[oss-security] iTerm2 3.5.x title reporting bug
Started by David Leadbeater on 2024-06-15 08:51:21 |
0
|
2024-06-15 08:51:21 by David Leadbeater
|
[oss-security] Security vulnerability in fprintd
Started by Yaron Shahrabani on 2024-05-30 11:49:19 |
5
|
2024-06-14 19:17:05 by Mark Esler
|
[oss-security] CVE-2024-25142: Apache Airflow: Cache Control - Storage of Sensitive Data in Browser Cache
Started by Jarek Potiuk on 2024-06-13 15:10:58 |
0
|
2024-06-13 15:10:58 by Jarek Potiuk
|
[oss-security] Re: CVE-2024-35235 cups: Cupsd Listen arbitrary chmod 0140777
Started by Tavis Ormandy on 2024-06-12 23:08:00 |
1
|
2024-06-12 23:12:29 by Matthew Fernandez
|
[oss-security] CVE-2024-36265: Apache Submarine Server Core: authorization bypass
Started by Arnout Engelen on 2024-06-12 15:56:05 |
0
|
2024-06-12 15:56:05 by Arnout Engelen
|
[oss-security] CVE-2024-36264: Apache Submarine Commons Utils: default secret
Started by Arnout Engelen on 2024-06-12 15:53:43 |
0
|
2024-06-12 15:53:43 by Arnout Engelen
|
[oss-security] CVE-2024-36263: Apache Submarine Server Core: SQL injection
Started by Arnout Engelen on 2024-06-12 15:51:01 |
0
|
2024-06-12 15:51:01 by Arnout Engelen
|
[oss-security] CVE-2024-35235 cups: Cupsd Listen arbitrary chmod 0140777
Started by Zdenek Dohnal on 2024-06-11 14:11:10 |
0
|
2024-06-11 14:11:10 by Zdenek Dohnal
|
[oss-security] CVE-2024-36471: Apache Allura: sensitive information exposure via DNS rebinding
Started by David Philip Brondsema on 2024-06-10 16:20:14 |
0
|
2024-06-10 16:20:14 by David Philip Brondsema
|
Re: [oss-security] vte 0.76.3 released with fix for CVE-2024-37535
Started by Solar Designer on 2024-06-09 21:00:59 |
0
|
2024-06-09 21:00:59 by Solar Designer
|
[oss-security] CVE-2024-36104: Apache OFBiz: Path traversal leading to a RCE
Started by Jacques Le Roux on 2024-06-03 12:59:39 |
0
|
2024-06-03 12:59:39 by Jacques Le Roux
|
[oss-security] nginx HTTP/3 security issues/fixes
Started by Solar Designer on 2024-05-30 14:50:46 |
0
|
2024-05-30 14:50:46 by Solar Designer
|
[oss-security] List linux CVEs for a given stable release?
Started by Dominique Martinet on 2024-05-29 02:13:04 |
3
|
2024-05-30 11:47:11 by Greg Kroah-Hartman
|
[oss-security] OpenSSL Security Advisory
Started by Matt Caswell on 2024-05-28 15:29:09 |
0
|
2024-05-28 15:29:09 by Matt Caswell
|
[oss-security] HNS-2024-06 - HN Security Advisory - Multiple vulnerabilities in Eclipse ThreadX
Started by Marco Ivaldi on 2024-05-28 13:00:40 |
0
|
2024-05-28 13:00:40 by Marco Ivaldi
|
[oss-security] The GNU C Library security advisories update for 2024-04-17: GLIBC-SA-2024-0004/CVE-2024-2961: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence
Started by Adhemerval Zanella Netto on 2024-04-17 17:43:59 |
8
|
2024-05-27 13:11:49 by Charles Fol
|
[oss-security] path traversal in tar extract in intel cve-bin-tool
Started by houjingyi on 2024-05-26 14:28:51 |
0
|
2024-05-26 14:28:51 by houjingyi
|
[oss-security] gnome-remote-desktop: D-Bus system service in GNOME release 46 local information leaks (CVE-2024-5148)
Started by Matthias Gerstner on 2024-05-24 09:40:29 |
0
|
2024-05-24 09:40:29 by Matthias Gerstner
|
[oss-security] WebKitGTK and WPE WebKit Security Advisory WSA-2024-0003
Started by Adrian Perez de Castro on 2024-05-21 14:00:30 |
0
|
2024-05-21 14:00:30 by Adrian Perez de Castro
|
Re: [oss-security] Article: State of Sandboxing in Linux
Started by Solar Designer on 2024-05-20 12:10:06 |
0
|
2024-05-20 12:10:06 by Solar Designer
|
[oss-security] Linux: Disabling network namespaces
Started by Solar Designer on 2024-04-14 19:13:09 |
20
|
2024-05-17 15:30:42 by Mickaël Salaün
|
[oss-security] CVE-2024-34058: Nethserver 7 & 8 stored cross-site scripting (XSS) in WebTop package
Started by Andrea Intilangelo on 2024-05-16 19:56:53 |
0
|
2024-05-16 19:56:53 by Andrea Intilangelo
|
[oss-security] OpenSSL Security Advisory [corrected CVE id]
Started by Tomas Mraz on 2024-05-16 16:11:19 |
0
|
2024-05-16 16:11:19 by Tomas Mraz
|
[oss-security] OpenSSL Security Advisory
Started by Tomas Mraz on 2024-05-16 15:33:08 |
0
|
2024-05-16 15:33:08 by Tomas Mraz
|
[oss-security] CVE-2024-21823: Intel DSA and Intel IAA advisory
Started by Alan Coopersmith on 2024-05-15 17:50:46 |
0
|
2024-05-15 17:50:46 by Alan Coopersmith
|
[oss-security] CVE-2024-32077: Apache Airflow: XSS vulnerability in Task Instance Log/Log Details
Started by Ephraim Anierobi on 2024-05-14 12:24:37 |
0
|
2024-05-14 12:24:37 by Ephraim Anierobi
|
[oss-security] Microsoft Device Firmware Configuration Interface (DFCI) in Linux efivars directory
Started by Corey Lopez on 2024-05-11 11:03:21 |
4
|
2024-05-13 15:46:50 by Jacob Bachmeyer
|
[oss-security] PowerDNS Security Advisory 2024-03: Transfer requests received over DoH can lead to a denial of service in DNSdist
Started by Remi Gacogne on 2024-05-13 10:18:29 |
0
|
2024-05-13 10:18:29 by Remi Gacogne
|
[oss-security] [vim-security] buffer-overlow in xxd with colored output < v9.1.0404
Started by Christian Brabandt on 2024-05-10 12:47:46 |
0
|
2024-05-10 12:47:46 by Christian Brabandt
|
Re: [oss-security] New SMTP smuggling attack
Started by Mark Esler on 2024-04-30 10:14:00 |
7
|
2024-05-09 21:38:38 by Erik Auerswald
|
[oss-security] CVE-2024-34365: Apache Karaf Cave: Cave SSRF and arbitrary file access
Started by Arnout Engelen on 2024-05-09 11:04:34 |
0
|
2024-05-09 11:04:34 by Arnout Engelen
|
[oss-security] [kubernetes] CVE-2024-3744: azure-file-csi-driver discloses service account tokens in logs
Started by Rita Zhang on 2024-05-09 11:01:09 |
0
|
2024-05-09 11:01:09 by Rita Zhang
|
[oss-security] CVE-2024-26579: Apache Inlong JDBC Vulnerability
Started by Charles Zhang on 2024-05-09 10:55:33 |
0
|
2024-05-09 10:55:33 by Charles Zhang
|
[oss-security] CVE-2024-32113: Apache OFBiz: Path traversal leading to RCE
Started by Jacques Le Roux on 2024-05-09 10:52:53 |
0
|
2024-05-09 10:52:53 by Jacques Le Roux
|
[oss-security] Xen Security Advisory 457 v3 (CVE-2024-27393) - Linux/xen-netfront: Memory leak due to missing cleanup function
Started by Xen.org security team on 2024-05-08 22:20:36 |
0
|
2024-05-08 22:20:36 by Xen.org security team
|
[oss-security] [security] Go 1.22.3 and Go 1.21.10 are released
Started by Alan Coopersmith on 2024-05-08 17:32:12 |
0
|
2024-05-08 17:32:12 by Alan Coopersmith
|
Re: [oss-security] CVE-2024-26925: Linux: nf_tables: locking issue in the nf_tables_abort() function
Started by Salvatore Bonaccorso on 2024-05-08 13:23:29 |
0
|
2024-05-08 13:23:29 by Salvatore Bonaccorso
|
[oss-security] Xen Security Advisory 457 v2 - Linux/xen-netfront: Memory leak due to missing cleanup function
Started by Xen.org security team on 2024-05-08 11:05:01 |
0
|
2024-05-08 11:05:01 by Xen.org security team
|
[oss-security] Xen Security Advisory 457 v1 - Linux/xen-netback: Memory leak due to missing cleanup function
Started by Xen.org security team on 2024-05-07 17:15:53 |
0
|
2024-05-07 17:15:53 by Xen.org security team
|
[oss-security] Xen Security Advisory 456 v3 (CVE-2024-2201) - x86: Native Branch History Injection
Started by Xen.org security team on 2024-05-07 17:13:19 |
0
|
2024-05-07 17:13:19 by Xen.org security team
|
[oss-security] GLib (2.26.0+): GDBus signal subscriptions for well-known names are vulnerable to unicast spoofing
Started by Philip Withnall on 2024-05-07 15:10:43 |
0
|
2024-05-07 15:10:43 by Philip Withnall
|
[oss-security] HNS-2024-07 - HN Security Advisory - Multiple vulnerabilities in RIOT OS
Started by Marco Ivaldi on 2024-05-07 10:55:16 |
0
|
2024-05-07 10:55:16 by Marco Ivaldi
|
[oss-security] CVE-2024-28148: Apache Superset: Incorrect datasource authorization on explore REST API
Started by Daniel Gaspar on 2024-05-07 10:52:48 |
0
|
2024-05-07 10:52:48 by Daniel Gaspar
|
[oss-security] CVE-2023-49606, CVE-2023-40533: memory safety vulnerabilities in tinyproxy <=1.11.1
Started by Valtteri Vuorikoski on 2024-05-07 10:49:54 |
0
|
2024-05-07 10:49:54 by Valtteri Vuorikoski
|
[oss-security] The GNU C Library security advisories update for 2024-05-06
Started by Carlos O'Donell on 2024-05-06 19:32:28 |
0
|
2024-05-06 19:32:28 by Carlos O'Donell
|
[oss-security] Fwd: uriparser 0.9.8 released, includes security fixes
Started by Sebastian Pipping on 2024-05-06 10:06:51 |
1
|
2024-05-06 10:32:56 by Solar Designer
|
[oss-security] CVE-2023-35701: Apache Hive: Arbitrary command execution via JDBC driver
Started by Stamatis Zampetakis on 2024-05-03 10:53:02 |
0
|
2024-05-03 10:53:02 by Stamatis Zampetakis
|
Re: [oss-security] escaping terminal control characters (was Re: backdoor in upstream xz/liblzma leading to ssh server compromise)
Started by Sam James on 2024-05-02 21:36:43 |
2
|
2024-05-03 10:50:44 by Steffen Nurpmeso
|
[oss-security] CVE-2024-30251: DoS in aiohttp
Started by Sam Bull on 2024-05-02 14:09:49 |
0
|
2024-05-02 14:09:49 by Sam Bull
|
[oss-security] CVE-2024-32638: Apache APISIX: Forward-Auth Request Smuggling
Started by YuanSheng Wang on 2024-05-02 13:04:33 |
0
|
2024-05-02 13:04:33 by YuanSheng Wang
|