22}-actionpack<3.2.22.2 information-leak https://groups.google.com/forum/#!msg/rubyonrails-security/ddY6HgqB2z4/we0RasMZIAAJ ruby{18,193,200,21,22}-actionpack<3.2.22.2 remote-code-execution https://groups.google.com/forum/#!msg/rubyonrails-security/ly-IH-fxr_Q/WLoOhcMZIAAJ ruby{18,193,200,21,22}-redmine-[0-9]* remote-code-execution https://groups.google.com/forum/#!msg/rubyonrails-security/ly-IH-fxr_Q/WLoOhcMZIAAJ apollo-[0-9]* clickjacking http://activemq.apache.org/security-advisories.data/CVE-2016-0734-announcement.txt apollo-[0-9]* cross-site-scripting http://activemq.apache.org/security-advisories.data/CVE-2016-0782-announcement.txt thunderbird<38.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.7 quagga<1.0.20160309 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2342 graphite2<1.3.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/ git-base<2.7.3nb1 multiple-vulnerabilities http://seclists.org/oss-sec/2016/q1/645 pcre<8.38nb2 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3191 pcre2<10.22 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3191 webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0002.html webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0002.html webkit-gtk{,3}<2.10.8 multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0002.html apollo-[0-9]* arbitrary-code-execution http://activemq.apache.org/security-advisories.data/CVE-2015-5254-announcement.txt xenkernel45<4.5.1nb2 multiple-vulnerabilities http://xenbits.xen.org/xsa/advisory-159.html xenkernel45<4.5.1nb2 denial-of-service http://xenbits.xen.org/xsa/advisory-160.html xenkernel45<4.5.1nb2 remote-code-execution http://xenbits.xen.org/xsa/advisory-155.html xenkernel45<4.5.3 denial-of-service http://xenbits.xen.org/xsa/advisory-154.html xenkernel45<4.5.3 denial-of-service http://xenbits.xen.org/xsa/advisory-170.html oracle-{jdk,jre}8<8.0.77 remote-code-execution http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html openjdk8<1.8.77 remote-code-execution http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html pixman<0.32.6 integer-overflow https://www.debian.org/security/2016/dsa-3525 dropbear<2016.72 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3116 libmatroska<1.4.4 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8792 pidgin-otr<4.0.2 denial-of-service https://www.debian.org/security/2016/dsa-3528 ruby{18,193,200,21,22}-redmine<3.2.0 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3529 inspircd<2.0.19 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8702 mit-krb5<1.14.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3119 webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0003.html webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0003.html webkit-gtk{,3}<2.10.5 multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0003.html imlib2<1.4.7 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3537 imebml<1.3.3 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3538 go>=1.6<1.6nb1 denial-of-service http://www.openwall.com/lists/oss-security/2016/04/05/1 putty<0.67 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2563 adobe-flash-plugin<11.2.202.616 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-10.html websvn<2.3.3 cross-site-scripting http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2511 erlang<18.0 man-in-the-middle http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2774 optipng<0.7.6 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2191 squid<3.5.16 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3947 squid<3.5.16 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3948 lhasa<0.3.1 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2347 py{27,34,35,36}-mercurial<3.7.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-3630 py{27,34,35,36}-mercurial<3.7.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-3068 py{27,34,35,36}-mercurial<3.7.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-3069 srtp<1.5.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6360 exim<4.86.2 privilege-escalation http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1531 py{27,33,34}-django>=1.9<1.9.3 information-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2513 go>=1.5<1.5.4 denial-of-service http://www.openwall.com/lists/oss-security/2016/04/05/1 proftpd<1.3.5b unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3125 jenkins<1.642.2 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0788 jenkins<1.650 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0788 jenkins<1.642.2 http-header-injection http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0789 jenkins<1.650 http-header-injection http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0789 jenkins<1.642.2 brute-force-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0790 jenkins<1.650 brute-force-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0790 jenkins<1.642.2 brute-force-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0791 jenkins<1.650 brute-force-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0791 jenkins<1.642.2 unspecified http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0792 jenkins<1.650 unspecified http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0792 perl<5.22.1nb1 security-restrictions-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2381 bozohttpd<20160415 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8212 cacti<0.8.8g sql-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8604 nodejs>=0.10.0<0.10.42 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/february-2016-security-releases/ postgresql95-server<9.5.2 multiple-vulnerabilities http://www.postgresql.org/about/news/1656/ py{27,33,34,35}-django<1.8.10 spoofing-attack https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2512 py{27,33,34,35}-django>=1.9<1.9.3 spoofing-attack https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2512 cacti-[0-9]* remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3659 squid<3.5.16 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3947 squid<3.5.16 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3948 libvirt-[0-9]* arbitrary-file-access http://security.libvirt.org/2015/0004.html claws-mail<3.13.2 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8708 samba<4.2.11 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2118 samba>=4.3<4.3.8 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2118 samba>=4.4<4.4.2 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2118 samba<4.2.11 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2110 samba>=4.3<4.3.8 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2110 samba>=4.4<4.4.2 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2110 samba<4.2.11 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5370 samba>=4.3<4.3.8 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5370 samba>=4.4<4.4.2 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5370 samba<4.2.11 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2113 samba>=4.3<4.3.8 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2113 samba>=4.4<4.4.2 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2113 samba<4.2.11 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2114 samba>=4.3<4.3.8 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2114 samba>=4.4<4.4.2 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2114 samba<4.2.11 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2115 samba>=4.3<4.3.8 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2115 samba>=4.4<4.4.2 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2115 samba<4.2.11 sensitive-information-disclosure http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2111 samba>=4.3<4.3.8 sensitive-information-disclosure http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2111 samba>=4.4<4.4.2 sensitive-information-disclosure http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2111 samba<4.2.11 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2112 samba>=4.3<4.3.8 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2112 samba>=4.4<4.4.2 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2112 qemu<2.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2857 qemu<2.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2858 qemu<2.4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1714 qemu<2.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5158 qemu<2.6.0 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1568 cacti-[0-9]* sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3659 cacti-[0-9]* sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3172 cacti-[0-9]* security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2313 tiff<4.0.7 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3467 suse{,32}_libtiff-[0-9]* multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3467 tiff<4.0.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547 suse{,32}_libtiff-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547 tiff<4.0.7 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3186 suse{,32}_libtiff-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3186 xenkernel45<4.5.3 information-leak http://xenbits.xen.org/xsa/advisory-172.html xenkernel45<4.5.3 address-width-overflow http://xenbits.xen.org/xsa/advisory-173.html libssh<0.73 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0739 libssh2<1.7.0 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0787 py{35,34,33,27}-Pillow<3.1.1 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3499 optipng<0.7.6 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3981 optipng<0.7.6 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3982 optipng<0.6.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7801 optipng<0.7.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7802 libxml2<2.9.4 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806 suse{,32}_libxml2-[0-9]* heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806 py{35,34,33,27}-django-cms-[0-9]* validation-bypass http://www.vulnerability-lab.com/get_content.php?id=1821 asterisk>=13.0<13.8.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-004.html asterisk>=13.0<13.8.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-005.html libvirt>=1.2.14<1.2.20 denial-of-service http://security.libvirt.org/2015/0004.html openssh<7.2.2nb1 local-security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8325 thunderbird>=39<45.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45 dhcpcd<6.10.0 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1503 dhcpcd<6.10.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1504 latex2rtf<2.3.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8106 gdk-pixbuf2<2.33 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7552 vlc<2.2.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3941 xdelta3<3.0.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9765 suse{,32}_base-[0-9]* multiple-vulnerabilities http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html ffmpeg1-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5479 ffmepg010-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5479 squid>=3.5<3.5.14 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2016_1.txt squid>=3.5<3.5.17 buffer-overflow http://www.squid-cache.org/Advisories/SQUID-2016_5.txt squid>=3.5<3.5.17 multiple-vulnerabilities http://www.squid-cache.org/Advisories/SQUID-2016_6.txt gd<2.1.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3074 hexchat<2.10.2 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7449 mysql-client>=5.5<5.5.49 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixMSQL mysql-server>=5.5<5.5.49 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixMSQL mysql-client>=5.6<5.6.30 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixMSQL mysql-server>=5.6<5.6.30 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixMSQL oracle-{jdk,jre}8<8.0.91 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixJAVA openjdk8<1.8.91 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixJAVA cairo<1.14.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3190 giflib-util<5.1.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3977 varnish<3.0.7 http-header-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8852 imlib2<1.4.9 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3555 firefox<46.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox46 firefox38<38.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.8 qemu<2.6.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4002 wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-19.html wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-20.html wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-21.html wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-22.html wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-23.html wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-24.html wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-25.html wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-26.html wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-27.html wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-28.html samba>=4.4<4.4.2 denial-of-service https://www.samba.org/samba/security/CVE-2015-5370.html php>=5.6<5.6.20 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.6.20 php>=7.0<7.0.6 multiple-vulnerabilities https://secure.php.net/ChangeLog-7.php#7.0.6 ImageMagick<6.9.3.0 multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2016/02/22/4 poppler<0.40.0 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8868 subversion>1.9<1.9.4 authentication-bypass http://subversion.apache.org/security/CVE-2016-2167-advisory.txt subversion>1.9<1.9.4 denial-of-service http://subversion.apache.org/security/CVE-2016-2168-advisory.txt php>=5.6<5.6.21 denial-of-service https://secure.php.net/ChangeLog-5.php#5.6.21 ntp<4.2.8p7 multiple-vulnerabilities http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-12.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-13.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-14.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-15.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-16.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-17.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-18.html jq<1.5nb1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8863 jq<1.5nb4 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4074 ImageMagick<6.9.3.10 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3714 ImageMagick<6.9.3.10 security-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3715 ImageMagick<6.9.3.10 security-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3716 ImageMagick<6.9.3.10 information-disclosure http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3717 ImageMagick<6.9.3.10 request-forgery http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3718 libtasn1<4.8 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4008 openssl>=1.0.2<1.0.2h multiple-vulnerabilities https://www.openssl.org/news/secadv/20160503.txt libarchive<3.2.0 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1541 lcms2<2.6 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7455 py{27,34,35,36}-mercurial<3.8.1 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3105 openafs<1.6.17 remote-security-bypass http://www.openafs.org/pages/security/OPENAFS-SA-2016-001.txt openafs<1.6.17 remote-information-exposure http://www.openafs.org/pages/security/OPENAFS-SA-2016-002.txt openafs<1.6.16 denial-of-service https://www.openafs.org/dl/1.6.16/RELNOTES-1.6.16 qemu<2.6.0 arbitrary-code-execution http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3710 qemu<2.6.0 arbitrary-code-execution http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3712 xentools45<4.5.3 multiple-vulnerabilities http://xenbits.xen.org/xsa/advisory-179.html wpa_supplicant<2.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4476 wpa_supplicant<2.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4477 adobe-flash-plugin<11.2.202.621 arbitrary-code-execution https://helpx.adobe.com/security/products/flash-player/apsa16-02.html squid<3.5.18 cache-poisoning http://www.squid-cache.org/Advisories/SQUID-2016_7.txt squid<3.5.18 cache-poisoning http://www.squid-cache.org/Advisories/SQUID-2016_8.txt squid<3.5.18 multiple-vulnerabilities http://www.squid-cache.org/Advisories/SQUID-2016_9.txt ikiwiki<3.20160506 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4561 botan<1.10.13 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3565 botan>=1.11.0<1.11.27 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3565 botan>=1.8.3<1.10.8 weak-encryption http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9742 botan>=1.11.0<1.11.9 weak-encryption http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9742 botan>=1.11.0<1.11.27 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2196 botan>=1.11.0<1.11.29 ssl-downgrade http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2850 botan>=1.7.15<1.10.13 side-channel https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2849 botan>=1.11.0<1.11.29 side-channel https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2849 jenkins<1.651.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2016-05-11/ jansson<2.8 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-4425 libxml2<2.9.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6837 libxml2<2.9.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6838 libxml2<2.9.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3627 suse{,32}_libxml2-[0-9]* denial-of-service http://lists.opensuse.org/opensuse-updates/2016-05/msg00055.html libxml2<2.9.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3705 suse{,32}_libxml2-[0-9]* denial-of-service http://lists.opensuse.org/opensuse-updates/2016-05/msg00055.html expat<2.1.1nb1 arbitrary-code-execution https://www.debian.org/security/2016/dsa-3582 bugzilla>=4.4<4.4.12 cross-site-scripting https://bugzilla.mozilla.org/show_bug.cgi?id=1253263 bugzilla>=5.0<5.0.3 cross-site-scripting https://bugzilla.mozilla.org/show_bug.cgi?id=1253263 xerces-c<3.1.4 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2099 nss<3.21.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979 php>=5.5<5.5.34 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.5.34 qemu<2.6.1 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4439 qemu<2.6.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4441 librsvg<2.40.12 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7558 librsvg<2.40.7 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7557 librsvg<2.40.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4348 moodle>=3.0<3.0.3 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=330173 moodle>=3.0<3.0.3 referer-leak https://moodle.org/mod/forum/discuss.php?d=330181 moodle>=3.0<3.0.3 restriction-bypass https://moodle.org/mod/forum/discuss.php?d=330182 moodle>=3.0<3.0.3 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=330180 moodle>=3.0<3.0.3 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=330178 moodle>=3.0<3.0.3 restriction-bypass https://moodle.org/mod/forum/discuss.php?d=330176 moodle>=3.0<3.0.3 cross-site-request-forgeries https://moodle.org/mod/forum/discuss.php?d=330179 moodle>=3.0<3.0.3 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=330174 moodle>=3.0<3.0.3 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=330175 wireshark>=2.0<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-22.html wireshark<1.12.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-22.html wireshark>=2.0<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-23.html wireshark<1.12.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-23.html wireshark>=2.0<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-24.html wireshark<1.12.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-24.html wireshark>=2.0<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-25.html wireshark<1.12.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-25.html wireshark>=2.0<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-26.html wireshark<1.12.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-26.html wireshark>=2.0<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-27.html wireshark<1.12.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-28.html php>=5.5<5.5.35 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.5.35 wordpress<4.4.1 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1564 php{55,56,70}-ja-wordpress<4.4.1 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1564 wordpress<4.2.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8834 php{55,56,70}-ja-wordpress<4.2.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8834 xenkernel45<4.5.3nb2 privilege-escalation http://xenbits.xen.org/xsa/advisory-176.html wordpress<4.5.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4567 php{55,56,70}-ja-wordpress<4.5.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4567 wordpress<4.5.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4566 php{55,56,70}-ja-wordpress<4.5.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4566 libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1762 libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1833 libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1834 libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1835 libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1836 libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1837 libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1838 libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1839 libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1840 libxml2<2.9.4 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4483 websvn-[0-9]* cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1236 qemu<2.6.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8558 qemu<2.6.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4037 qemu<2.6.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4001 qemu<2.6.1 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4020 webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0004.html webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0004.html webkit-gtk<2.12.3 multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0004.html quagga-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4049 libvirt<1.3.3 denial-of-service http://www.openwall.com/lists/oss-security/2016/05/24/5 xentools45<4.5.3nb3 denial-of-service http://xenbits.xen.org/xsa/advisory-180.html jetty>=9.3.0<9.3.9 information-disclosure http://www.ocert.org/advisories/ocert-2016-001.html pgpdump<0.30 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4021 typo<6.2.20 security-bypass http://seclists.org/bugtraq/2016/May/94 perl<5.22.1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8853 gd<2.1.1 denial-of-service https://security-tracker.debian.org/tracker/CVE-2013-7456 libxml2<2.9.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447 libxml2<2.9.4 format-string http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4448 libxml2<2.9.4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449 ImageMagick<7.0.1.2 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4562 ImageMagick<7.0.1.2 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4563 ImageMagick<7.0.1.2 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4564 ImageMagick<7.0.1.8 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5118 GraphicsMagick<1.3.24 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5118 gdk-pixbuf2<2.33.1 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8875 ansible<1.9.6 insecure-temp-files http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3096 nginx<1.8.1nb1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4450 nginx>=1.9<1.9.10nb1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4450 xentools45<4.5.3nb3 privilege-escalation http://xenbits.xen.org/xsa/advisory-178.html xenkernel45<4.5.3 privilege-escalation http://xenbits.xen.org/xsa/advisory-179.html xenkernel45<4.5.3nb2 denial-of-service http://xenbits.xen.org/xsa/advisory-180.html xenkernel45<4.5.3nb2 denial-of-service http://xenbits.xen.org/xsa/advisory-181.html firefox<47.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox47 firefox45<45.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr45.2 libksba<1.3.4 multiple-vulnerabilities http://www.ubuntu.com/usn/USN-2982-1/ ruby{18,21,22,23}-puppet>4.0<4.4.2 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2785 qemu<2.6.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4453 qemu<2.6.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4454 qemu<2.6.1 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5126 qemu<2.6.1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5337 qemu<2.6.1 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5238 ImageMagick<7.0.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4563 ImageMagick<7.0.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4564 ImageMagick<7.0.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4562 ImageMagick6<6.9.4.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4563 ImageMagick6<6.9.4.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4564 ImageMagick6<6.9.4.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4562 atheme<7.2.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4478 atheme<7.2.7 remote-information-modification https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9773 ntp<4.2.8p8 multiple-vulnerabilities http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi freetype2<2.5.4 multiple-vulnerabilities http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type42/t42parse.c?id=8b281f83e8516535756f92dbf90940ac44bd45e1 ansible>=1.9<1.9.6.1 arbitrary-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3096 ansible>=2.0<2.0.2.0 arbitrary-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3096 vlc<2.2.4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5108 clamav<0.99.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1405 suse{,32}_base-[0-9]* multiple-vulnerabilities http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html libxslt<1.1.29 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683 libxslt<1.1.29 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684 ocaml<4.03.0 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8869 thunderbird>=45<45.1.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.1 thunderbird38<38.8.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.8 adobe-flash-plugin<11.2.202.621 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-15.html adobe-flash-plugin<11.2.202.621 remote-code-execution https://helpx.adobe.com/security/products/flash-player/apsa16-03.html drupal>=7<7.44 privilege-escalation https://www.drupal.org/SA-CORE-2016-002 php>=5.6<5.6.22 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.6.22 php>=5.5<5.5.36 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.5.36 php>=5.6<5.6.23 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.6.23 php>=5.5<5.5.37 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.5.37 qemu<2.5.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2392 qemu<2.5.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2538 qemu<2.5.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2841 h2o<1.7.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4817 expat<2.2.0 insufficiently-random-numbers https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6702 openssl>=1.0.2<1.0.2i denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2177 openssl>=1.0.2<1.0.2i side-channel https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2178 qemu<2.6.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2391 expat<2.2.0 insufficiently-random-numbers https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5300 mDNSResponder<625.41.2 denial-of-service https://www.kb.cert.org/vuls/id/143335 openssl>=1.0.1<1.0.1s multiple-vulnerabilities https://www.openssl.org/news/secadv/20160301.txt openssl>=1.0.0<1.0.0r multiple-vulnerabilities https://www.openssl.org/news/secadv/20160301.txt openssl<0.9.8zf multiple-vulnerabilities https://www.openssl.org/news/secadv/20160301.txt openssl>=1.0.1<1.0.1t multiple-vulnerabilities https://www.openssl.org/news/secadv/20160503.txt openssl>=1.0.1<1.0.1t multiple-vulnerabilities http://www.securityfocus.com/archive/1/535303 openssl<1.0.1t multiple-vulnerabilities http://www.securityfocus.com/archive/1/535303 php{55,56,70}-contao41-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php-5.4.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages wordpress<4.5.3 restriction-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5838 wordpress<4.5.3 restriction-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5832 wordpress<4.5.3 cross-site-scripting http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5833 wordpress<4.5.3 cross-site-scripting http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5834 wordpress<4.5.3 sensitive-information-disclosure http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5835 wordpress<4.5.3 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5836 wordpress<4.5.3 restriction-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5837 wordpress<4.5.3 filtering-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5839 php{55,56,70}-ja-wordpress<4.5.3 restriction-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5838 php{55,56,70}-ja-wordpress<4.5.3 restriction-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5832 php{55,56,70}-ja-wordpress<4.5.3 cross-site-scripting http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5833 php{55,56,70}-ja-wordpress<4.5.3 cross-site-scripting http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5834 php{55,56,70}-ja-wordpress<4.5.3 sensitive-information-disclosure http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5835 php{55,56,70}-ja-wordpress<4.5.3 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5836 php{55,56,70}-ja-wordpress<4.5.3 restriction-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5837 php{55,56,70}-ja-wordpress<4.5.3 filtering-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5839 xerces-c<3.1.4 denial-of-service http://xerces.apache.org/xerces-c/secadv/CVE-2016-4463.txt apache-tomcat>=7.0<7.0.70 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092 apache-tomcat>=8.0<8.0.36 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092 libreoffice<5.1.4 remote-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/ libreoffice-bin<5.1.4 remote-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/ libreoffice>5.2<5.2.0 remote-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/ libreoffice-bin>5.2<5.2.0 remote-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/ dnsmasq<2.76 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8899 haproxy<1.6.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5360 bzip2<1.0.7 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3189 wget<1.18 arbitrary-file-overwrite http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4971 expat<2.2.0 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4472 suse{,32}_expat-[0-9]* denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4472 sqlite3<3.13.0 data-leak https://www.korelogic.com/Resources/Advisories/KL-001-2016-003.txt suse{,32}_sqlite3-[0-9]* data-leak https://www.korelogic.com/Resources/Advisories/KL-001-2016-003.txt nodejs>=0.10<0.10.44 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3956 nodejs>=0.12<0.12.13 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3956 nodejs>=4<4.4.2 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3956 nodejs>=5<5.10.0 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3956 phpmyadmin>=4.6<4.6.3 parameter-injection https://www.phpmyadmin.net/security/PMASA-2016-18/ phpmyadmin>=4.0<4.0.10.16 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-22/ phpmyadmin>=4.4<4.4.15.7 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-22/ phpmyadmin>=4.6<4.6.3 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-22/ phpmyadmin>=4.0<4.0.10.16 sensitive-information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-23/ phpmyadmin>=4.4<4.4.15.7 sensitive-information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-23/ phpmyadmin>=4.6<4.6.3 sensitive-information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-23/ phpmyadmin>=4.6<4.6.3 code-injection https://www.phpmyadmin.net/security/PMASA-2016-20/ phpmyadmin>=4.0<4.0.10.16 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-24/ phpmyadmin>=4.4<4.4.15.7 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-24/ phpmyadmin>=4.6<4.6.3 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-24/ phpmyadmin>=4.6<4.6.3 code-injection https://www.phpmyadmin.net/security/PMASA-2016-25/ phpmyadmin>=4.0<4.0.10.16 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-26/ phpmyadmin>=4.4<4.4.15.7 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-26/ phpmyadmin>=4.6<4.6.3 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-26/ phpmyadmin>=4.0<4.0.10.16 cross-site-request-forgery https://www.phpmyadmin.net/security/PMASA-2016-28/ phpmyadmin>=4.4<4.4.15.7 cross-site-request-forgery https://www.phpmyadmin.net/security/PMASA-2016-28/ phpmyadmin>=4.6<4.6.3 cross-site-request-forgery https://www.phpmyadmin.net/security/PMASA-2016-28/ phpmyadmin>=4.0<4.0.10.16 code-injection https://www.phpmyadmin.net/security/PMASA-2016-27/ phpmyadmin>=4.4<4.4.15.7 code-injection https://www.phpmyadmin.net/security/PMASA-2016-27/ phpmyadmin>=4.6<4.6.3 code-injection https://www.phpmyadmin.net/security/PMASA-2016-27/ phpmyadmin>=4.4<4.4.15.7 arbitrary-command-execution https://www.phpmyadmin.net/security/PMASA-2016-19/ phpmyadmin>=4.6<4.6.3 arbitrary-command-execution https://www.phpmyadmin.net/security/PMASA-2016-19/ phpmyadmin>=5.0.10<4.0.10.16 code-injection https://www.phpmyadmin.net/security/PMASA-2016-17/ phpmyadmin>=4.4.15<4.4.15.7 code-injection https://www.phpmyadmin.net/security/PMASA-2016-17/ phpmyadmin>=4.6<4.6.3 code-injection https://www.phpmyadmin.net/security/PMASA-2016-17/ phpmyadmin>=4.4<4.4.15.7 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-21/ phpmyadmin>=4.6<4.6.3 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-21/ phpmyadmin>=4.4<4.4.15.6 code-injection https://www.phpmyadmin.net/security/PMASA-2016-16/ phpmyadmin>=4.6<4.6.2 code-injection https://www.phpmyadmin.net/security/PMASA-2016-16/ phpmyadmin<4.6.2 code-injection https://www.phpmyadmin.net/security/PMASA-2016-14/ contao35<3.5.15 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4567 php{55,56,70}-contao35<3.5.15 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4567 php{55,56,70}-contao41-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4567 php{55,56,70}-contao42<4.2.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4567 libbpg>=0.9.5 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5637 adobe-flash-plugin<11.2.202.632 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-25.html go>=1.6<1.6.3 input-validation https://golang.org/issue/16405 thunderbird>=45<45.2.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.2 bind>=9.0.0<9.9.9pl2 denial-of-service https://kb.isc.org/article/AA-01390/169/CVE-2016-6170 bind>=9.10.0<9.10.4pl2 denial-of-service https://kb.isc.org/article/AA-01390/169/CVE-2016-6170 bind>=9.0.0<9.9.9pl1 denial-of-service https://kb.isc.org/article/AA-01393/74/CVE-2016-2775 bind>=9.10.0<9.10.4pl1 denial-of-service https://kb.isc.org/article/AA-01393/74/CVE-2016-2775 apache-tomcat-5.5.[0-9]* access-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5388 apache-tomcat-6.[0-9]* access-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5388 apache-tomcat-7.[0-9]* access-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5388 apache-tomcat<8.0.37 access-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5388 gimp<2.8.18 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4994 apache<2.2.31nb4 access-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387 apache>=2.4<2.4.23nb2 access-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387 apache>=2.4.18<2.4.23 security-restrictions-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4979 libvirt<2.0.0 authentication-bypass http://security.libvirt.org/2016/0001.html apache>=2.4.17<2.4.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1546 samba>=4.0<4.2.15 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119 samba>=4.3<4.3.11 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119 samba>=4.4<4.4.5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119 kinit<5.23 information-disclosure https://www.kde.org/info/security/advisory-20160621-1.txt GraphicsMagick<1.3.18 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8808 GraphicsMagick<1.3.18 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4589 wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-29.html wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-29.html wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-30.html wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-30.html wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-31.html wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-32.html wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-32.html wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-33.html wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-33.html wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-34.html wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-34.html wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-35.html wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-35.html wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-36.html wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-36.html wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-37.html wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-38.html py{27,33,34,35}-django>=1.9<1.9.8 cross-site-scripting https://www.djangoproject.com/weblog/2016/jul/18/security-releases/ harfbuzz<1.0.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8947 php>=5.5<5.6 out-of-bounds-write https://bugs.php.net/bug.php?id=72613 php>=5.6<5.6.24 out-of-bounds-write https://bugs.php.net/bug.php?id=72613 php>=7<7.0.9 out-of-bounds-write https://bugs.php.net/bug.php?id=72613 mysql>=5.5<5.5.50 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL mysql>=5.6<5.6.31 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL bsdiff<4.3nb1 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9862 php>=5.5<5.5.38 input-validation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5385 php>=5.6<5.6.24 input-validation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5385 php>=7<7.0.9 input-validation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5385 oracle-{jdk,jre}8<8.0.101 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixJAVA openjdk8<1.8.101 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixJAVA openssh<7.3 valid-account-enumeration http://seclists.org/fulldisclosure/2016/Jul/51 wireshark<2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools3-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools33-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools41-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools42-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel43-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel44-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools43-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools44-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mariadb-server<5.5.50 multiple-vulnerabilities https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ icu<58.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6293 p5-DBD-mysql<4.031 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9906 gd<2.2.3 multiple-vulnerabilities https://github.com/libgd/libgd/releases/tag/gd-2.2.3 collectd<5.4.3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6254 mit-krb5<1.14.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3120 perl<5.22.3 privilege-elevation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1238 perl>5.24.0<5.24.1 privilege-elevation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1238 perl<5.22.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6185 perl>5.24.0<5.24.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6185 p5-XSLoader-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6185 openssl>=1.0.2<1.0.2i denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2180 karchive<5.24 arbitrary-file-overwrite https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6232 xentools45<4.5.3nb3 denial-of-service http://xenbits.xen.org/xsa/advisory-175.html xentools46<4.6.3 denial-of-service http://xenbits.xen.org/xsa/advisory-175.html xenkernel45<4.5.3nb1 privilege-elevation http://xenbits.xen.org/xsa/advisory-182.html xenkernel46<4.6.4 privilege-elevation http://xenbits.xen.org/xsa/advisory-182.html redis<3.2.3 insecure-file-permissions https://www.suse.com/security/cve/CVE-2013-7458.html qemu<2.6.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5403 qemu0-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5403 xentools45<4.5.3nb4 denial-of-service http://xenbits.xen.org/xsa/advisory-184.html xentools46<4.6.4 denial-of-service http://xenbits.xen.org/xsa/advisory-184.html xenkernel45<4.5.3nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-183.html xenkernel46<4.6.4 denial-of-service http://xenbits.xen.org/xsa/advisory-183.html curl>=7.1<7.50.1 weak-ssl-authentication https://curl.haxx.se/docs/adv_20160803A.html suse{,32}_libcurl-[0-9]* weak-ssl-authentication https://curl.haxx.se/docs/adv_20160803A.html curl>=7.1<7.50.1 weak-ssl-authentication https://curl.haxx.se/docs/adv_20160803B.html suse{,32}_libcurl-[0-9]* weak-ssl-authentication https://curl.haxx.se/docs/adv_20160803B.html curl>=7.32.0<7.50.1 use-after-free https://curl.haxx.se/docs/adv_20160803C.html suse{,32}_libcurl-[0-9]* use-after-free https://curl.haxx.se/docs/adv_20160803C.html php{55,56,70,71}-ja-wordpress<4.5 remote-hijacking http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6635 wordpress<4.5 remote-hijacking http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6635 php70-gd>=7.0<7.0.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6128 php70-gd>=7.0<7.0.8 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766 php56-gd>=5.6<5.5.37 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766 php55-gd>=5.5<5.6.23 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766 php70-gd>=7.0<7.0.8 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5767 php56-gd>=5.6<5.5.37 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5767 php55-gd>=5.5<5.6.23 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5767 php70-mbstring>=7.0<7.0.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5768 php56-mbstring>=5.6<5.6.23 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5768 php55-mbstring>=5.5<5.5.37 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5768 php55-intl>=5.5<5.5.36 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5093 php56-intl>=5.6<5.6.22 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5093 php70-intl>=7.0<7.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5093 php{55,56,70,71}-ja-wordpress<4.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6634 wordpress<4.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6634 php{55,56,70,71}-ja-wordpress<4.5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4029 wordpress<4.5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4029 openssh<7.3.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6515 openssh<7.3.1 multiple-vulnerabilities http://www.openssh.com/txt/release-7.3 wireshark>=2.0<2.0.5 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-45.html wireshark>=2.0<2.0.5 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-44.html wireshark>=2.0<2.0.5 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-48.html wireshark>=2.0<2.0.5 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-49.html wireshark>=2.0<2.0.5 stack-overflow https://www.wireshark.org/security/wnpa-sec-2016-46.html wireshark>=2.0<2.0.5 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-47.html wireshark>=2.0<2.0.5 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-42.html wireshark>=2.0<2.0.5 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-41.html nspr<4.12 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1951 suse{,32}_mozilla-nspr-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1951 firefox<48.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox48 firefox45<45.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr45.3 openoffice3{,-bin}-[0-9]* arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2016-1513.html stunnel<5.34 unspecified https://www.stunnel.org/sdf_ChangeLog.html stunnel<5.35 unspecified https://www.stunnel.org/sdf_ChangeLog.html fontconfig<2.12.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5384 suse{,32}_fontconfig-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5384 postgresql91-server<9.1.23 denial-of-service https://access.redhat.com/security/cve/CVE-2016-5423 postgresql92-server<9.2.18 denial-of-service https://access.redhat.com/security/cve/CVE-2016-5423 postgresql93-server<9.3.14 denial-of-service https://access.redhat.com/security/cve/CVE-2016-5423 postgresql94-server<9.4.9 denial-of-service https://access.redhat.com/security/cve/CVE-2016-5423 postgresql95-server<9.5.4 denial-of-service https://access.redhat.com/security/cve/CVE-2016-5423 postgresql91-client<9.1.23 privilege-escalation https://access.redhat.com/security/cve/CVE-2016-5424 postgresql92-client<9.2.18 privilege-escalation https://access.redhat.com/security/cve/CVE-2016-5424 postgresql93-client<9.3.14 privilege-escalation https://access.redhat.com/security/cve/CVE-2016-5424 postgresql94-client<9.4.9 privilege-escalation https://access.redhat.com/security/cve/CVE-2016-5424 postgresql95-client<9.5.4 privilege-escalation https://access.redhat.com/security/cve/CVE-2016-5424 gd<2.2.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6161 libgcrypt<1.7.3 insufficiently-random-numbers https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html gnupg<1.4.21 insufficiently-random-numbers https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html p5-DBD-mysql<4.033 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8949 lighttpd<1.4.41 access-bypass http://www.lighttpd.net/2016/7/31/1.4.41/ php{55,56,70,71}-roundcube<1.1.5 cross-site-request-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4069 binutils<2.22 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3509 ruby{18,193,200}-bundler<1.7.3 restriction-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0334 lighttpd<1.4.36 inject-log-entries https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3200 libarchive<3.2.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0211 libarchive<3.2.1 arbitrary-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2304 eog>=3<3.20.4 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6855 ruby{18,21,22,23}-jquery-rails<3.0.1 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6662 python27<2.7.12 man-in-the-middle https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0772 python34<3.4.5 man-in-the-middle https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0772 python35<3.5.2 man-in-the-middle https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0772 python27<2.7.12 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5636 python34<3.4.5 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5636 python35<3.5.2 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5636 python27<2.7.10 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5699 python34<3.4.4 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5699 mailman<2.1.23 cross-site-request-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6893 mailman<2.1.15 cross-site-request-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7123 openoffice3{,-bin}-[0-9]* arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3575 subversion-base<1.7.17 spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3528 subversion-base>=1.4.0<1.7.18 man-in-the-middle https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3522 libvncserver-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6054 webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0005.html webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0005.html webkit-gtk<2.12.4 multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0005.html qemu<2.6.1 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4952 qemu<2.6.1 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5106 qemu<2.6.1 local-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5105 qemu<2.6.1 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5107 libVNCServer<0.9.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055 xenkernel45<4.5.3nb3 privilege-elevation http://xenbits.xen.org/xsa/advisory-185.html xenkernel45>=4.5.3<4.5.3nb3 privilege-elevation http://xenbits.xen.org/xsa/advisory-186.html xenkernel45<4.5.3nb3 denial-of-service http://xenbits.xen.org/xsa/advisory-187.html xenkernel46<4.6.3nb1 privilege-elevation http://xenbits.xen.org/xsa/advisory-185.html xenkernel46>=4.6.3<4.6.3nb1 privilege-elevation http://xenbits.xen.org/xsa/advisory-186.html xenkernel46<4.6.3nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-187.html libidn<1.33 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8948 libidn<1.33 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6261 libidn<1.33 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6262 libidn<1.33 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6263 py{27,34,35}-trytond>=3.8<3.8.8 multiple-vulnerabilities http://www.tryton.org/posts/security-release-for-issue5795-and-issue5808.html libcrack<2.7nb2 privilege-elevation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6318 qemu<2.7.0 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6351 asterisk>=13.0<13.11.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-006.html asterisk>=13.0<13.11.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-007.html asterisk>=11.0<11.23.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-007.html wireshark>=2.0<2.0.6 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-50.html wireshark>=2.0<2.0.6 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-51.html wireshark>=2.0<2.0.6 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-52.html wireshark>=2.0<2.0.6 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-53.html wireshark>=2.0<2.0.6 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-54.html wireshark>=2.0<2.0.6 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-55.html php70-curl<7.0.10 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7134 php>=7.0<7.0.10 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7133 php70-wddx<7.0.10 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7132 php56-wddx<5.6.25 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7132 php70-wddx<7.0.10 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7130 php56-wddx<5.6.25 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7130 php70-wddx<7.0.10 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7131 php56-wddx<5.6.25 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7131 php70-exif<7.0.10 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7128 php56-exif<5.6.25 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7128 php70-wddx<7.0.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7129 php56-wddx<5.6.25 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7129 php70-gd<7.0.10 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7127 php56-gd<5.6.25 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7127 php70-gd<7.0.10 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7126 php56-gd<5.6.25 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7126 php>=7.0<7.0.10 php-object-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7125 php<5.6.25 php-object-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7125 php>=7.0<7.0.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7124 php<5.6.25 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7124 adobe-flash-plugin<11.2.202.635 restriction-bypass https://helpx.adobe.com/security/products/flash-player/apsb16-29.html mysql-server>5.5<5.5.52 privilege-escalation https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html mysql-server>5.6<5.6.33 privilege-escalation https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html mysql-server>5.7<5.7.15 privilege-escalation https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html mariadb-server<5.5.51 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6662 curl<7.50.3 heap-overflow https://curl.haxx.se/docs/adv_20160914.html cryptopp-[0-9]* sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7420 openssl>=1.0.2<1.0.2i denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2179 openssl>=1.0.2<1.0.2i denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2181 openssl>=1.0.2<1.0.2i denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2182 openssl>=1.0.2<1.0.2i denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6302 openssl>=1.0.2<1.0.2i denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6303 php{54,55,56}-owncloud>9.0.0<9.0.4 cross-site-scripting https://owncloud.org/security/advisory/?id=oc-sa-2016-011 php<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7411 php56-mysql<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412 php56-mysqli<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412 php56-wddx<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7413 php<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7414 php56-intl<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7416 php<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7417 php56-wddx<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7418 php70-mysql<7.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412 php70-mysqli<7.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412 php70-wddx<7.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7413 php>=7.0<7.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7414 php70-intl<7.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7416 php>=7.0<7.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7417 php70-wddx<7.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7418 irssi>=0.8.17<0.8.20 multiple-vulnerabilities https://irssi.org/security/irssi_sa_2016.txt openjpeg<2.1.2 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7163 flex<2.6.1 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6354 zookeeper<3.4.9 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5017 mupdf<1.9anb2 denial-of-service https://security-tracker.debian.org/tracker/CVE-2016-6265 mupdf<1.9anb3 denial-of-service https://security-tracker.debian.org/tracker/CVE-2016-6525 tiff<4.0.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3990 php{55,56,70,71}-owncloud<9.0.4 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7419 icu<58.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7415 firefox<49.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox49 firefox45<45.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr45.4 powerdns<3.4.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5426 powerdns<3.4.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5427 powerdns<4.0.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6172 openssl>=1.0.1<1.0.1u multiple-vulnerabilities https://www.openssl.org/news/secadv/20160922.txt openssl>=1.1.0<1.1.0a multiple-vulnerabilities https://www.openssl.org/news/secadv/20160922.txt openssl>=1.1.0<1.1.0b use-after-free https://www.openssl.org/news/secadv/20160926.txt openssl>=1.0.2i<1.0.2j null-pointer-dereference https://www.openssl.org/news/secadv/20160926.txt bind<9.9.9pl3 denial-of-service https://kb.isc.org/article/AA-01419/0 bind<9.9.9pl3 denial-of-service https://kb.isc.org/article/AA-01433/74/CVE-2016-2848 bind<9.10.4pl3 denial-of-service https://kb.isc.org/article/AA-01419/0 py{27,34,35}-django<1.8.15 cross-site-request-forgeries https://www.djangoproject.com/weblog/2016/sep/26/security-releases/ py{27,34,35}-django>=1.9<1.9.10 cross-site-request-forgeries https://www.djangoproject.com/weblog/2016/sep/26/security-releases/ file-roller>=3.5.4<3.20.2 local-file-delete https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7162 gd<2.2.3nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7568 php55-gd<5.5.38nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7568 php56-gd<5.6.24nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7568 php70-gd<7.0.9nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7568 php71-gd<7.1.0beta1nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7568 p5-DBD-mysql<4.037 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1246 wget<1.18nb3 local-security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7098 qemu<2.7.0nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7907 qemu<2.7.0nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7908 qemu<2.7.0nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7909 qemu<2.7.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7161 inspircd<2.0.23 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7142 irssi<0.8.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7044 drupal>=8<8.1.10 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2016-004 clamav<0.99.2 multiple-vulnerabilities http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html libcares<1.12.0 arbitrary-code-execution https://c-ares.haxx.se/adv_20160929.html mongodb<3.4.0 sensitive-information-disclosure https://jira.mongodb.org/browse/SERVER-25335 gdk-pixbuf2<2.35.3 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6352 adodb<5.20.7 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7405 openjpeg<2.1.2 null-pointer-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7445 freerdp<1.1.0b2013071101 null-pointer-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4118 freerdp<1.1.0b2013071101 null-pointer-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4119 p5-DBD-mysql<4.037 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1246 tiff<4.0.7 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3619 tiff<4.0.7 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3620 tiff<4.0.7 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3621 tiff<4.0.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622 tiff<4.0.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623 tiff<4.0.7 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624 tiff<4.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3625 tiff<4.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3631 tiff<4.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3633 tiff<4.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3634 tiff<4.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3658 gd<2.2.3 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6905 nss<3.23.0 denial-of-service https://www.mozilla.org/en-US/security/advisories/mfsa2016-61/ nspr<4.12 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1951 nodejs>=6<6.7.0 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/ nodejs>=4<4.6.0 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/ adobe-flash-plugin<11.2.202.637 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-32.html qemu<2.7.0nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7423 xenkernel-[0-9]* information-leak https://xenbits.xen.org/xsa/advisory-190.html pidgin<2.11.0 multiple-vulnerabilities https://www.pidgin.im/news/security/ ap22-modsecurity<2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages shotwell-[0-9]* man-in-the-middle https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1000033 oracle-{jdk,jre}-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixJAVA py{27,34,35}-mysql-connector>2.1<2.1.4 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5598 py{27,34,35}-mysql-connector>2.0<2.0.5 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5598 mysql-client>5.5<5.5.53 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL mysql-server>5.5<5.5.53 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL mysql-client>5.6<5.6.34 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL mysql-server>5.6<5.6.34 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL mysql-client>5.7<5.7.16 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL mysql-server>5.7<5.7.16 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL openjpeg<2.1.2 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8332 openjpeg<2.2.0 null-pointer-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9114 openjpeg<2.2.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9117 openjpeg<2.2.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9115 openjpeg<2.2.0 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9118 openjpeg<2.2.0 null-pointer-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9113 openjpeg<2.2.0 null-pointer-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9116 openjpeg<2.2.0 floating-point-exception https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9112 tiff<4.0.8 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8331 moodle-[0-9]* information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7919 botan>1.11.29<1.11.32 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8871 tor<0.2.8.9 denial-of-service https://blog.torproject.org/blog/tor-0289-released-important-fixes quagga<1.0.20161017 buffer-overflow https://lists.quagga.net/pipermail/quagga-users/2016-October/014478.html argus-[0-9]* stack-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8333 argus-[0-9]* stack-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8335 mupdf<1.10 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7506 mupdf<1.10 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7505 mupdf<1.10 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7504 php>=5.6<5.6.27 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.6.27 php>=7.0<7.0.12 multiple-vulnerabilities https://secure.php.net/ChangeLog-7.php#7.0.12 qemu<2.8.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8577 qemu<2.8.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8576 qemu<2.8.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8667 qemu<2.8.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8578 qemu<2.8.0 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8668 qemu<2.8.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8909 qemu<2.8.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8669 qemu<2.8.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8910 adobe-flash-plugin<11.2.202.643 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-37.html mupdf<1.10 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9136 moodle-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9186 moodle-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9187 moodle-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9188 py{27,34,35}-Pillow<3.3.2 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9189 py{27,34,35}-Pillow<3.3.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9190 bind<9.9.9pl4 denial-of-service https://kb.isc.org/article/AA-01434 bind<9.10.4pl4 denial-of-service https://kb.isc.org/article/AA-01434 libxslt<1.1.29 out-of-bounds-read https://git.gnome.org/browse/libxslt/commit/?id=eb1030de31165b68487f288308f9d1810fed6880 py{26,27}-moin<1.9.9 multiple-vulnerabilities https://www.curesec.com/blog/article/blog/MoinMoin-198-XSS-175.html libX11<1.6.3 multiple-vulnerabilities https://lists.x.org/archives/xorg-announce/2016-October/002720.html libXfixes<5.0.3 integer-overflow https://lists.x.org/archives/xorg-announce/2016-October/002720.html libXi<1.7.7 multiple-vulnerabilities https://lists.x.org/archives/xorg-announce/2016-October/002720.html libXrandr<1.5.1 multiple-vulnerabilities https://lists.x.org/archives/xorg-announce/2016-October/002720.html libXrender<0.9.10 multiple-vulnerabilities https://lists.x.org/archives/xorg-announce/2016-October/002720.html libXtst<1.2.3 integer-overflow https://lists.x.org/archives/xorg-announce/2016-October/002720.html libXv<1.0.11 buffer-overflow https://lists.x.org/archives/xorg-announce/2016-October/002720.html libXvmc<1.0.10 buffer-overflow https://lists.x.org/archives/xorg-announce/2016-October/002720.html subversion-base>1.9<1.9.5 denial-of-service https://subversion.apache.org/security/CVE-2016-8734-advisory.txt p5-SOAP-Lite<1.15 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8978 hdf5<1.8.18 multiple-vulnerabilities http://blog.talosintel.com/2016/11/hdf5-vulns.html p7zip<16.02nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9296 tiff<4.0.7 multiple-vulnerabilities http://www.securityfocus.com/bid/94484 drupal>=7<7.5.2 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2016-005 drupal>=8<8.2.3 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2016-005 libxml2<2.9.4nb1 unauthorized-access https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9318 asterisk>=13.0<13.13.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-008.html asterisk>=14.0<14.2.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-009.html asterisk>=11.0<11.25.1 authentication-bypass http://downloads.digium.com/pub/security/AST-2016-010.html asterisk>=13.0<13.13.1 authentication-bypass http://downloads.digium.com/pub/security/AST-2016-010.html asterisk>=14.0<14.2.1 authentication-bypass http://downloads.digium.com/pub/security/AST-2016-010.html criticalmass<1.0.2nb8 ancient-curl-included http://mail-index.netbsd.org/pkgsrc-changes/2016/12/10/msg149940.html firefox<50.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox50 firefox<50.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox50.0.1 firefox<50.0.2 use-after-free https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox50.0.2 firefox45<45.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr45.5 firefox45<45.5.1 use-after-free https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr45.5.1 thunderbird>=45<45.5 use-after-free https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.5 thunderbird>=45<45.5.1 use-after-free https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.5.1 wireshark>=2.2<2.2.1 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-56.html wireshark>=2.2<2.2.1 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-57.html wireshark>=2.2<2.2.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-58.html wireshark>=2.2<2.2.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-59.html wireshark>=2.2<2.2.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-60.html wireshark>=2.2<2.2.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-61.html wireshark>=2.2<2.2.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-62.html gst-plugins1-good<1.10.2 multiple-vulnerabilities https://gstreamer.freedesktop.org/releases/1.10/#1.10.2 gst-plugins0.10-good-[0-9]* multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3724 p5-DBD-mysql<4.041 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1251 libdwarf-[0-9]* heap-buffer-overflow https://www.prevanders.net/dwarfbug.html#DW201611-006 php56-piwigo-[0-9]* cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9751 libgsf<1.14.41 null-dereference https://github.com/GNOME/libgsf/commit/95a8351a75758cf10b3bf6abae0b6b461f90d9e5 apache>2.4.17<2.4.24 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8740 php{56,70,71}-roundcube<1.1.5 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9920 py{27,34,35}-django<1.8.16 multiple-vulnerabilities https://www.djangoproject.com/weblog/2016/nov/01/security-releases/ py{27,34,35}-django>=1.9<1.9.11 multiple-vulnerabilities https://www.djangoproject.com/weblog/2016/nov/01/security-releases/ py{27,34,35}-django>=1.10<1.10.3 multiple-vulnerabilities https://www.djangoproject.com/weblog/2016/nov/01/security-releases/ qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9106 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9105 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9104 qemu<2.8.0rc0 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9103 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9102 qemu<2.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9101 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7995 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7994 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7466 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7422 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7421 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7170 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7157 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7156 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7155 qemu<2.7.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7116 qemu<2.7.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6888 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6836 qemu<2.6.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6835 qemu<2.7.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6834 qemu<2.7.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6833 qemu<2.7.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6490 qemu<2.7.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4964 gtar-base<1.29 directory-traversal https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6321 phpmyadmin<4.6.4 sensitive-information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-29/ phpmyadmin<4.6.4 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-30/ phpmyadmin<4.6.4 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-31/ phpmyadmin<4.6.4 remote-code-execution https://www.phpmyadmin.net/security/PMASA-2016-32/ phpmyadmin<4.6.4 information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-33/ phpmyadmin<4.6.4 sql-injection https://www.phpmyadmin.net/security/PMASA-2016-34/ phpmyadmin<4.6.4 sql-injection https://www.phpmyadmin.net/security/PMASA-2016-35/ phpmyadmin<4.6.4 symlink-attack https://www.phpmyadmin.net/security/PMASA-2016-36/ phpmyadmin<4.6.4 path-traversal https://www.phpmyadmin.net/security/PMASA-2016-37/ phpmyadmin<4.6.4 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-37/ phpmyadmin<4.6.4 sql-injection https://www.phpmyadmin.net/security/PMASA-2016-39/ phpmyadmin<4.6.4 sql-injection https://www.phpmyadmin.net/security/PMASA-2016-40/ phpmyadmin<4.6.4 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-41/ phpmyadmin<4.6.4 sql-injection https://www.phpmyadmin.net/security/PMASA-2016-42/ phpmyadmin<4.6.4 validation-bypass https://www.phpmyadmin.net/security/PMASA-2016-43/ phpmyadmin<4.6.4 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-45/ phpmyadmin<4.6.4 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-46/ phpmyadmin<4.6.4 authentication-bypass https://www.phpmyadmin.net/security/PMASA-2016-47/ phpmyadmin<4.6.4 information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-48/ phpmyadmin<4.6.4 bypass-protection https://www.phpmyadmin.net/security/PMASA-2016-49/ phpmyadmin<4.6.4 sensitive-information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-50/ phpmyadmin<4.6.4 reflected-file-download https://www.phpmyadmin.net/security/PMASA-2016-51/ phpmyadmin<4.6.4 security-bypass https://www.phpmyadmin.net/security/PMASA-2016-52/ phpmyadmin<4.6.4 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-53/ phpmyadmin<4.6.4 remote-code-execution https://www.phpmyadmin.net/security/PMASA-2016-54/ phpmyadmin<4.6.4 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-55/ phpmyadmin<4.6.4 remote-code-execution https://www.phpmyadmin.net/security/PMASA-2016-56/ phpmyadmin<4.6.5 sensitive-information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-59/ phpmyadmin<4.6.5 remote-security-bypass https://www.phpmyadmin.net/security/PMASA-2016-60/ phpmyadmin<4.6.5 multiple-vulnerabilities https://www.phpmyadmin.net/security/PMASA-2016-63/ phpmyadmin<4.6.5 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-64/ phpmyadmin<4.6.5 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-65/ phpmyadmin<4.6.5 remote-security-bypass https://www.phpmyadmin.net/security/PMASA-2016-66/ phpmyadmin<4.6.5 code-injection https://www.phpmyadmin.net/security/PMASA-2016-67/ phpmyadmin<4.6.5 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-68/ phpmyadmin<4.6.5 multiple-vulnerabilities https://www.phpmyadmin.net/security/PMASA-2016-69/ phpmyadmin<4.6.5 remote-security-bypass https://www.phpmyadmin.net/security/PMASA-2016-70/ phpmyadmin<4.6.5 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-71/ seamonkey<2.40nb7 remote-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/ jasper<1.900.29nb1 buffer-overflow https://github.com/mdadams/jasper/issues/93 modular-xorg-server<1.16.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3418 libXv<1.0.11 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5407 libXtst<1.2.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7952 libXtst<1.2.3 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7951 libXrender<0.9.10 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7950 libXrender<0.9.10 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7949 libXrandr<1.5.1 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7948 libXrandr<1.5.1 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7947 libXi<1.7.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7946 libXi<1.7.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7945 libX11<1.6.4 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7943 libX11<1.6.4 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7942 libXvMC<1.0.10 buffer-underflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7953 libXfixes<5.0.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7944 ImageMagick<7.0.2.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6491 p7zip<16.0 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2334 adobe-flash-plugin<24.0.0.186 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-39.html pcre<8.38 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5073 pcre<8.38 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3210 pcre<8.38 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3217 pcre<8.38 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5073 pcre2<10.10 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3210 py{27,34,35}-bottle<0.12.11 crlf-attack https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9964 libupnp<1.6.21 remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6255 libupnp<1.6.21 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8863 tigervnc-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8241 w3m<0.5.3.0.20161218 multiple-vulnerabilities https://github.com/tats/w3m/commit/b3805049f2add9226f6eac1b534626c4e5d9da52 rabbitmq<3.6.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8786 nagios-base<4.2.2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9565 nagios-base<4.2.4 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9566 firefox<50.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-94/ firefox45<45.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/ php>=5.6<5.6.28 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9933 php>=7.0<7.0.13 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9933 php>=7.1<7.1.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9933 php>=5.6<5.6.28 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934 php>=7.0<7.0.13 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934 php>=7.1<7.1.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934 php>=5.6<5.6.29 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9935 php>=7.0<7.0.14 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9935 php>=7.0<7.0.14 use-after-free https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9936 php>=7.1<7.1.0 use-after-free https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9936 lynx<2.8.8.2nb5 information-leak http://seclists.org/oss-sec/2016/q4/322 php{56,70,71}-roundcube<1.2.0 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4552 py{27,34,35}-docx<0.8.6 xml-external-entity https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5851 ffmpeg2-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6671 ffmpeg3<3.1.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6671 ffmpeg1-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6881 ffmpeg2-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6881 ffmpeg3<3.1.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6881 ffmpeg1-[0-9]* multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2016/10/08/1 ffmpeg2-[0-9]* multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2016/10/08/1 ffmpeg3<3.1.4 multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2016/10/08/1 ffmpeg3<3.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9561 ffmpeg2-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8595 ffmpeg3<3.1.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8595 openjpeg<1.5.2 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9675 libxml2<2.9.4nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5131 libxml2<2.9.4nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4658 kdesu<5.7.5 dialog-spoofing https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7787 qemu<2.8.1 denial-of-service https