aboutsummaryrefslogtreecommitdiffstats
path: root/security/vuxml/vuln.xml
Commit message (Expand)AuthorAgeFilesLines
* Fix up last commit (tnftp entry):nectar2005-01-071-4/+4
* Document vulnerabilites in tnftpahze2005-01-071-0/+28
* Document several vulnerabilites in tiff.simon2005-01-071-0/+96
* Fill in forgotten `cite' attribute value.nectar2005-01-071-1/+1
* Document a local vulnerability in VIM's modeline handling.nectar2005-01-071-0/+41
* Add a CERT VU reference for the latest Acrobat Reader vulnerability.nectar2005-01-061-0/+5
* Document buffer overflow vulnerabilities in pcal.simon2005-01-061-0/+28
* Add (now deleted) exim-ldap package to latest exim entry.simon2005-01-061-0/+1
* s/le/lt/ on my last commit. it's "<", not "<=".sem2005-01-051-5/+5
* exim -- two relatively minor security issuessem2005-01-051-0/+43
* For the "kdelibs3 -- konqueror FTP command injection vulnerability"simon2005-01-051-2/+2
* Document security issues in golddig, greed, mpg123.josef2005-01-041-0/+95
* Mark open-motif-2.2.3_1 as fixed with regard to the "xpm -- imagesimon2005-01-031-2/+5
* - Note that the port update to up-imapproxy 1.2.2 included a patch tosimon2005-01-021-1/+5
* Document vulnerabilities in up-imapproxy.simon2005-01-021-0/+34
* Add two bugtraq ids to the latest a2ps entry.simon2005-01-021-0/+3
* Document FTP command injection vulnerability in kdelibs3.simon2005-01-011-0/+36
* Improve topic for latest phpbb vulnerability to highlight the mainsimon2004-12-311-1/+2
* Document insecure temporary file creation in a2ps.simon2004-12-311-0/+29
* Add more references to two older entries.simon2004-12-301-1/+5
* Add m odified date to my last commit.josef2004-12-301-0/+1
* libxine is also affected by the mplayer vulnerabilities.josef2004-12-301-1/+8
* Document vulnerability in libxine.josef2004-12-301-0/+24
* Document vulnerability in jabberd1josef2004-12-271-0/+24
* s/kpdf/kdegraphicsjosef2004-12-251-1/+1
* Add ports to xpdf report that come with own xpdf in distfile.josef2004-12-241-0/+21
* Remove duplicate word in the latest squid entry.simon2004-12-231-1/+1
* Document potentially confusing results results on empty ACLsimon2004-12-231-0/+30
* Document multiple vulnerabilities in ethereal.simon2004-12-231-0/+49
* Document a buffer overflow vulnerability in xpdf.simon2004-12-231-0/+31
* Document phpBB vulnerability that exists on phpBB < 2.0.11delphij2004-12-221-0/+34
* Document a vulnerability in acroread.simon2004-12-221-0/+36
* Document a vulnerability in ecartis.simon2004-12-221-0/+30
* Document multiple vulnerabilities in mplayer.simon2004-12-221-0/+40
* Document a heap buffer overflow vulnerability in MIT Kerberos 5.simon2004-12-211-0/+37
* Document an integer overflow vulnerability in samba.simon2004-12-211-0/+40
* Corrected typo (blockquote in wrong place).niels2004-12-201-1/+1
* - Update the corrected version number for recent phpMyAdmin entry to matchsimon2004-12-191-2/+4
* Updates for the latest PHP entry:simon2004-12-191-1/+4
* Correct recent php entry, 4.3.10 and 5.0.3 are fixed.simon2004-12-171-4/+4
* Fix VID for the last commit.sem2004-12-171-1/+1
* Multiple vulnerabilities in PHP. From Secunia report.sem2004-12-171-0/+52
* Added 5 MySQL vulnerabilitiesniels2004-12-161-0/+177
* Document two vulnerabilities in phpMyAdmin.simon2004-12-161-0/+65
* Document multiple vulnerabilities in wget.simon2004-12-151-0/+44
* - Add bugtraqid references to several entries.simon2004-12-131-1/+12
* Document security issue in Konqueror.josef2004-12-131-0/+26
* Document a NULL pointer dereference vulnerability in mod_access_referer.simon2004-12-121-0/+31
* Integrate the following vendor patches as published onsem2004-12-091-0/+27
* Document information leakage in viewcvs.simon2004-12-081-0/+25
* Document a symlink attack vulnerability in cscope.simon2004-12-071-0/+28
* . Put the topic in the same format all other recent topics have been in forglewis2004-12-051-1/+6
* Add cvename to bnc vulnerability.simon2004-12-051-0/+1
* Document a remote code execution vulnerability in bnc.simon2004-12-051-0/+34
* Fix grammar nit in ImageMagick entry.simon2004-12-051-1/+1
* For the Java plugin vulnerability, also match the linux-jdk packagesimon2004-12-051-1/+2
* . Note that although linux-sun-jdk13 had one plugin vulnerability fixedglewis2004-12-041-1/+1
* Document vulnerability that allows arbitrary command execution in rsshrushani2004-12-031-0/+33
* Document buffer overflows in rockdodger.naddy2004-12-031-0/+27
* Add CVE to zip vulnerability.simon2004-12-021-0/+1
* Document a long path buffer overflow in zip.simon2004-12-021-0/+33
* Document signal delivery vulnerability in sudoscript.simon2004-12-011-0/+23
* Document vulnerability in net/jabberd.josef2004-12-011-0/+27
* Document vulnerability in net/opendchub.josef2004-11-301-0/+26
* Add Bugtraq ID for SA-04:16.fetch entry.simon2004-11-291-0/+1
* Document two vulnerabilities in unarj.simon2004-11-271-0/+53
* . Mark linux-ibm-jdk as also vulnerable to the Java plugin vulnerability.glewis2004-11-261-0/+4
* . Fix the range and add an additional range for the jdk vulnerability.glewis2004-11-261-1/+12
* . Fix whitespace.glewis2004-11-261-6/+6
* . Add an entry for the problem in the Java plugin.glewis2004-11-261-0/+31
* Update ruby CGI DoS entry to note that the most recent version insimon2004-11-251-2/+3
* Document vulnerability in ftp/prozilla.josef2004-11-251-0/+27
* correct fixed versionume2004-11-241-2/+2
* c0a269d5-3d16-11d9-8818-008088034841 andume2004-11-241-2/+6
* Document that the twiki vulnerability is fixed in twiki-20040902.simon2004-11-231-1/+2
* add Cyrus IMAP Server multiple remote vulnerabilities.ume2004-11-231-0/+134
* Add CVE reference for the SA-04:16.fetch entry.simon2004-11-211-0/+1
* Document vulnerability in phpmyadmin.josef2004-11-201-0/+25
* Add localized versions of gd port to the VuXML entry.josef2004-11-191-0/+2
* Document SA-04:16.fetch.simon2004-11-181-0/+36
* Document the buffer overrun vulnerability in samba3josef2004-11-181-0/+27
* Correct range for xpdf vulnerability, as cups-base got a fixingjosef2004-11-181-1/+1
* The last commit to japanese/samba also fixed the security issuejosef2004-11-171-1/+4
* Add CVE name to twiki entry.simon2004-11-171-0/+1
* Add teTeX-base to affected packages in xpdf's vuxml entry.josef2004-11-171-0/+4
* Document arbitrary shell command execution in twiki.simon2004-11-151-0/+33
* Document a format string vulnerability in proxytunnel.simon2004-11-151-0/+36
* Fix entry date for the ruby entry from the last commit.simon2004-11-131-1/+1
* - Document at DoS in the Ruby CGI module.simon2004-11-131-0/+60
* Add CVE name for gnats issue.nectar2004-11-121-1/+2
* Note (likely) remotely exploitable vulnerability in samba 3.nectar2004-11-121-0/+33
* Document vulnerability in GNATS.josef2004-11-121-0/+24
* Document a XSS in squirrelmail.simon2004-11-121-0/+32
* Fix entry date.josef2004-11-121-1/+1
* Document BNC vulnerability.josef2004-11-121-0/+25
* Note old hafiye bug.nectar2004-11-121-0/+36
* Fix a format string vulnerability in ez-ipupdate.naddy2004-11-111-0/+27
* Document a buffer overflow in ImageMagick's EXIF parser.simon2004-11-111-0/+26
* Correct recent Apache 2 entry to not match Apache 1.X.simon2004-11-111-1/+2
* Document vulnerability in Apache 2 (CAN-2004-0942).josef2004-11-111-0/+26
* Update the libxml vulnerability to indicate the fixed version.marcus2004-11-111-1/+2
* Document a format string vulnerability in socat.simon2004-11-101-0/+33
* Document remote buffers overflow in libxml and libxml2.simon2004-11-101-0/+32
* The bugs discovered by Chris Evans have been fixednectar2004-11-101-2/+2
* Fix pkgnames for mod_include vulnerability.josef2004-11-081-6/+6
* Document a virus detection evasion in p5-Archive-Zip.simon2004-11-081-0/+27
* Document mod_include vulnerability in apache and related ports.josef2004-11-061-0/+54
* Document an insecure temporary file creation in postgresql-contrib.simon2004-11-061-0/+31
* Bump modified date in the entry for the last commit.simon2004-11-061-0/+1
* Update latest mpg123 entry to note that the port is fixed in the mostsimon2004-11-061-1/+1
* There was a gd 1.X port with portepoch 2 for a while, so let the gdsimon2004-11-051-0/+1
* Document an integer overflow in the GD Graphics Library.simon2004-11-051-0/+33
* Correct entry date for the putty entry.simon2004-11-041-1/+1
* Document vulnerability in puttyjosef2004-11-041-0/+28
* Add an entry for a wzdftpd remote DoS.simon2004-11-041-0/+22
* Updates to the bogofilter entry:simon2004-11-041-1/+4
* Update linux-openmotif to 2.2.4 to fix the security.mezz2004-11-021-1/+4
* Document rssh format string vulnerability.josef2004-10-281-0/+26
* Create a VuXML entry for Horde XSS help window vulnerability to replacenectar2004-10-271-0/+28
* Document a denial-of-service issue in bogofilter.nectar2004-10-261-0/+33
* Fix integer overflow vulnerabilities.nork2004-10-261-1/+4
* Document xpdf 2 and xpdf 3 vulnerabilities.nectar2004-10-261-0/+38
* Document several security issues in gaim, fixed in various versions fromnectar2004-10-261-5/+222
* Note that the Red Hat based linux_base ports containnectar2004-10-261-1/+2
* Document SSL_Cypherbypass vulnerability in mod_ssljosef2004-10-251-0/+71
* - Document more buffer overflows in mpg123.simon2004-10-241-0/+37
* I suck. (Correct a typo that would have been readily detected ifnectar2004-10-221-1/+1
* Add CVE name for cabextract issue.nectar2004-10-221-0/+2
* Fix a copy/paste typo in last commit.simon2004-10-221-1/+1
* Document DoS in Apache 2 SSL handling.simon2004-10-221-0/+37
* Note that xpm has been fixed.nectar2004-10-221-2/+8
* Update entry regarding INN 2.4.x buffer overflow:nectar2004-10-211-2/+3
* Document remote command execution vulnerability in phpMyAdmin.simon2004-10-211-0/+32
* Document insecure directory handling in cabextract.simon2004-10-211-0/+24
* Set correct entry date for the a2ps issue.simon2004-10-201-1/+1
* Document insecure command line argument handling in a2ps.simon2004-10-201-0/+41
* Document a vulnerability in ifmail. (There does not existnectar2004-10-201-0/+25
* Document a vulnerability in imwheel.nectar2004-10-191-0/+35
* Add CVE names for FreeRADIUS vulnerabilities.nectar2004-10-191-1/+6
* Document NTLM authentication vulnerability in squidjosef2004-10-191-0/+26
* Document a SQL command injection in Cacti.simon2004-10-191-0/+26
* Document a format string vulnerability in the apache13 mod_ssl proxysimon2004-10-181-0/+46
* - Change a few uses of <url> into <mlist>.simon2004-10-171-3/+3
* - Document remote DoS and loss of anonymity in Tor.simon2004-10-161-1/+35
* lesstif has been upgraded to a version that is not affected by thenectar2004-10-151-1/+1
* Recommit my changes from 1.298 which was accidently removed in 1.299.simon2004-10-151-2/+3
* Document two seperate security vulnerabilities injosef2004-10-151-3/+52
* Change the Xerces-C++ entry to match the xerces-c2 port.simon2004-10-151-2/+3
* Document vulnerability in freeradius.josef2004-10-141-0/+26
* - Document DoS in Xerces-C++.simon2004-10-141-1/+31
* It turns out that lesstif has libXpm sneakily embedded. There are atnectar2004-10-141-1/+5
* Document XSS in wordpress.simon2004-10-141-0/+24
* Document integer overflows in libtiff.nectar2004-10-141-0/+25
* - Document a CUPS local information disclosure.simon2004-10-141-0/+32
* Document a vulnerability in Zinf (freeamp).josef2004-10-141-0/+27
* Document libtiff RLE decoder issues.nectar2004-10-141-0/+26
* The sharutils buffer overflows has been fixed in sharutils 4.2.1_2.simon2004-10-131-1/+1
* Document a vulnerability in sharutils.simon2004-10-131-0/+31
* Document 2 DoS attacks possible againstjosef2004-10-131-0/+27
* ale@ reports that the only ports affected are php[45], php[45]-cgi,nectar2004-10-121-124/+2
* Note squid SNMP DoS. Based on an entry that wasnectar2004-10-121-0/+32
* The documented xv vulnerabilities were fixed by dinoex@nectar2004-10-121-1/+2
* Note that the image decoding vulnerabilities in gdk-pixbuf have beennectar2004-10-121-2/+5
* Document older cyrus-sasl bug affecting DIGEST-MD5.nectar2004-10-121-0/+23
* Update the description of and list of packages affected by the PHP filenectar2004-10-121-14/+134
* Document unsafe use of environmental variable SASL_PATH in cyrus-sasl.nectar2004-10-091-0/+31
* Add some more apache ports.trhodes2004-10-061-2/+14
* Add imp3 issue, add apache13-ssl issue, correct a tag.trhodes2004-10-061-2/+31
* Note that older packages of bmon were dangerously installed set-user-ID.nectar2004-10-051-0/+25
* Document GnuTLS denial-of-service (already mentioned in portaudit'snectar2004-10-051-0/+39
* Record another PHP vulnerability.nectar2004-10-051-0/+45
* Record another PHP security issue.nectar2004-10-051-1/+50
* Note that xv should not be used.nectar2004-10-051-0/+40
* Note a symlink vulnerability in getmail.nectar2004-10-051-0/+28
* Fill in empty topic from previous commit.nectar2004-10-051-1/+1
* Record FreeBSD-SA-04:15.syscons.nectar2004-10-051-0/+38
* Add missing PORTEPOCH for samba.nectar2004-10-041-1/+1
* Note racoon certificate verification bug.nectar2004-10-041-0/+26
* Note distcc IP address ACL bug.nectar2004-10-031-1/+27
* Remove a duplicate entry.nectar2004-10-031-56/+5
* Correct the version number for latest Mozilla entry.nectar2004-10-011-4/+4
* Document the last few of the relatively recent Mozilla vulnerabilities.nectar2004-10-011-0/+110
* Correct mangled CVE name: s/8983/0903/nectar2004-10-011-1/+2
* Add another two older vulnerabilities affecting Mozilla & co.nectar2004-10-011-8/+161
* Don't forget `ja-samba' also.nectar2004-10-011-0/+1
* Note samba file disclosure vulnerability.nectar2004-10-011-0/+31
* Fix apache version number entry, bump modified date for apache as well.trhodes2004-09-301-2/+2
* Make an initial attempt at covering all Mozilla/Firefox/Thunderbirdnectar2004-09-291-9/+36
* Correct spelling of phpnuke package name.nectar2004-09-281-1/+2
* Note BMP decoder flaws in Mozilla/Firefox/Thunderbird.nectar2004-09-281-0/+48
* Note stack buffer overflow in Mozilla mail.nectar2004-09-281-1/+41
* Document Mozilla/Firefox/Thunderbird heap buffer overflows.nectar2004-09-281-0/+57
* Correct the package name for phpMyAdmin.nectar2004-09-281-1/+2
* Add CERT Vulnerability Note references to xpm entry.nectar2004-09-271-1/+3
* Note two older vulnerabilities in PHP.nectar2004-09-271-0/+111
* Note subversion information disclosure vulnerability.nectar2004-09-271-0/+36
* Add missing PORTEPOCH in a mozilla entry.nectar2004-09-271-3/+5
* Forgot to add <modified> element for last commit.nectar2004-09-251-0/+1
* Add missing PORTEPOCH on one of the mozilla entries.nectar2004-09-251-1/+1
* Document vulnerabilities in lha.nectar2004-09-231-0/+41
* Lately it seems I like to use dashes in topics... but I should atnectar2004-09-231-19/+19
* Document mysql buffer overflow.nectar2004-09-231-0/+27
* Document Mozilla security icon spoofing vulnerability.nectar2004-09-231-0/+39
* Document Mozilla vulnerability involving NULL bytes in FTP URLs.nectar2004-09-231-1/+46
* Document Mozilla automatic file upload vulnerability.nectar2004-09-221-3/+28
* Document mozilla certificate import denial-of-service vulnerability.nectar2004-09-221-0/+48
* Note a file name disclosure issue in rssh.nectar2004-09-221-0/+38
* Add entry describe GNU Radius denial-of-service vulnerability.nectar2004-09-211-0/+36
* Add sudoedit vulnerability.nectar2004-09-211-0/+24
* In latest CVS entry, remove the reference to the exploit. It doesnectar2004-09-201-1/+0
* Oh yeah, add affected FreeBSD versions for CVS issues.nectar2004-09-201-1536/+1534
* Update CVS entry with some details.nectar2004-09-201-13/+31
* Add an entry for the mod_proxy buffer overflow existant in apache13.trhodes2004-09-201-0/+25
* Note some fixes for XPM image decoding vulnerabilities.nectar2004-09-181-4/+16
* Update to gdk-pixbuf vulnerability to reflect the fixed version of gtk20.marcus2004-09-171-1/+2
* Note that a patched version of webmin 1.150 is now available, thanksnectar2004-09-161-2/+4
* Note gdk-pixbuf image decoding issues.nectar2004-09-161-0/+36
* clement@ has patched Apache 2.nectar2004-09-161-3/+3
* Note CUPS printer queue browser denial-of-service.nectar2004-09-161-0/+24
* Note Apache 2 IPv6 address parsing bug.nectar2004-09-151-0/+28
* Note new libXpm vulnerabilities.nectar2004-09-151-0/+46
* I appear to have deleted a line at the last minute. Restore it.nectar2004-09-151-0/+1
* Add mod_dav denial-of-service issue.nectar2004-09-151-0/+28
* Oops, forgot to note that the previous issue affects only the Apache 2.xnectar2004-09-151-1/+1
* Add Apache 2 vulnerability concerning environmental variables innectar2004-09-151-0/+34
* Repair three <freebsdpr> elements. The content of these elementsnectar2004-09-151-3/+3
* Note that some versions of OpenOffice have been corrected.nectar2004-09-151-1/+2
* Fix botched date entry and correct iDefense URL.trhodes2004-09-141-2/+2
* Really add Samba 3 vulnerability.trhodes2004-09-141-1/+26
* Correct version. Note my last commit here was for mpg123 instead oftrhodes2004-09-141-1/+1
* - There is a WITHOUT_X11 version of ImageMagick that needs to benectar2004-09-141-2/+221
* Update for recent Samba3 vulnerabilities.trhodes2004-09-141-0/+27
* Adjust the affected version for imlib now that the 2nd instance of BMPnectar2004-09-021-1/+2
* The recent commit to the krb5 port brought the version to 1.3.4_1 butnectar2004-09-021-1/+1
* Note recent MIT Kerberos 5 vulnerabilities.nectar2004-09-011-0/+74
* Document imlib2 BMP decoder bug.nectar2004-08-311-0/+27
* Document BMP decoder bugs in imlib1 and ImageMagick.nectar2004-08-311-0/+50
* Correct bogus date in mysql entry. (It should be YYYY-MM-DD, notnectar2004-08-301-2/+2
* Add more references (particularly CVE names) for issues affectingnectar2004-08-301-8/+24
* correct/add some referenceseik2004-08-301-35/+48
* Document NSS SSLv2 server buffer overflow (already referenced innectar2004-08-271-0/+37
* Document ripMIME decoding bug (already referenced in portaudit.txt).nectar2004-08-271-1/+38
* Remove <modified/> from the gnomevfs vulnerability since it was the samemarcus2004-08-271-1/+0
* Update the gnomevfs entry to reflect the fixed versions.marcus2004-08-271-2/+3
* Add entry for moinmoin ACL bypass.trhodes2004-08-271-0/+28
* Note sanitize_path bug in rsync (already referenced in portaudit.txt).nectar2004-08-271-0/+32
* Unsafe URI handling in gnome-vfs, MidnightCommander.nectar2004-08-271-0/+38
* Document buffer overflows in SoX (already referenced in portaudit.txt).nectar2004-08-271-0/+30
* Document cookie bug in Konqueror (already referenced in portaudit.txt).nectar2004-08-271-0/+45
* Place port name in the description.trhodes2004-08-241-1/+2
generated by cgit (git 2.34.1) at 2025-01-09 07:23:05 +0800