aboutsummaryrefslogtreecommitdiffstats
path: root/security/vuxml
Commit message (Expand)AuthorAgeFilesLines
* rkhunter -- insecure temporary file creationgabor2007-09-051-0/+36
* lsh -- multiple vulnerabilitiesgabor2007-09-051-1/+29
* Document fetchmail -- denial of service on reject of localsimon2007-09-021-0/+34
* Document gtar directory traversal vulnerability.naddy2007-09-021-0/+32
* - Marked sylpheed2 as safe.miwi2007-08-291-1/+2
* - Fix a typo.miwi2007-08-281-1/+1
* - Document Sylpheed / Sylpheed-Claws POP3 Format String Vulnerabilitymiwi2007-08-281-0/+37
* From latest Opera entry:simon2007-08-261-10/+3
* linux-opera and (for the moment defunct) opera-devel are also affected byitetcu2007-08-241-0/+2
* Update vuln.xml for rsync 2.6.9_1 which fixed CVE-2007-4091delphij2007-08-231-1/+2
* Document rsync off-by-one stack overflow vulnerability.delphij2007-08-221-0/+30
* - Update the wordpress -- unmoderated comments disclosure entry. Is safe with...miwi2007-08-161-1/+2
* Add info about www/opera's JavaScript vulnerabilityitetcu2007-08-151-0/+34
* Fix the flac entry by specificing the correct fixed version.remko2007-08-101-1/+2
* - Document fsplib -- multiple vulnerabilitiesmiwi2007-08-031-0/+35
* Document joomla -- multiple vulnerabilitiesmiwi2007-08-031-0/+40
* Use the superseded attribute in the cancelled tcpdump entry.remko2007-08-021-1/+1
* Document FreeBSD -- Buffer overflow in tcpdump(1).remko2007-08-021-30/+43
* Bump modification date for: SA-07:04.fileremko2007-08-021-1/+1
* Correct the fixed version for the jail advisory which was revised yesterday.remko2007-08-021-3/+4
* Document FreeBSD -- Predictable query ids in named(8)remko2007-08-021-0/+39
* - Marked phpSysInfo as safemiwi2007-08-021-1/+1
* Update phpSysInfo entry: the current version (2.5.3) is affected.shaun2007-08-011-1/+2
* Update mozilla entrymiwi2007-08-011-1/+2
* Update the xpdf entrymiwi2007-07-311-1/+1
* Update xpdf entrymiwi2007-07-311-1/+5
* - Fix tcpdump entrymiwi2007-07-311-1/+1
* Document xpdf -- stack based buffer overflowmiwi2007-07-311-0/+55
* - Fix a typomiwi2007-07-311-1/+1
* - Document tcpdump -- remote integer underflow vulnerabilitymiwi2007-07-311-0/+33
* - Document mutt -- buffer overflow vulnerabilitymiwi2007-07-301-0/+35
* - Document p5-Net-DNS -- multiple Vulnerabilitiesmiwi2007-07-291-0/+34
* - Document phpsysinfo -- url Cross-Site Scriptingmiwi2007-07-291-0/+28
* - Document drupal -- Cross site request forgeriesmiwi2007-07-281-0/+70
* - Document vim -- Command Format String Vulnerabilitymiwi2007-07-281-0/+32
* - Document libvorbis - Multiple memory corruption flawsmiwi2007-07-271-0/+29
* Document XSS vulnerabilities in several tomcat versions;delphij2007-07-241-0/+44
* The previous vuxml entry applies to jakarta-tomcat 4.0.x as well, so markdelphij2007-07-241-0/+4
* Document multiple vulnerabilities found in www/tomcat41delphij2007-07-241-0/+30
* Document dokuwiki spellchecker XSS vulnerabilitiesdelphij2007-07-241-0/+37
* Fix last commit: the name tag was empty.simon2007-07-211-1/+1
* Document lighttpd multiple vulnerabilitiesdelphij2007-07-211-0/+31
* Add another reference to mozilla -- multiple vulnerabilities.simon2007-07-201-0/+1
* - Document opera -- multiple vulnerabilities.simon2007-07-201-6/+82
* Document mozilla -- multiple vulnerabilities.simon2007-07-201-0/+76
* Document linuxflashplugin critical vulnerabilities.delphij2007-07-181-0/+34
* - Fix the versions number of typespeed from 4.1.0 to 0.4.1miwi2007-07-091-1/+2
* - Fix the latest wireshark entries by correcting a typo and addingsat2007-07-071-2/+7
* - Document wireshark - Multiple problemsmiwi2007-07-061-0/+30
* - Document typespeed arbitrary code executiongabor2007-07-041-0/+29
* - Fix a typo vcl -> vlcmiwi2007-06-301-1/+1
* - Document vlc - format string vulnerability and integer overflowmiwi2007-06-291-0/+30
* - Document flac123 - stack overflow in comment parsingmiwi2007-06-291-0/+27
* Document gd -- multiple vulnerabilitiesremko2007-06-291-0/+67
* Document that CVE-2007-3257 was fixed with evolution-data-serverdelphij2007-06-281-1/+3
* - Fix modified date in mod_perl entrysat2007-06-281-1/+1
* Mark www/mod_perl2 fixed in version 2.0.3_2,3erwin2007-06-281-2/+2
* Document evolution-data-server remote arbitrary code executiondelphij2007-06-251-0/+30
* The XMLRPC SQL Injection issue with wordpress was addressed in theerwin2007-06-241-1/+2
* Document xpcd buffer overflow vulnerability.gabor2007-06-221-0/+32
* Document clamav -- multiple vulnerabilities.remko2007-06-201-0/+40
* Document SpamAssassin vulnerability CVE-2007-2873, a localdelphij2007-06-181-0/+28
* - Document cups -- Incomplete SSL Negotiation Denial of Service.miwi2007-06-131-0/+29
* - Fix other duplicate entry.miwi2007-06-101-4/+0
* - Document c-ares -- DNS Cache Poisoning Vulnerabilitymiwi2007-06-101-0/+29
* - Fix duplicate entry de-wordpress -> zh-wordpress.miwi2007-06-101-1/+1
* Add zh-wordpress as affected by the last two wordpress entries.gabor2007-06-101-0/+2
* wordpress -- XMLRPC SQL Injectiongabor2007-06-091-0/+71
* - Document webmin -- cross site scriptingmiwi2007-06-091-0/+31
* - The fixed mplayer version number is 0.99.10_10, mark it as such. [1]simon2007-06-081-7/+13
* - Fix mplayer portversion.miwi2007-06-071-1/+1
* - Document mplayer -- cddb stack overflow.miwi2007-06-071-0/+31
* - Note that plone is also affected by 34414a1e-e377-11db-b8ab-000c76189c4cgabor2007-06-061-1/+6
* - gzip 1.3.12 has been patched and is not affected bygabor2007-06-061-1/+2
* Document an information disclosure vulnerability in mod_jk < 1.2.23.erwin2007-06-051-0/+32
* Add an entry for an email header injection vulnerability inerwin2007-06-051-0/+30
* - Document phppgadmin - Cross Site Scripting Vulnerability.miwi2007-06-041-0/+31
* - Add entry for findutils -- GNU locate heap buffer overrun.trasz2007-06-021-0/+32
* Mark file < 4.21 as vulnerable to the heap overflow.delphij2007-05-311-0/+5
* Add an entry for the recent Freetype heap overflow vulnerability.marcus2007-05-251-0/+30
* Document FreeBSD-SA-07:04.file (heap overflow in file(1))remko2007-05-241-0/+40
* - Document squirrelmail -- Cross site scripting in HTML filtermiwi2007-05-221-0/+30
* Document png -- DoS crash vulnerability.simon2007-05-171-0/+32
* Document samba -- multiple vulnerabilities.simon2007-05-171-0/+63
* Backout last change.simon2007-05-111-4/+0
* Update PHP entry to include the vulnerable version so the entry issimon2007-05-112-2/+33
* Document a lot of PHP vulnerabilities, mark all php4 and php5 (+cli,cgi)remko2007-05-071-0/+69
* Bump modification date for the latest mod_perl entry, this was forgottenremko2007-05-071-0/+1
* Standarize the latest entry (qemu) a bit more and add a forgotten 'a'remko2007-05-031-4/+5
* Document multiple qemu vulnerabilitiesnox2007-05-021-0/+53
* Update to 0.57 - fixes possible overflow vulnerability regarding malformedlbr2007-05-011-0/+33
* Document FreeBSD -- IPv6 Routing Header 0 is dangerousremko2007-04-291-0/+44
* Rework the mod_perl entry to note that Mandriva originally releasederwin2007-04-261-2/+7
* Minor wordsmithing in the last mod_perl entry.erwin2007-04-261-3/+3
* Add entry for mod_perl -- remote DOS in PATH_INFO parsingerwin2007-04-261-0/+29
* p5-Crypt-OpenPGP 1.03_1 should not be vulnerable to CVE-2005-0366.tobez2007-04-231-2/+2
* - Mark latest firefox and seamonkey snapshots as safesat2007-04-191-3/+9
* - Add entry for claws-mail - APOP vulnerabilitymiwi2007-04-191-0/+29
* lighttpd -- DOS when access files with mtime 0mnag2007-04-141-0/+63
* - Add freeradius-mysql to the list of affected packages of the recentstas2007-04-131-0/+1
* Mark Google Earth >= 4.0.2414 as safe.flz2007-04-131-1/+2
* - Document recent remote dos vulnerability in freeradius.stas2007-04-131-0/+33
* Add an extra reference to the old "gnupg -- OpenPGP symmetricsimon2007-04-111-1/+2
* Document fetchmail's "insecure APOP authentication" issue (fixed in 6.3.8).barner2007-04-101-0/+35
* Stylify the latest zope entry:remko2007-04-091-20/+21
* Add entry for exploitable buffer overflow in mcweject.stefan2007-04-091-0/+30
* Add entry for webcalendar "noSet" variable overwrite vulnerability.stefan2007-04-081-0/+35
* Add entry for Zope2 cross-site scripting vulnerability.stefan2007-04-081-0/+33
* Remove f951cf4a-a1fe-11db-98f9-0004aca3703d entry. It's duplicate tosem2007-04-011-30/+0
* - Fix versions and dates in latest squid entrysat2007-03-221-4/+4
* Standarise the latest Squid entry.remko2007-03-221-8/+8
* - Add entry for squid TRACE method handling denial of servicemiwi2007-03-211-0/+33
* Fix range for sql-ledger entry which I missed in my original review.simon2007-03-171-1/+1
* Document sql-ledger vulnerabilitylth2007-03-161-0/+41
* Document cacti -- remote injection exploitremko2007-03-161-0/+30
* Correct two tdiary entries:remko2007-03-161-5/+16
* Document two long forgotten Samba vulnerabilities.remko2007-03-161-0/+73
* ktorrent -- multiple vulnerabilities:markus2007-03-151-1/+3
* Spell out multiple vulnerabilities instead of specifying the exactremko2007-03-121-1/+3
* Fix typo in PHP entrymarkus2007-03-121-1/+1
* Document ktorrent -- two vulnerabilitiesmarkus2007-03-121-0/+33
* Add ja-trac-*.kuriyama2007-03-101-0/+4
* - fix typomiwi2007-03-091-1/+1
* - Add entry for mplayer -- DMO File Parsing Buffer Overflow Vulnerabilitymiwi2007-03-091-0/+35
* - Add entry for Trac "download wiki page as text" Cross-Site Scripting Vulner...miwi2007-03-091-0/+31
* Correct affected versions in "mod_jk -- long URL stack overflowsimon2007-03-061-1/+2
* Document mod_jk -- long URL stack overflow vulnerability.simon2007-03-061-0/+37
* For recent "mozilla -- multiple vulnerabilities" entry:simon2007-03-021-2/+5
* Document bind -- Multiple Denial of Service vulnerabilitiesremko2007-02-281-0/+50
* Document FreeBSD -- Jail rc.d script privilege escalationremko2007-02-281-0/+60
* Document: gtar -- name mangling symlink vulnerabilityremko2007-02-281-0/+39
* Document FreeBSD -- Kernel memory disclosure in firewire(4).remko2007-02-281-0/+47
* Document libarchive -- Infinite loop in corrupt archives handling inremko2007-02-271-5/+41
* Document FreeBSD SA 06:23 OpenSSL - Multiple problems in crypto (3).remko2007-02-271-0/+63
* - Bump modified date for last update in mozilla entry.simon2007-02-261-1/+2
* Extend the latest gecko vulnerabilities to mail/lightning.ahze2007-02-261-0/+4
* Fix whitespace which I forgot before committing the last update.simon2007-02-251-7/+7
* Document mozilla -- multiple vulnerabilities.simon2007-02-251-0/+82
* Document snort -- DCE/RPC preprocessor vulnerability.simon2007-02-221-0/+45
* Document rar -- password prompt buffer overflow vulnerability.simon2007-02-171-0/+46
* Mark 5.2.1_2 as the first safe version for the recent "php -- multiplesimon2007-02-171-1/+1
* Document php -- multiple vulnerabilities.simon2007-02-171-0/+70
* joomla -- multiple remote vulnerabilitiesgabor2007-01-181-0/+41
* Document two sircd vulnerabilities:gabor2007-01-151-0/+62
* - Document multple net/cacti vulnerabilities.sem2007-01-121-0/+29
* Add mplayer RealMedia RTSP streams buffer overflow entry.itetcu2007-01-091-0/+40
* Document two fetchmail vulnerabilities.barner2007-01-061-0/+75
* Document opera -- multiple vulnerabilities.simon2007-01-061-0/+58
* Upgrade drupal to 4.7.5 fixing a couple security issues.brooks2007-01-061-0/+41
* Unbreak file by using &amp; in w3m entry.simon2007-01-041-3/+3
* Document a format string vulnerability of w3m.nobutaka2007-01-021-0/+35
* - Document www/plone vulnerabilitygabor2006-12-281-0/+29
* - Update the www/zope entry to indicate it is fixed nowgabor2006-12-281-2/+3
* phpbb -- NULL byte injection vulnerability has been fixed indelphij2006-12-241-2/+2
* Add an entry for recently fixed proftpd remote code executiondelphij2006-12-211-0/+26
* Document gzip -- multiple vulnerabilities, this is FreeBSD-SA06:21.gzipremko2006-12-201-0/+48
* Document bind9 -- Denial of Service in named(8) which is also knownremko2006-12-201-0/+55
* Document openssl -- Incorrect PKCS#1 v1.5 padding validation in crypto(3)remko2006-12-201-0/+46
* sql-ledger -- multiple vulnerabilitieslth2006-12-191-0/+39
* Update several entries, making them a bit clearer (Were possible),remko2006-12-161-36/+16
* Document the recent D-BUS vulnerability as described by CVE-2006-6107.marcus2006-12-151-0/+32
* - evince -- Buffer Overflow Vulnerabilitymnag2006-12-151-0/+31
* - Change spaces to tabs in <name> and <range>mnag2006-12-141-28/+24
* tDiary - Injection Vulnerabilitymiwi2006-12-141-0/+23
* - wv -- Multiple Integer Overflow Vulnerabilitiesmnag2006-12-131-0/+35
* - wv2 -- Integer Overflow Vulnerabilitymnag2006-12-131-0/+32
* - Fix tnftpd entry (made validate happy)miwi2006-12-131-1/+0
* tnftpd - remote root exploitmiwi2006-12-131-0/+24
* - clamav -- Multipart Nestings Denial of Servicemnag2006-12-131-0/+35
* Rewrite the libxine entry:remko2006-12-091-24/+17
* Add an entry for libxine multiple buffer overflow vulnerabilities.nobutaka2006-12-081-0/+45
* - Ok. gnupg-devel are not affected.mnag2006-12-071-4/+0
* - Add gnupg-devel package in last entrymnag2006-12-071-0/+5
* * Fix typo in the latest GnuPG entry, inherited from the original messagevd2006-12-071-2/+2
* Add CVE-2006-6235 entry for GnuPG.kuriyama2006-12-071-0/+60
* - Add a modified field for the entry, touched by the previous commitstas2006-12-051-0/+1
* - List all affected packages for the Novermber ruby cgi DOS vulnerabilitystas2006-12-051-1/+16
* - Documenet ruby cgi library vulnerabilitystas2006-12-051-0/+46
* - Document buffer overflow vulnerabilities in the libmusicbrainz.stas2006-12-031-0/+34
* Fix markup in last entry so the file is valid XML again.simon2006-12-031-3/+2
* - Add a entry for www/tDiary, www/tDiary-develmiwi2006-12-021-0/+25
* - Document the SGI Image File heap overflow vulnerability in ImageMagickstas2006-12-021-0/+34
* Document "gtar -- GNUTYPE_NAMES directory traversal vulnerability".naddy2006-12-011-0/+31
* Document 'kronolith -- arbitrary local file inclusion vulnerability'shaun2006-11-301-0/+33
* In latest gnupg entry:simon2006-11-281-10/+8
* Add recent gnupg one.kuriyama2006-11-281-0/+33
* Add <modified> tag to previous proftpd entry.shaun2006-11-211-0/+1
* Add proftpd-mysql to the previous entry.shaun2006-11-151-0/+1
* Document "proftpd -- Remote Code Execution Vulnerability".shaun2006-11-151-0/+32
* The Command Injection Vulnerability was corrected by awstats 6.5_2,1.delphij2006-11-151-2/+2
* Add archivers/unzoo Directory Traversal Vulnerability.ehaupt2006-11-141-0/+34
* Add bugzilla -- multiple vulnerabilities entry.simon2006-11-111-2/+57
* Add cvs+ipv6 to the cvsbug to the vulnerability.remko2006-11-091-0/+5
* - Document recent vulerabilties in the imlib2.stas2006-11-091-0/+38
* - Document recent vulnerability in the ruby CGI library.stas2006-11-051-0/+35
* - pgp < 3.0 and pgpin does not support OpenPGP formatdinoex2006-11-031-2/+4
* The latest couple of firefox vulnerabilities should be fixed in thesimon2006-11-021-4/+4
* ru-apache and ru-apacvhe+mod_ssl were fixed.lev2006-11-011-1/+8
* Add a <modified> tag with the current date to reflect my previous change.vd2006-10-301-0/+1
* Fix typo: "Dmitri Lenev reports reports a privilege ..."vd2006-10-301-1/+1
* Document screen -- combined UTF-8 characters vulnerability.simon2006-10-301-0/+29
* Document two MySQL privilege escalations.simon2006-10-291-0/+60
* - Add entry for www/serendipity and www/serendipity-develmiwi2006-10-231-0/+35
* Document an integer overflow vulnerability in Qt and kdelibs, based on anmarkus2006-10-231-0/+39
* Add reference, which I missed the first time around, from Operasimon2006-10-211-0/+1
* Document opera -- URL parsing heap overflow vulnerability.simon2006-10-211-0/+37
* Minor correction to last commit; the NVIDIA driver version 1.0.8762simon2006-10-211-1/+1
* Update entry for nvidia-driver -- arbitrary root code executionsimon2006-10-211-4/+9
* Document asterisk -- remote heap overwrite vulnerabilityremko2006-10-201-0/+30
* Some style changes to the plone entry.remko2006-10-201-13/+11
* - Add a entry for www/plonemiwi2006-10-201-0/+37
* Document:shaun2006-10-191-0/+108
* Document "ingo -- local arbitrary shell command execution"shaun2006-10-191-0/+27
* Update php -- _ecalloc Integer Overflow Vulnerability entry withsimon2006-10-181-3/+20
* Mark multimedia/win32-codecs as not-vulnerable after the quicktime codecserwin2006-10-171-2/+2
* Document "nvidia-driver -- arbitrary root code execution vulnerability".simon2006-10-171-0/+36
* - Mark php open_basedir fixedsat2006-10-171-2/+3
* - clamav -- CHM unpacker and PE rebuilding vulnerabilitiesmnag2006-10-161-0/+38
* - Add some referencessat2006-10-161-6/+27
* - Document temporary file symlink privilege escalation in tkdiffsat2006-10-161-1/+28
* - Document multiple remote file inclusion vulnerabilities in vtigersat2006-10-151-0/+31
* - Document heap overflow in the KML engine in google-earthsat2006-10-141-0/+28
* devel/cscope was fixed in version 15.6 so use lt instead of le.erwin2006-10-111-2/+2
* Mark zgv as fixed wrt. "zgv, xzgv -- heap overflow vulnerability".simon2006-10-091-1/+2
* - Add php-suhosin to edabe438-542f-11db-a5ae-00508d6a62dfsat2006-10-091-1/+5
* - Fix python package naming in 6afa87d3-764b-11d9-b0e7-0000e249a0a2sat2006-10-081-3/+2
* Update versions affected by python -- buffer overrun in repr() forsimon2006-10-081-4/+7
* Fix whitespace in openssh -- multiple vulnerabilities entry, which Isimon2006-10-081-17/+17
* Update vuxml id 5a39a22e-5478-11db-8f1a-000a48049292tmclaugh2006-10-081-1/+1
* Remove mono-devel and mono-svn from 5a39a22e-5478-11db-8f1a-000a48049292tmclaugh2006-10-081-5/+0
* - Remove an empty url (a typo)sat2006-10-071-1/+0
* - Document User-Agent XSS Vulnerability in torrentfluxsat2006-10-071-0/+27
* - Document buffer overrun in repr() for unicode strings in pythonsat2006-10-071-0/+40
* devel/cscope was fixed in version 15.6erwin2006-10-071-1/+2
* - Document _ecalloc Integer Overflow Vulnerability in php5sat2006-10-061-0/+35
* - Update an old mambo advisory and document its new vulnerabilitiessat2006-10-061-1/+57
* - Add linux-curl to a curl advisory and tweak versions a bitsat2006-10-061-1/+3
* - Add ja-lynx* to a lynx advisorysat2006-10-061-1/+2
* - chinese/tin was also vulnerablesat2006-10-061-0/+1
* - Document buffer overflow vulnerabilities in tinsat2006-10-061-0/+31
* - Use >0 for unpatched vulnerabilitiessat2006-10-051-5/+6
* - Document slapd acl selfwrite Security Issue in openldapsat2006-10-051-0/+35
* - Document "System.CodeDom.Compiler" Insecure Temporary Creation in monosat2006-10-051-0/+38
* - Document open_basedir Race Condition Vulnerability in phpsat2006-10-051-0/+63
* - Document NULL byte injection vulnerability in phpbbsat2006-10-051-0/+39
* - Add references and use earlier discovery date in fffa9257-3c17-11db-86ab-00...sat2006-10-041-1/+5
* - Add CVE names to 19b17ab4-51e0-11db-a5ae-00508d6a62dfsat2006-10-031-0/+3
* - Document admin section SQL injection in postnukesat2006-10-031-0/+31
* - Document LWFN Files Buffer Overflow Vulnerability in freetypesat2006-10-021-0/+39
* - Document Buffer Overflow Vulnerabilities in cscopesat2006-10-021-0/+41