吉祥寺北口システムが気になった記事をクリップしています。タイトルから元記事にリンクしています。タグは記事タイトルを形態素分析しています。たまにコメントをつけています。

oss-sec

• oss-sec: Security Advisory 2022-01 for PowerDNS Authoritative Server 4.4.2, 4.5.3, 4.6.0 and PowerDNS Recursor 4.4.7, 4.5.7, 4.6.0
  • 2022(1916)
  • 4.4.2(1)
  • 4.4.7(1)
  • 4.5.3(1)
  • 4.5.7(1)
  • 4.6.0(1)
  • Advisory(250)
  • and(3289)
  • Authoritative(17)
  • for(5179)
  • oss-sec(64)
  • PowerDNS(36)
  • Recursor(17)
  • Security(5710)
  • Server(698)
• oss-sec: libssh: Possible heap-buffer overflow when rekeying (CVE-2021-3634)
  • 2021(2113)
  • 3634(1)
  • CVE-(1427)
  • heap-buffer(2)
  • libssh(10)
  • oss-sec(64)
  • overflow(107)
  • possible(27)
  • rekeying(1)
  • when(84)
• oss-sec: Various security fixes in sudo 1.9.5 (CVE-2021-23239, CVE-2021-23240)
  • 1.9.5(1)
  • 2021(2113)
  • 23239(1)
  • 23240(1)
  • CVE-(1427)
  • fixes(57)
  • in(2447)
  • oss-sec(64)
  • Security(5710)
  • sudo(16)
  • various(6)
• oss-sec: [SECURITY] CVE-2020-13943 Apache Tomcat HTTP/2 Request mix-up
  • 13943(1)
  • 2020(1856)
  • apache(513)
  • CVE-(1427)
  • HTTP(335)
  • mix-up(1)
  • oss-sec(64)
  • request(43)
  • Security(5710)
  • Tomcat(109)
• oss-sec: PowerDNS Recursor 4.3.5, 4.2.5. and 4.1.18 released fixing a cache pollution issue (CVE-2020-25829)
  • 2020(1856)
  • 25829(1)
  • 4.1.18(1)
  • 4.2.5(1)
  • 4.3.5(2)
  • and(3289)
  • cache(25)
  • CVE-(1427)
  • fixing(9)
  • Issue(79)
  • oss-sec(64)
  • Pollution(5)
  • PowerDNS(36)
  • Recursor(17)
  • released(209)
• oss-sec: [ADVISORY] SQUID-2020:4 Multiple issues in HTTP Digest authentication
  • 2020(1856)
  • Advisory(250)
  • authentication(69)
  • Digest(4)
  • HTTP(335)
  • in(2447)
  • issues(108)
  • multiple(132)
  • oss-sec(64)
  • squid(17)
• oss-sec: [ADVISORY] SQUID-2019:12 Multiple issues in ESI Response processing
  • 12(1322)
  • 2019(1756)
  • Advisory(250)
  • ESI(1)
  • in(2447)
  • issues(108)
  • multiple(132)
  • oss-sec(64)
  • Processing(27)
  • response(312)
  • squid(17)
• oss-sec: Multiple vulnerabilities in Dovecot IMAP server
  • Dovecot(6)
  • IMAP(3)
  • in(2447)
  • multiple(132)
  • oss-sec(64)
  • Server(698)
  • Vulnerabilities(210)
• oss-sec: Short notes on qmail security guarantee
  • Guarantee(4)
  • Notes(225)
  • on(1868)
  • oss-sec(64)
  • qmail(1)
  • Security(5710)
  • Short(10)
• oss-sec: CVE-2019-19722: Critical vulnerability in Dovecot
  • 19722(1)
  • 2019(1756)
  • Critical(213)
  • CVE-(1427)
  • Dovecot(6)
  • in(2447)
  • oss-sec(64)
  • Vulnerability(515)
• oss-sec: Multiple vulnerabilities fixed in Git
  • Fixed(44)
  • Git(64)
  • in(2447)
  • multiple(132)
  • oss-sec(64)
  • Vulnerabilities(210)
• oss-sec: Exim CVE-2019-16928 RCE using a heap-based buffer overflow
  • 16928(2)
  • 2019(1756)
  • Buffer(37)
  • CVE-(1427)
  • Exim(15)
  • heap-based(3)
  • oss-sec(64)
  • overflow(107)
  • RCE(30)
  • using(213)
• oss-sec: CVE-2019-10222: ceph: unauthenticated clients can crash RGW
  • 10222(1)
  • 2019(1756)
  • can(241)
  • Ceph(11)
  • Clients(4)
  • Crash(19)
  • CVE-(1427)
  • oss-sec(64)
  • RGW(1)
  • Unauthenticated(13)
• oss-sec: WebKitGTK and WPE WebKit Security Advisory WSA-2019-0004
  • 0004(3)
  • 2019(1756)
  • Advisory(250)
  • and(3289)
  • oss-sec(64)
  • Security(5710)
  • WebKit(49)
  • WebKitGTK(2)
  • WPE(1)
  • WSA-(4)
• oss-sec: Security issues in various deepin D-Bus services and tools
  • and(3289)
  • D-Bus(1)
  • deepin(1)
  • in(2447)
  • issues(108)
  • oss-sec(64)
  • Security(5710)
  • Services(6355)
  • Tools(127)
  • various(6)
• oss-sec: Multiple vulnerabilities in Jenkins plugins
  • in(2447)
  • Jenkins(18)
  • multiple(132)
  • oss-sec(64)
  • PlugIns(17)
  • Vulnerabilities(210)
• oss-sec: [SECURITY ADVISORY] curl: TFTP receive buffer overflow
  • Advisory(250)
  • Buffer(37)
  • cURL(37)
  • oss-sec(64)
  • overflow(107)
  • Receive(6)
  • Security(5710)
  • TFTP(1)
• oss-sec: [SECURITY ADVISORY] curl: Integer overflows in curl_url_set
  • Advisory(250)
  • cURL(37)
  • in(2447)
  • Integer(7)
  • oss-sec(64)
  • overflows(2)
  • Security(5710)
  • Set(38)
  • URL(188)
• oss-sec: Multiple vulnerabilities in Dovecot 2.3
  • 2.3(17)
  • Dovecot(6)
  • in(2447)
  • multiple(132)
  • oss-sec(64)
  • Vulnerabilities(210)
• oss-sec: CVE-2018-5407: new side-channel vulnerability on SMT/Hyper-Threading architectures
  • 2018(1526)
  • 5407(2)
  • Architectures(4)
  • CVE-(1427)
  • Hyper-Threading(1)
  • new(1446)
  • on(1868)
  • oss-sec(64)
  • side-channel(8)
  • SMT(3)
  • Vulnerability(515)
• oss-sec: [SECURITY] Apache SpamAssassin 3.4.2 resolves CVE-2017-15705, CVE-2016-1238, CVE-2018-11780 & CVE-2018-11781
  • 11780(1)
  • 11781(1)
  • 1238(3)
  • 15705(1)
  • 2016(235)
  • 2017(1203)
  • 2018(1526)
  • 3.4.2(1)
  • apache(513)
  • CVE-(1427)
  • oss-sec(64)
  • resolves(2)
  • Security(5710)
  • SpamAssassin(1)
• oss-sec: OpenSSH Username Enumeration
  • Enumeration(4)
  • OpenSSH-(49)
  • oss-sec(64)
  • Username(3)
• oss-sec: GNU Wget Cookie Injection [CVE-2018-0494]
  • 0494(1)
  • 2018(1526)
  • Cookie(141)
  • CVE-(1427)
  • GNU(53)
  • Injection(59)
  • oss-sec(64)
  • Wget(15)
• oss-sec: Announce: OpenSSH 7.7 released
  • 7.7(5)
  • announce(92)
  • OpenSSH-(49)
  • oss-sec(64)
  • released(209)
• oss-sec: GNU patch out of bounds read, null pointer crash and double free
  • and(3289)
  • bounds(5)
  • Crash(19)
  • Double(22)
  • Free(274)
  • GNU(53)
  • Null(28)
  • of(3341)
  • oss-sec(64)
  • out(146)
  • Patch(106)
  • Pointer(6)
  • read(39)
• oss-sec: PowerDNS Security Advisory 2017-08
  • 08(63)
  • 2017(1203)
  • Advisory(250)
  • oss-sec(64)
  • PowerDNS(36)
  • Security(5710)
• oss-sec: [ANNOUNCE] CVE-2017-5646: Apache Knox Impersonation Issue for WebHDFS
  • 2017(1203)
  • 5646(1)
  • announce(92)
  • apache(513)
  • CVE-(1427)
  • for(5179)
  • Impersonation(3)
  • Issue(79)
  • Knox(2)
  • oss-sec(64)
  • WebHDFS(1)
• oss-sec: CVE-2017-8301: TLS verification vulnerability in LibreSSL 2.5.1 – 2.5.3
  • 2.5.1(2)
  • 2.5.3(2)
  • 2017(1203)
  • 8301(1)
  • CVE-(1427)
  • in(2447)
  • LibreSSL(30)
  • oss-sec(64)
  • TLS(194)
  • Verification(26)
  • Vulnerability(515)
• oss-sec: CVE-2017-7692: Squirrelmail 1.4.22 Remote Code Execution
  • 1.4.22(1)
  • 2017(1203)
  • 7692(1)
  • Code(400)
  • CVE-(1427)
  • execution(116)
  • oss-sec(64)
  • Remote(203)
  • Squirrelmail(1)
• oss-sec: Linux kernel: CVE-2017-6074: DCCP double-free vulnerability (local root)
  • 2017(1203)
  • 6074(3)
  • CVE-(1427)
  • DCCP(1)
  • double-free(3)
  • Kernel(80)
  • Linux(1215)
  • local(78)
  • oss-sec(64)
  • root(52)
  • Vulnerability(515)
• oss-sec: Libtiff 4.0.7 release fixes many security issues
  • 4.0.7(2)
  • fixes(57)
  • issues(108)
  • libtiff(4)
  • many(13)
  • oss-sec(64)
  • Release(853)
  • Security(5710)
• oss-sec: ffmpeg before 3.1.4 [CVE-2016-7562] [CVE-2016-7122] [CVE-2016-7450] [CVE-2016-7502] [CVE-2016-7555] [CVE-2016-7785] [CVE-2016-7905]
  • Before(22)
  • CVE-(1427)
  • FFmpeg(11)
  • oss-sec(64)
• oss-sec: [ANNOUNCE][CVE-2016-6802] Apache Shiro 1.3.2 released
  • announce(92)
  • apache(513)
  • CVE-(1427)
  • oss-sec(64)
  • released(209)
  • Shiro(2)
• oss-sec: CVE request for Dropbear SSH
  • CVE-(1427)
  • Dropbear(2)
  • for(5179)
  • oss-sec(64)
  • request(43)
  • SSH(59)
• oss-sec: PowerDNS Security Advisory 2016-01: Crafted queries can cause unexpected backend load
  • Advisory(250)
  • Backend(21)
  • can(241)
  • cause(17)
  • Crafted(5)
  • Load(62)
  • oss-sec(64)
  • PowerDNS(36)
  • Queries(8)
  • Security(5710)
  • Unexpected(6)
• oss-sec: GraphicsMagick 1.3.25 fixes some security issues
  • fixes(57)
  • GraphicsMagick(1)
  • issues(108)
  • oss-sec(64)
  • Security(5710)
  • some(41)
• oss-sec: [Announce] CVE-2016-4437: Apache Shiro information disclosure vulnerability
  • announce(92)
  • apache(513)
  • CVE-(1427)
  • disclosure(47)
  • INFORMATION(226)
  • oss-sec(64)
  • Shiro(2)
  • Vulnerability(515)
• oss-sec: CVE request: OpenNTPD not verifying CN during HTTPS constraints request
  • cn(9)
  • constraints(3)
  • CVE-(1427)
  • during(53)
  • HTTPS(417)
  • Not(117)
  • oss-sec(64)
  • request(43)
  • verifying(1)
• oss-sec: Moodle security release 3.0.4, 2.9.6, 2.8.12, 2.7.14
  • Moodle(29)
  • oss-sec(64)
  • Release(853)
  • Security(5710)
• oss-sec: CVE-2015-1776: Apache Hadoop MapReduce, disclosure of encrypted data
  • apache(513)
  • CVE-(1427)
  • data(834)
  • disclosure(47)
  • encrypted(12)
  • Hadoop(70)
  • MapReduce(15)
  • of(3341)
  • oss-sec(64)
• oss-sec: CVE-2016-1281: TrueCrypt and VeraCrypt Windows installers allow arbitrary code execution with elevation of privilege
  • Allow(28)
  • and(3289)
  • Arbitrary(26)
  • Code(400)
  • CVE-(1427)
  • Elevation(11)
  • execution(116)
  • installers(2)
  • of(3341)
  • oss-sec(64)
  • privilege(44)
  • TrueCrypt(3)
  • VeraCrypt(1)
  • Windows(3425)
  • with(1607)
• oss-sec: Status of CVE-2015-8126: libpng buffer overflow in png_set_PLTE
  • Buffer(37)
  • CVE-(1427)
  • in(2447)
  • libpng(4)
  • of(3341)
  • oss-sec(64)
  • overflow(107)
  • PLTE(2)
  • PNG(24)
  • Set(38)
  • Status(51)
• oss-sec: CVE request: libpng buffer overflow in png_set_PLTE
  • Buffer(37)
  • CVE-(1427)
  • in(2447)
  • libpng(4)
  • oss-sec(64)
  • overflow(107)
  • PLTE(2)
  • PNG(24)
  • request(43)
  • Set(38)
• oss-sec: Buffer overflow in libxml2
  • Buffer(37)
  • in(2447)
  • libxml(2)
  • oss-sec(64)
  • overflow(107)
• oss-sec: CVE Request: MediaWiki 1.25.3, 1.24.4 and 1.23.11
  • and(3289)
  • CVE-(1427)
  • MediaWiki(8)
  • oss-sec(64)
  • request(43)
• oss-sec: Qualys Security Advisory – LibreSSL (CVE-2015-5333 and CVE-2015-5334)
  • Advisory(250)
  • and(3289)
  • CVE-(1427)
  • LibreSSL(30)
  • oss-sec(64)
  • qualys(10)
  • Security(5710)
• oss-sec: [oCERT-2015-009] VLC arbitrary pointer dereference
  • Arbitrary(26)
  • dereference(2)
  • oCERT(3)
  • oss-sec(64)
  • Pointer(6)
  • VLC(21)
• oss-sec: [CVE-2015-3253] Apache Groovy Zero-Day Vulnerability Disclosure
  • apache(513)
  • CVE-(1427)
  • disclosure(47)
  • Groovy(9)
  • oss-sec(64)
  • Vulnerability(515)
  • Zero-Day(41)
• oss-sec: CVE-2015-3281 HAProxy information leak vulnerability
  • CVE-(1427)
  • HAProxy(7)
  • INFORMATION(226)
  • Leak(33)
  • oss-sec(64)
  • Vulnerability(515)
• oss-sec: Xen Security Advisory 137 (CVE-2015-3259) – xl command line config handling stack overflow
  • Advisory(250)
  • Command(76)
  • Config(63)
  • CVE-(1427)
  • Handling(17)
  • LINE(2409)
  • oss-sec(64)
  • overflow(107)
  • Security(5710)
  • Stack(107)
  • Xen(17)
  • XL(29)
• oss-sec: [ANNOUNCE] Apache Directory LDAP API 1.0.0-M31 released
  • announce(92)
  • apache(513)
  • API(1104)
  • Directory(82)
  • LDAP(11)
  • M-(8)
  • oss-sec(64)
  • released(209)
• oss-sec: Linux-PAM 1.2.1 released to address CVE-2015-3238
  • address(42)
  • CVE-(1427)
  • Linux-PAM(1)
  • oss-sec(64)
  • released(209)
  • to(3295)
• oss-sec: CVE-2015-3243 rsyslog: some log files are created world-readable
  • Are(214)
  • created(16)
  • CVE-(1427)
  • files(67)
  • log(103)
  • oss-sec(64)
  • rsyslog(1)
  • some(41)
  • world-readable(1)
• oss-sec: Re: PHP 5.6.10 / 5.5.26 / 5.4.42 CVE request
  • CVE-(1427)
  • oss-sec(64)
  • PHP(175)
  • RE(100)
  • request(43)
• oss-sec: PHP 5.6.10 / 5.5.26 / 5.4.42 CVE request
  • CVE-(1427)
  • oss-sec(64)
  • PHP(175)
  • request(43)
• oss-sec: CVE-2015-1835: Remote exploit of secondary configuration variables in Apache Cordova on Android
  • Android(2148)
  • apache(513)
  • configuration(20)
  • Cordova(17)
  • CVE-(1427)
  • Exploit(79)
  • in(2447)
  • of(3341)
  • on(1868)
  • oss-sec(64)
  • Remote(203)
  • secondary(5)
  • variables(3)
• oss-sec: CVE-2015-3200 Log injection in Lighttpd
  • CVE-(1427)
  • in(2447)
  • Injection(59)
  • Lighttpd(6)
  • log(103)
  • oss-sec(64)
• oss-sec: Moodle security advisories [vs]
  • Advisories(69)
  • Moodle(29)
  • oss-sec(64)
  • Security(5710)
  • vs(87)
• oss-sec: Docker 1.6.1 – Security Advisory [150507]
  • Advisory(250)
  • Docker(273)
  • oss-sec(64)
  • Security(5710)
• oss-sec: proftpd: Unauthenticated copying of files via SITE CPFR/CPTO allowed by mod_copy
  • allowed(2)
  • by(1069)
  • copy(18)
  • copying(1)
  • CPFR(1)
  • CPTO(1)
  • files(67)
  • mod(34)
  • of(3341)
  • oss-sec(64)
  • proftpd(7)
  • site(432)
  • Unauthenticated(13)
  • via(72)
• oss-sec: New Rootkit – Lightweight rootkit implemented by bash shell scripts v0.10
  • Bash(43)
  • by(1069)
  • implemented(2)
  • Lightweight(11)
  • new(1446)
  • oss-sec(64)
  • rootkit(9)
  • scripts(9)
  • shell(51)
• oss-sec: WebKitGTK Security Advisory WSA-2015-0001
  • Advisory(250)
  • oss-sec(64)
  • Security(5710)
  • WebKitGTK(2)
  • WSA-(4)
• oss-sec: Multiple vulnerabilities in LibTIFF and associated tools
  • and(3289)
  • associated(21)
  • in(2447)
  • libtiff(4)
  • multiple(132)
  • oss-sec(64)
  • Tools(127)
  • Vulnerabilities(210)
• oss-sec: Re: CVE Request: Mediawiki security releases 1.24.1, 1.23.8, 1.22.15 and 1.19.23
  • and(3289)
  • CVE-(1427)
  • MediaWiki(8)
  • oss-sec(64)
  • RE(100)
  • Releases(636)
  • request(43)
  • Security(5710)