aboutsummaryrefslogtreecommitdiffstats
path: root/security/vuxml
Commit message (Expand)AuthorAgeFilesLines
* Document opera -- JPEG processing integer overflow vulnerability.simon2006-06-231-0/+34
* Update the webcalendar entry, use alphabetic sorting, no functionalremko2006-06-171-1/+2
* Add an entry for Horde's latest XSS vulnerabilities.thierry2006-06-171-0/+39
* Add webcalendar -- information disclosure vulnerability.simon2006-06-171-0/+40
* Add FreeBSD-SA-06:17.sendmail to the VuXML database.remko2006-06-151-0/+39
* Bump modification date in the last entry and earn my own pointyhat.remko2006-06-121-0/+1
* Fix the latest entry by using the entity for &, this passes make validate.remko2006-06-121-3/+3
* - Added multiple dokuwiki vulnerabilitiesaaron2006-06-121-0/+30
* Add an entry for libxine -- buffer overflow vulnerability.nobutaka2006-06-111-0/+33
* Document FreeBSD-SA-06:15.ypserv and FreeBSD-SA-06:16.smbfs.remko2006-06-091-12/+111
* Document two freeradius issues, one newer and one older issue:remko2006-06-091-0/+71
* Mark graphics/fractorama 1.6.7_1 "clean". This port now links against libtiffehaupt2006-06-081-5/+21
* The awstats port has PORTEPOCH bumped, so update the vuxml entry awstatssimon2006-06-081-1/+2
* Mumble, back out local changes which should not have been committed.simon2006-06-061-6/+0
* Mark squirrelmail-1.4.6_1 as fixed for squirrelmail -- plugin.phpsimon2006-06-062-1/+8
* Document squirrelmail -- plugin.php local file inclusion vulnerability.simon2006-06-061-0/+31
* Document dokuwiki -- spellchecker remote PHP code execution.simon2006-06-061-0/+35
* Document drupal -- multiple vulnerabilities.simon2006-06-061-0/+39
* - Add last two MySQL vulnerabilitiesmnag2006-06-021-0/+94
* Document frontpage -- cross site scripting vulnerability and pointsimon2006-05-241-0/+48
* cscope -- buffer overflow vulnerabilitiesmnag2006-05-231-0/+32
* coppermine -- Multiple File Extensions Vulnerabilitymnag2006-05-221-0/+110
* phpmyadmin -- XSRF vulnerabilitiesmnag2006-05-211-0/+30
* - Normalize the topic of last entrypav2006-05-191-1/+1
* - Add VuXML entry for vnc 4.1.1pav2006-05-191-0/+28
* - Add vulnerabilities in last topic.mnag2006-05-141-1/+1
* phpldapadmin -- Cross-Site Scripting and Script Insertionmnag2006-05-141-0/+40
* Modify the entry for p5-DBI insecure temporary files creation to reflecttobez2006-05-121-2/+7
* Add www/fswiki vulnerability.kuriyama2006-05-061-0/+25
* - Add missing s in latest awstats entry's title.simon2006-05-061-1/+36
* - Cancel last rsync entry. Does not affect FreeBSD port.mnag2006-05-061-32/+1
* Document awstat -- arbitrary command execution vulnerability.simon2006-05-061-1/+44
* phpwebftp -- "language" Local File Inclusionmnag2006-05-041-0/+34
* Document firefox -- denial of service vulnerabilityvd2006-05-031-0/+38
* trac -- Wiki Macro Script Insertion Vulnerabilitymnag2006-05-031-0/+34
* rsync -- "xattrs.diff" Patch Integer Overflow Vulnerabilitymnag2006-05-031-0/+35
* clamav -- Freshclam HTTP Header Buffer Overflow Vulnerabilitymnag2006-05-031-0/+40
* - Add last jabberd entry:mnag2006-05-011-0/+33
* Also mark linux-seamonkey vulnerable to recent mozillasimon2006-04-271-1/+2
* cacti -- ADOdb "server.php" Insecure Test Script Security Issuemnag2006-04-271-0/+30
* amaya -- Attribute Value Buffer Overflow Vulnerabilitiesmnag2006-04-271-0/+35
* lifetype -- ADOdb "server.php" Insecure Test Script Security Issuemnag2006-04-271-2/+33
* ethereal -- Multiple Protocol Dissector Vulnerabilitiesmnag2006-04-271-0/+47
* My 100th commit to the vuln.xml file:remko2006-04-261-0/+29
* Change paraview checks to be < 2.4.3 now that paraview uses system libtiff.anholt2006-04-261-5/+20
* Document zgv, xzgv -- heap overflow vulnerability.remko2006-04-241-0/+39
* Document crossfire-server -- denial of service and remote code executionremko2006-04-231-0/+34
* Document p5-DBI -- insecure temporary file creation vulnerability.remko2006-04-231-0/+32
* Document wordpress -- full path disclosure.remko2006-04-231-0/+30
* Document xine -- multiple remote string vulnerabilities.remko2006-04-231-0/+33
* Add an entry for cyrus-sasl -- DIGEST-MD5 Pre-Authenticationume2006-04-221-0/+25
* Also mark all other versions of FreeBSD (That were released) asremko2006-04-201-0/+2
* Add FreeBSD -- FPU information disclosure (SA-06:14) to theremko2006-04-201-0/+50
* Add some CERT references to latest Mozilla entry.simon2006-04-191-0/+13
* plone -- "member_id" Parameter Portrait Manipulation Vulnerabilitymnag2006-04-181-0/+31
* Fix copy/paste error in last commit and mark linux-mozilla < 1.7.13 assimon2006-04-171-1/+1
* Document mozilla/firefox/thunderbirds's latest attempt at Internetsimon2006-04-171-0/+118
* Update entry for sysutils/heartbeat. The insecure temporary file creationehaupt2006-04-161-1/+2
* mailman -- Private Archive Script Cross-Site Scriptingmnag2006-04-161-0/+35
* Document f2c -- insecure temporary files.remko2006-04-111-0/+29
* mplayer -- Multiple integer overflowsmnag2006-04-081-0/+38
* - Add Secunia references for last phpMyAdmin issue.mnag2006-04-071-0/+2
* Document kaffeine -- buffer overflow vulnerability.remko2006-04-071-0/+30
* Document thunderbird -- javascript execution.remko2006-04-071-0/+29
* Update the latest zoo entry to match the latest update to the port.remko2006-04-071-1/+2
* phpmyadmin -- XSS vulnerabilitiesmnag2006-04-071-0/+58
* clamav -- Multiple Vulnerabilitiesmnag2006-04-061-0/+43
* Add cvename to the recent OpenVPN entry.remko2006-04-061-0/+2
* Document mediawiki -- hardcoded placeholder string security bypassremko2006-04-061-0/+30
* Document netpbm -- buffer overflow in pnmtopng.remko2006-04-061-0/+31
* Document zoo -- stack based buffer overflow.remko2006-04-061-0/+30
* Document mediawiki -- cross site scripting vulnerability.remko2006-04-061-0/+30
* dia -- XFig Import Plugin Buffer Overflowmnag2006-04-061-0/+34
* openvpn -- LD_PRELOAD code execution on client through malicious or compromis...mnag2006-04-051-0/+35
* samba -- Exposure of machine account credentials in winbind log filesmnag2006-04-051-0/+44
* Upgrade pubcookie from 3.3.0-beta2 to 3.3.0a fixing serious XSSbrooks2006-04-051-0/+93
* Fill in the version numbers for the vidsedwin2006-04-011-2/+2
* For horde -- remote code execution vulnerability in the help viewersimon2006-03-301-4/+8
* freeradius -- EAP-MSCHAPv2 Authentication Bypassmnag2006-03-301-0/+32
* Add an entry about Horde's remote code execution vulnerability in thethierry2006-03-291-0/+31
* linux-realplayer -- buffer overrunmnag2006-03-281-0/+69
* s/8 spaces/tab/ in the sendmail entry.remko2006-03-251-1/+1
* Record that our sendmail port was also vulnerable.remko2006-03-251-0/+5
* Update the 'Evolution - remote format string vulnerabilities' entry.remko2006-03-241-1/+2
* Document the latest three FreeBSD Security Advisories:remko2006-03-241-0/+127
* xorg-server -- privilege escalationlesi2006-03-221-0/+30
* - heimdal -- Multiple vulnerabilitiesmnag2006-03-201-0/+44
* Document ftp/curl's TFTP packet buffer overflow vulnerabilityvd2006-03-201-0/+35
* Add drupal <= 4.6.5 vulns.brooks2006-03-181-0/+52
* Add an entry for Horde < 3.1 (SA19246).thierry2006-03-161-0/+38
* Document linux-flashplugin -- arbitrary code execution vulnerability.simon2006-03-151-0/+39
* Document nfs -- remote denial of service (FreeBSD: SA-06:10)remko2006-03-131-0/+51
* Add OpenSSH Remote Denial of Service (FreeBSD SA-06:09.openssh) to theremko2006-03-131-0/+71
* Correct the gpg entry wrt. style.remko2006-03-111-34/+34
* Update to 1.4.2.2.kuriyama2006-03-101-0/+34
* Document multimedia/mplayer's heap overflow in the ASF demuxervd2006-03-091-0/+35
* Add the ssh2-nox11 slave port to the list of ports affected bymarius2006-03-061-0/+2
* Document a SSH.COM SFTP server format string vulnerability affectingmarius2006-03-051-0/+33
* Document GNU tar invalid headers buffer overflow.naddy2006-03-041-0/+27
* Remove the pinentry entry. It was gentoo specific and I overlookedremko2006-02-281-33/+0
* Document Bugzilla [2.*, 2.20.1) vulnerabilities.skv2006-02-271-0/+25
* Document squirrelmail (< 1.4.6) vulnerabilities:delphij2006-02-251-0/+25
* Remove the latest squid entry, it already existed.remko2006-02-211-28/+0
* Document gedit -- format string vulnerability.remko2006-02-211-0/+28
* Add koffice to the RTF import issue.remko2006-02-201-1/+7
* Documenet WebCalendar -- unauthorized access vulnerability.remko2006-02-201-0/+27
* Document abiword -- stack based buffer overflow vulnerabilities.remko2006-02-201-0/+30
* Document pinentry -- local privilege escalation.remko2006-02-201-1/+34
* Document squid -- dns lookup spoofing.remko2006-02-201-0/+28
* Document postgresql81-server -- SET ROLE privilege escalation.simon2006-02-181-0/+30
* Document gnupg -- false positive signature verification.simon2006-02-171-0/+39
* Document rssh -- privilege escalation vulnerability.remko2006-02-161-0/+33
* Document tor -- malicious tor server can locate a hidden service.remko2006-02-161-0/+29
* Document sudo -- arbitrary command execution.remko2006-02-161-0/+36
* Document libtomcrypt -- weak signature scheme with ECC keys.remko2006-02-161-0/+25
* Document mantis -- "view_filters_page.php" cross site scripting vulnerability.remko2006-02-161-0/+33
* Document phpbb -- multiple vulnerabilities.remko2006-02-161-0/+43
* Document postgresql -- character conversion and tsearch2 vulnerabilities.remko2006-02-161-0/+46
* Document heartbeat -- insecure temporary file creation vulnerability.remko2006-02-161-0/+28
* Document kpdf -- heap based buffer overflowremko2006-02-151-0/+29
* Document perl, webmin, usermin -- perl format string integer wrap vulnerabilityremko2006-02-151-0/+46
* Document phpicalendar -- cross site scripting vulnerability andremko2006-02-151-0/+54
* Document FreeBSD -- Infinite loop in SACK handling (FreeBSD SA 06.08)remko2006-02-141-0/+36
* Document pf -- IP fragment handling panic, FreeBSD SA 06.07remko2006-02-141-0/+41
* Document FreeBSD -- Local kernel memory disclosureremko2006-02-141-0/+38
* Document IEEE 802.11 -- buffer overflow (FreeBSD SA 06.05).remko2006-02-141-0/+35
* Add FreeBSD SA 06.04.ipfw to the vuln.xml list.remko2006-02-141-0/+36
* Mark ivtools 1.2.3 as fixed for jpeg vulnerabilities. Note that thissimon2006-02-081-10/+25
* Document kpopup -- local root exploit and local denial of service.simon2006-02-081-0/+41
* Oops. Forgot to modify the discovery date.remko2006-01-281-1/+2
* Add 4 FreeBSD advisories to the VuXML database.remko2006-01-271-0/+188
* SHA256ifyedwin2006-01-241-2/+9
* Document local root exploit in SGE.brooks2006-01-241-0/+28
* Document "fetchmail -- crash when bouncing a message" DOS vulnerability.barner2006-01-231-0/+32
* - Update description and references for "clamav -- possible heapsimon2006-01-151-4/+16
* Add an entry for clamav/clamav-develehaupt2006-01-101-0/+30
* Document milter-bogom -- headerless message crash.simon2006-01-101-0/+29
* Mark latest bnc version as fixed wrt. to "fd_set -- bitmap indexsimon2006-01-101-2/+6
* Document two bogofilter vulnerabilities.simon2006-01-071-0/+69
* Add an entry for rxvt-unicode < 6.3: root privileges were not restoredthierry2006-01-051-0/+30
* `ru-apache' and `ru-apache+mod_ssl' was patchet against CAN-2005-3352lev2006-01-041-1/+8
* Correct a little typo.remko2006-01-031-2/+2
* Document apache -- mod_imap cross-site scripting flaw.remko2006-01-021-1/+68
* Fix the affected versions of 9b4facec-6761-11da-99f6-00123ffe8333.hrs2006-01-011-1/+2
* Add missing "</package>" tag from rev. 1.917, which caused the file tosimon2005-12-261-4/+5
* russian/apache13 and russian/apache13-modssl were updated and new version d...lev2005-12-231-3/+8
* Bump modification date for entries touched by last commit.simon2005-12-231-1/+2
* Update the phpSysInfo entries, PR ports/90849 will solve the documentedremko2005-12-231-2/+2
* Fix another typo in my nbd entry.remko2005-12-231-1/+2
* Correct a typo.remko2005-12-231-1/+1
* Update the affected range.remko2005-12-231-1/+1
* :remko2005-12-231-0/+25
* - Register scponly-4.1 vulnerabilitiesgarga2005-12-231-0/+48
* Correct the recent horde entries as per the FDPremko2005-12-221-30/+40
* Document fetchmail vulnerability:barner2005-12-191-0/+36
* Document the following mantis vulnerabilities:remko2005-12-151-0/+64
* - Add entries for several XSS vulnerabilities in Horde, Kronolith, Nagthierry2005-12-121-2/+148
* Add curl -- URL buffer overflow vulnerabilitymnag2005-12-091-0/+46
* Add phpmyadmin -- register_globals emulation "import_blacklist" manipulationmnag2005-12-081-0/+67
* Add ffmpeg -- libavcodec buffer overflow vulnerabilitymnag2005-12-071-0/+39
* Add trac -- search module SQL injection vulnerabilitymnag2005-12-071-0/+32
* Add drupal -- multiple vulnerabilitiesmnag2005-12-021-0/+56
* Document opera -- multiple vulnerabilities.simon2005-12-011-0/+50
* Document opera -- command line URL shell command injection.simon2005-12-011-0/+40
* Add entry to www/mambomnag2005-11-301-0/+35
* Backup rev 1.9 which should not have been committed since it was just mysimon2005-11-291-2/+2
* Mark flyspar 0.9.8 as fixed wrt. "flyspray -- cross-site scriptingsimon2005-11-292-3/+5
* Change topic zope28 to zope (www/zope affected too)mnag2005-11-281-5/+6
* Security fix: several shell scripts included in the Ghostscript packagehrs2005-11-281-0/+40
* Standarize the horde -- Cross site scripting vulnerabilities in MIMEremko2005-11-261-10/+16
* Add an entry for cross site scripting vulnerabilities in Horde's MIMEthierry2005-11-231-0/+34
* phpmyadmin -- HTTP Response Splitting vulnerabilitymnag2005-11-161-0/+32
* Add CVE name to an old sudo entry.simon2005-11-151-0/+2
* Update latest phpSysInfo entry to reflect that 2.4 was in fact not fixedsimon2005-11-141-1/+2
* - Micromedia -> Macromediasem2005-11-141-6/+6
* - Document phpSysInfo vulnerabilitysem2005-11-141-0/+34
* - Document flashplugin vulnerabilitysem2005-11-141-0/+43
* - Document p5-Mail-SpamAssassin vulnerabily (alread fixed in ports)sem2005-11-101-0/+66
* Update the recent gallery2 and webcalendar entries:remko2005-11-091-5/+14
* Document qpopper -- multiple privilege escalation vulnerabilities.remko2005-11-081-0/+32
* - Add missed </p> tag [1]sem2005-11-071-2/+3
* Add a bit more info from the PEAR advisory about the vulnerability tosimon2005-11-051-0/+4
* The two latest OpenVPN vulnerabilities were both only for 2.0 andsimon2005-11-051-2/+4
* Add an entry for pear-PEAR arbitrary code execution vulnerability.thierry2005-11-051-0/+28
* Correct skype entry to match the correct fixed port version number.simon2005-11-021-1/+2
* Document two OpenVPN vulnerabilities.simon2005-11-021-0/+67
* As Peter Jeremy points out, the recent lynx vulnerability also concernsnaddy2005-11-021-0/+5
* - Document skype vulnerabilitiessem2005-11-011-2/+75
* - Document CVE-2005-3258:sem2005-11-011-0/+32
* - Document a BASE Basic Analysis and Security Engine vulnerabilitysem2005-11-011-0/+29
* Back out the accidentally committed white-space modification parts ofsimon2005-11-011-8900/+12898
* Add entry for "fetchmail -- fetchmailconf local password exposure",barner2005-10-311-0/+31
* Document lynx remote buffer overflow in NNTP header handling.naddy2005-10-311-12960/+8995
* - Fix a ruby vulnerabuility in the safe level settings.sem2005-10-281-0/+36
* Add more references to entry net-snmp -- remote DoS vulnerability.simon2005-10-271-0/+3
* - Mark linux-firefox 1.0.7 as fixedsimon2005-10-261-5/+6
* Add misc/compat5x to "openssl -- potential SSL 2.0 rollback".lesi2005-10-261-1/+8
* Also mark xli as vulnerable to xloadimage -- buffer overflows in NIFFsimon2005-10-241-0/+5
* For entry libgadu -- multiple vulnerabilities:simon2005-10-241-2/+3
* For entry zope28 -- expose RestructuredText functionality to untrustedsimon2005-10-231-3/+5
* Add another reference to clamav -- arbitrary code execution and DoSsimon2005-10-221-0/+2
* Document x11/xloadimage buffer overflows in NIFF image title handling.naddy2005-10-201-0/+39
* Rename all CAN-yyyy-nnnn to CVE-yyyy-nnnn, with the exception of textnectar2005-10-201-688/+688
* For entry: snort -- Back Orifice preprocessor buffer overflow vulnerability:simon2005-10-191-1/+2
* - Document snort -- Back Orifice preprocessor buffer overflow vulnerability.simon2005-10-191-2/+50
* - Document www/webcalendar vulnerability.sem2005-10-151-0/+23
* - Document www/gallery2 vulnerability.sem2005-10-151-0/+35
* Improve last couple of entries:simon2005-10-131-13/+17
* Add entry for opensslmnag2005-10-121-3/+57
* Add entry for phpmyadmin (PMASA-2005-4)mnag2005-10-121-0/+29
* Fix typo with range valuesmnag2005-10-121-1/+1
* Add entry from zope28mnag2005-10-121-0/+30
* For libxine -- format string vulnerability entry:simon2005-10-101-5/+6
* Add an entry for libxine format string vulnerability.nobutaka2005-10-101-0/+31
* Mark older revisions linux_base-suse 9.3 as vulnerable to kdebase --simon2005-10-091-0/+5
* - Mark cfengine's arbitrary file overwriting vulnerability as fixed in 2.1.6_1sergei2005-10-071-0/+6
* Add an entry for UW-IMAP Mailbox Name Handling Remote Buffer Overflowthierry2005-10-061-0/+35
* Add credit for recent ftp/weex incidentehaupt2005-10-051-1/+1
* rinetd >= 0.62_1 has no more vulnerabilitiesgarga2005-10-041-2/+5
* Add references to three squid entries.remko2005-10-031-5/+15
* Use the <freebsdpr> tag to markup a PR in weex -- remote format stringsimon2005-10-031-1/+1
* Document a format string vulnerability in ftp/weex.jylefort2005-10-031-0/+30
* Document picasm -- buffer overflow vulnerability.simon2005-10-021-0/+33
* Add an URL to the entry of the japanese/uim.nobutaka2005-10-021-1/+1
* Document japanese/uim privilege escalation vulnerability.nobutaka2005-10-021-0/+31
* Document cfengine -- arbitrary file overwriting vulnerability.simon2005-10-011-0/+32
* Mark zsync <= 0.4.1 vulnerable to the zlib buffer overflow vulnerability.remko2005-10-011-0/+5
* Add more references to unace -- multiple vulnerabilities entry.simon2005-10-011-0/+3
* Add CVE name to an older ProZilla entry.simon2005-10-011-0/+2
* Add more references for latest phpmyfaq entry.simon2005-09-301-0/+9
* - Add a note that new entries, per convention, should be added to thesimon2005-09-301-5/+11
* Document vulnerabilities in www/phpmyfaqvsevolod2005-09-291-0/+25
* Add linux_base-suse-9.3 to the zlib entry.remko2005-09-241-0/+5
* Document clamav -- arbitrary code execution and DoS vulnerabilities.simon2005-09-241-0/+39
* - Be consistent and call entries "firefox & mozilla", not the other waysimon2005-09-241-2/+12
* - Document mozilla & firefox -- multiple vulnerabilities.simon2005-09-241-0/+147
* Add real references to urban -- stack overflow vulnerabilities.simon2005-09-221-5/+3
* Document mozilla & firefox -- command line URL shell command injection.simon2005-09-221-0/+87
* Add CVE name for tor -- diffie-hellman handshake flaw.simon2005-09-221-0/+2
* Correct package name for entry bind -- buffer overrun vulnerability.simon2005-09-221-1/+2
* Add CVE name to an older CUPS issue.simon2005-09-221-0/+2
* Fix the htdig entry, the port version and the VuXML version did notremko2005-09-201-1/+1
* Fix the squirrelmail entry since only versions prior to 1.4.5 wereremko2005-09-201-1/+2
* Document the following items:remko2005-09-181-0/+60
* - Add an entry on possible DOS condition regarding NTLM in squidpav2005-09-161-0/+28
* Document X11 server -- pixmap allocation vulnerability.lesi2005-09-151-0/+33
* Document unzip -- permission race vulnerability. [1]remko2005-09-141-1/+35
* Document firefox & mozilla -- buffer overflow vulnerability.simon2005-09-111-0/+97
* Mark the latest version of cups-base fixed for "xpdf -- disk fill DoSlawrance2005-09-071-2/+2
* Add forgotten </package> line.remko2005-09-041-0/+1