Differences

This shows you the differences between two versions of the page.

Link to this comparison view

mailing-lists:distros:stats [2019/07/25 14:02]
kristianf
mailing-lists:distros:stats [2019/07/26 03:27] (current)
kristianf
Line 9: Line 9:
 |Average embargo time (oss-security)|6.37|14.16|5.03|6.39|5.84|5.14|6.70|6.02|9.64|2.99|6.60|7.60|7.30|5.13|5.38|4.36|5.53|8.62|5.06|6.76|8.20|4.80|7.15|5.36|6.69|5.81| |Average embargo time (oss-security)|6.37|14.16|5.03|6.39|5.84|5.14|6.70|6.02|9.64|2.99|6.60|7.60|7.30|5.13|5.38|4.36|5.53|8.62|5.06|6.76|8.20|4.80|7.15|5.36|6.69|5.81|
 ===== Data ===== ===== Data =====
-^All^2017-06^2017-07^2017-08^2017-10^2017-11^2018-01^2018-03^2018-04^ +^Project^Subject^Reported (UTC)^Public (UTC)^oss-security posting^Time of oss-security posting (UTC)^CVE(s)^Days embargoed (first public)^Days embargoed (oss-security)^ 
-|144|1|3|6|5|7|8|6|10| +|Spice|[vs] spice|2017-06-30 03:50:00|2017-07-11 00:​00:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​07/​14/​1|2017-07-14 07:​38:​00|CVE-2017-7506 |10.84|14.16| 
-|6.18|10.84|4.69|6.39|4.90|6.70|7.28|6.52|7.40| +|Jenkins|[vs] CVE ID assignment request from the Jenkins project|2017-07-07 13:​13:​00|2017-07-10 15:​00:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​07/​11/​9|2017-07-11 11:​52:​00|CVE-2017-1000084\\ CVE-2017-1000085\\ CVE-2017-1000086\\ CVE-2017-1000087\\ CVE-2017-1000088\\ CVE-2017-1000089\\ CVE-2017-1000090\\ CVE-2017-1000091\\ CVE-2017-1000092\\ CVE-2017-1000093\\ CVE-2017-1000094\\ CVE-2017-1000095\\ CVE-2017-1000096|3.07|3.94| 
-|6.37|14.16|5.03|6.39|5.14|6.70|9.64|6.60|7.60|+|Evince|[vs] evince: Command injection vulnerability in CBT handler|2017-07-10 13:​57:​00|2017-07-13 12:​00:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​07/​13/​5|2017-07-13 15:​43:​00|CVE-2017-1000083|2.92|3.07| 
 +|Linux Kernel|[vs-plain] linux kernel: CVE-2017-7533|2017-07-26 12:18:00|2017-08-03 14:​00:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​08/​03/​2|2017-08-03 14:​00:​00|CVE-2017-7533|8.07|8.07| 
 +|Curl|[vs-plain] curl: URL globbing out of bounds read (1/​3)|2017-08-01 ​10:02:00|2017-08-09 06:​00:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​08/​09/​1|2017-08-09 06:​00:​00|CVE-2017-1000101|7.83|7.83| 
 +|Curl|[vs-plain] curl: TFTP sends more than buffer size (2/​3)|2017-08-01 10:​02:​00|2017-08-09 06:​00:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​08/​09/​2|2017-08-09 06:​00:​00|CVE-2017-1000100|7.83|7.83| 
 +|Curl|[vs-plain] curl: FILE buffer read out of bounds|2017-08-01 10:​02:​00|2017-08-09 06:​00:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​08/​09/​3|2017-08-09 06:​00:​00|CVE-2017-1000099|7.83|7.83| 
 +|Linux Kernel|[vs-plain] Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch|2017-08-04 15:​59:​00|2017-08-10 20:​55:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​08/​10/​5|2017-08-10 20:​55:​00|CVE-2017-1000112|6.21|6.21| 
 +|Linux Kernel|[vs-plain] Linux kernel: heap out-of-bounds in AF_PACKET sockets|2017-08-04 16:​48:​00|2017-08-10 13:​25:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​08/​10/​7|2017-08-10 13:​25:​00|CVE-2017-1000111|5.86|5.86| 
 +|GNOME|[vs] CVE-2017-2885 libsoup - stack based buffer overflow with HTTP Chunked Encoding|2017-08-07 17:​54:​00|2017-08-10 12:​41:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​08/​10/​1|2017-08-10 12:​53:​00|CVE-2017-2885 |2.78|2.79| 
 +|file|[vs] file: stack based buffer overflow|2017-09-01 09:​30:​00|2017-09-05 16:​24:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​09/​05/​3|2017-09-05 16:​24:​00|CVE-2017-1000249|4.29|4.29| 
 +|BlueZ|[vs-plain] Info Leak vulnerability in BlueZ|2017-09-05 20:​29:​00|2017-09-13 21:​08:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​09/​13/​4|2017-09-13 21:​08:​00|CVE-2017-1000250\\ CVE-2017-1000251|8.03|8.03| 
 +|tcpdump|[vs-plain] Re: tcpdump 4.9.2 and NixOS|2017-09-06 13:​08:​00|2017-09-07 14:​06:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​09/​07/​8|2017-09-07 14:​06:​00|CVE-2017-11543\\ CVE-2017-13011\\ CVE-2017-12989\\ CVE-2017-12990\\ CVE-2017-12995\\ CVE-2017-12997\\ CVE-2017-11541\\ CVE-2017-11542\\ CVE-2017-12893\\ CVE-2017-12894\\ CVE-2017-12895\\ CVE-2017-12896\\ CVE-2017-12898\\ CVE-2017-12897\\ CVE-2017-12899\\ CVE-2017-12900\\ CVE-2017-12901\\ CVE-2017-12902\\ CVE-2017-12985\\ CVE-2017-12986\\ CVE-2017-12987\\ CVE-2017-12988\\ CVE-2017-12991\\ CVE-2017-12992\\ CVE-2017-12993\\ CVE-2017-11542\\ CVE-2017-11541\\ CVE-2017-12994\\ CVE-2017-12996\\ CVE-2017-12998\\ CVE-2017-12999\\ CVE-2017-13000\\ CVE-2017-13001\\ CVE-2017-13002\\ CVE-2017-13003\\ CVE-2017-13004\\ CVE-2017-13005\\ CVE-2017-13006\\ CVE-2017-13007\\ CVE-2017-13008\\ CVE-2017-13009\\ CVE-2017-13010\\ CVE-2017-13012\\ CVE-2017-13013\\ CVE-2017-13014\\ CVE-2017-13015\\ CVE-2017-11543\\ CVE-2017-13016\\ CVE-2017-13017\\ CVE-2017-13018\\ CVE-2017-13019\\ CVE-2017-13020\\ CVE-2017-13021\\ CVE-2017-13022\\ CVE-2017-13023\\ CVE-2017-13024\\ CVE-2017-13025\\ CVE-2017-13026\\ CVE-2017-13027\\ CVE-2017-13028\\ CVE-2017-13029\\ CVE-2017-13030\\ CVE-2017-13031\\ CVE-2017-13032\\ CVE-2017-13033\\ CVE-2017-13034\\ CVE-2017-13035\\ CVE-2017-13036\\ CVE-2017-13037\\ CVE-2017-13038\\ CVE-2017-13039\\ CVE-2017-13040\\ CVE-2017-13041\\ CVE-2017-13042\\ CVE-2017-13043\\ CVE-2017-13044\\ CVE-2017-13045\\ CVE-2017-13046\\ CVE-2017-13047\\ CVE-2017-13048\\ CVE-2017-13049\\ CVE-2017-13050\\ CVE-2017-13051\\ CVE-2017-13052\\ CVE-2017-13053\\ CVE-2017-13054\\ CVE-2017-13055\\ CVE-2017-13687\\ CVE-2017-13688\\ CVE-2017-13689\\ CVE-2017-13690\\ CVE-2017-13725|1.04|1.04| 
 +|Linux Kernel|[vs] KVM denial of service|2017-09-08 ​11:​21:​00|2017-09-15 16:​36:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​09/​15/​4|2017-09-15 16:​36:​00|CVE-2017-1000252|7.22|7.22| 
 +|apache|vs] OPTIONSbleed bug in apache httpd|2017-09-11 10:​17:​00|2017-09-18 13:​18:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​09/​18/​2|2017-09-18 13:​18:​00|CVE-2017-9798|7.13|7.13| 
 +|Linux Kernel|[vs] Qualys Security Advisory (CVE-2017-1000253)|2017-09-20 09:​28:​00|2017-09-26 15:​08:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​09/​26/​16|2017-09-26 15:​08:​00|CVE-2017-1000253|6.24|6.24| 
 +|Linux Kernel|[vs-plain] Bluetooth RCE in Linux Kernel - follow up|2017-09-24 19:​20:​00|2017-09-27 17:​39:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​09/​27/​10|2017-09-27 17:​39:​00|CVE-2017-1000251|2.93|2.93| 
 +|DNSMasq|[vs] DNSMasq Security vulnerabilities,​ public release October 2nd|2017-09-25 20:​59:​00|2017-10-02 13:​22:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​10/​02/​5|2017-10-02 15:​47:​00|CVE-2017-14491\\ CVE-2017-14492\\ CVE-2017-14493\\ CVE-2017-14494\\ CVE-2017-14495\\ CVE-2017-14496|6.68|6.78| 
 +|Curl|[vs-plain] curl: FTP PWD response parser out of bounds read|2017-09-25 08:​26:​00|2017-10-04 06:​06:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​10/​04/​1|2017-10-04 06:​06:​00|CVE-2017-1000254|8.90|8.90| 
 +|Linux Kernel|[vs] CVE Request for powerpc kernel bug|2017-10-03 00:​49:​00|2017-10-09|http://​www.openwall.com/​lists/​oss-security/​2017/​10/​10/​3|2017-10-10 04:​00:​00|CVE-2017-1000255|5.97|7.13| 
 +|wpa_supplicant|[vs] VU#228519 and wpa_supplicant/​hostapd|2017-10-10 08:​08:​00|2017-10-16 09:​08:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​10/​16/​2|2017-10-16 09:​08:​00|CVE-2017-13077\\ CVE-2017-13078\\ CVE-2017-13079\\ CVE-2017-13080\\ CVE-2017-13081\\ CVE-2017-13082\\ CVE-2017-13084\\ CVE-2017-13086\\ CVE-2017-13087\\ CVE-2017-13088|6.04|6.04| 
 +|Linux Kernel|[vs-plain] CVE-2017-5123 Linux kernel waitid() not calling access_ok()|2017-10-09 19:​06:​00|2017-10-12 19:​16:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​10/​12/​18|2017-10-12 20:​02:​00|CVE-2017-5123|3.01|3.04| 
 +|Curl|[vs-plain] curl: IMAP FETCH response out of bounds read|2017-10-17 11:​54:​00|2017-10-23 06:​07:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​10/​23/​1|2017-10-23 06:​07:​00|CVE-2017-1000257|5.76|5.76| 
 +|Wget|[vs] [FICORA #1010111] Vulnerability report|2017-10-23 14:​50:​00|2017-10-27 08:​21:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​10/​27/​1|2017-10-27 08:​21:​00|CVE-2017-13089\\ CVE-2017-13090|3.73|3.73| 
 +|PowerDNS|[vs] PowerDNS prenotification|2017-11-20 14:​01:​00|2017-11-27 16:​32:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​11/​27/​1|2017-11-27 16:​32:​00|CVE-2017-15090\\ CVE-2017-15091\\ CVE-2017-15092\\ CVE-2017-15093\\ CVE-2017-15094|7.10|7.10| 
 +|Curl|[vs-plain] (2/2) curl: FTP wildcard out of bounds read|2017-11-21 08:​16:​00|2017-11-29 09:​34:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​11/​29/​3|2017-11-29 09:​34:​00|CVE-2017-8817|8.05|8.05| 
 +|Curl|[vs-plain] curl: NTLM buffer overflow via integer overflow|2017-11-21 08:​15:​00|2017-11-29 09:​34:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​11/​29/​2|2017-11-29 09:​34:​00|CVE-2017-8816 |8.05|8.05| 
 +|Linux Kernel|[vs-plain] Security Bug - transparent huge pages dirty bit|2017-11-22 18:​50:​00|2017-11-30 00:​32:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​11/​30/​1|2017-11-30 00:​32:​00|CVE-2017-1000405|7.24|7.24| 
 +|Curl|[vs-plain] curl: SSL out of buffer access|2017-11-24 09:​19:​00|2017-11-29 09:​34:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​11/​29/​4|2017-11-29 09:​34:​00|CVE-2017-8818|5.01|5.01| 
 +|OpenStack|[vs-plain] [pre-OSSA] Vulnerability in OpenStack Nova (CVE-2017-17051)|2017-11-30 12:​35:​00|2017-12-05 16:​50:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​12/​05/​5|2017-12-05 16:​50:​00|CVE-2017-17051|5.18|5.18| 
 +|Linux Kernel|[vs-plain] Info Leak in the Linux Kernel via Bluetooth|2017-11-30 09:​44:​00|2017-12-06 16:​23:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​12/​06/​3|2017-12-06 16:​23:​00||6.28|6.28| 
 +|Linux Kernel|[vs-plain] Security bug in DCCP socket|2017-12-01 11:​08:​00|2017-12-04 20:​27:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​12/​05/​1|2017-12-05 00:​11:​00|CVE-2017-8824|3.39|3.54| 
 +|PowerDNS|[vs] PowerDNS prenotification|2017-12-04 14:​43:​00|2017-12-11 12:​34:​31|http://​www.openwall.com/​lists/​oss-security/​2017/​12/​11/​1|2017-12-11 12:​34:​31|CVE-2017-15120|6.91|6.91| 
 +|glibc|[vs] Qualys Security Advisory|2017-12-05 14:​59:​00|2017-12-11 19:​14:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​12/​11/​4|2017-12-11 19:​14:​00|CVE-2017-1000408\\ CVE-2017-1000409|6.18|6.18| 
 +|iscsi-initiator-utils|[vs] Bug report|2017-12-11 16:​21:​00|2017-12-13 19:​21:​00|http://​www.openwall.com/​lists/​oss-security/​2017/​12/​13/​2|2017-12-13 19:​21:​00||2.13|2.13| 
 +|glibc|[vs] GNU libc issue (--throw-keyids)|2017-12-31 13:46:00|2018-01-11 21:​34:​44|http://​www.openwall.com/​lists/​oss-security/​2018/​01/​11/​5|2018-01-11 21:​34:​44|CVE-2018-1000001|11.33|11.33| 
 +|dovecot|[vs] CVE-2017-15132:​ dovecot: auth client leaks memory if SASL authentication is aborted.|2018-01-11 10:​51:​00|2018-01-25 09:​35:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​01/​25/​4|2018-01-25 09:​35:​00|CVE-2017-15132|13.95|13.95| 
 +|Linux Kernel|[vs-plain] sound driver Conditional competition|2018-01-12 01:​19:​00|2018-01-16 14:​21:​19|http://​www.openwall.com/​lists/​oss-security/​2018/​01/​16/​1|2018-01-16 14:​21:​19||4.54|4.54| 
 +|PowerDNS,​knots|[vs] bug in DNS resolvers - DNSSEC validation|2018-01-15 15:​29:​00|2018-01-22 00:​00:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​02/​09/​1|2018-02-09 00:​43:​00|CVE-2018-1000002\\ CVE-2018-1000003|6.35|24.38| 
 +|Bind|Packager Notification for CVE-2017-3145 [vs]|2018-01-15 20:​58:​00|2018-01-16 14:​25:​46|http://​www.openwall.com/​lists/​oss-security/​2018/​01/​16/​7|2018-01-16 14:​25:​46|CVE-2017-3145|0.73|0.73| 
 +|DHCP|[vs-plain] CVE-2017-3144:​ ISC DHCP can leak socket descriptors|2018-01-15 21:​12:​00|2018-01-16 15:​38:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​01/​16/​6|2018-01-16 15:​38:​00|CVE-2017-3144|0.77|0.77| 
 +|curl|[vs-plain] : curl: HTTP/2 trailer out-of-bounds read|2018-01-17 09:​36:​00|2018-01-24 07:​11:​30|http://​www.openwall.com/​lists/​oss-security/​2018/​01/​24/​3|2018-01-24 07:​11:​30|CVE-2018-1000005|6.90|6.90| 
 +|InfoZip Unzip|[vs] SEC Consult SA-201801DD-0 :: Multiple vulnerabilities in InfoZip UnZip|2018-01-17 20:​54:​00|2018-02-07 11:​45:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​02/​08/​1|2018-02-08 07:​19:​20|CVE-2018-1000035\\ CVE-2018-1000031\\ CVE-2018-1000032\\ CVE-2018-1000033\\ CVE-2018-1000034|20.62|21.43| 
 +|curl|[vs-plain] curl: HTTP authentication leak in redirects|2018-01-19 22:​06:​00|2018-01-24 07:​11:​37|http://​www.openwall.com/​lists/​oss-security/​2018/​01/​24/​4|2018-01-24 07:​11:​37|CVE-2018-1000007|4.38|4.38| 
 +|quagga|[vs] Quagga security issues|2018-02-10 11:​16:​00|2018-02-15 23:​07:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​02/​15/​4|2018-02-15 23:​07:​00|CVE-2018-5378\\ CVE-2018-5379\\ CVE-2018-5380\\ CVE-2018-5381|5.49|5.49| 
 +|dovecot|[vs] Dovecot Security Advisory: CVE-2017-14461 rfc822_parse_domain Information Leak Vulnerability|2018-02-26 12:04:00|2018-03-01 06:​51:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​03/​01/​2|2018-03-01 06:​51:​00|CVE-2017-14461|2.78|2.78| 
 +|dovecot|[vs] Dovecot Security Advisory: CVE-2017-15130 TLS SNI config lookups are inefficient and can be used for DoS|2018-02-26 12:​03:​00|2018-03-01 06:​51:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​03/​01/​3|2018-03-01 06:​51:​00|CVE-2017-15130|2.78|2.78| 
 +|DHCP,​Bind|Multiple vulnerabilities in ISC products (ISC DHCP and BIND) will be disclosed 28 February 2018 [vs]|2018-02-27 22:​38:​00|2018-02-28 20:​29:​55|http://​www.openwall.com/​lists/​oss-security/​2018/​02/​28/​1|2018-02-28 20:​29:​55|CVE-2018-5734\\ CVE-2018-5732\\ CVE-2018-5733|0.91|0.91| 
 +|389-ds|[vs] Remote DoS flaw in 389-ds-base|2018-03-02 10:​48:​00|2018-03-06 03:​56:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​03/​06/​2|2018-03-06 03:​56:​00|CVE-2018-1054|3.71|3.71| 
 +|curl|[vs-plain] : curl LDAP NULL pointer dereference|2018-03-07 08:​25:​00|2018-03-14 06:​55:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​03/​14/​2|2018-03-14 06:​55:​00|CVE-2018-1000121|6.94|6.94| 
 +|curl|Re: [vs-plain] curl: FTP path trickery leads to NIL byte out of bounds write|2018-03-07 22:​06:​00|2018-03-14 06:​55:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​03/​14/​1|2018-03-14 06:​55:​00|CVE-2018-1000120|6.37|6.37| 
 +|Linux Kernel|[vs-plain] CVE-2018-1068:​ kernel: netfilter: ebtables: CONFIG_COMPAT:​ don't trust userland offsets|2018-03-13 12:​38:​00|2018-03-16 09:​30:​50|http://​www.openwall.com/​lists/​oss-security/​2018/​03/​16/​1|2018-03-16 09:​30:​50|CVE-2018-1068|2.87|2.87| 
 +|pcs|[vs-plain] pcs: EMBARGOED CVE-2018-1079 and CVE-2018-1086|2018-03-26 09:12:00|2018-04-09 00:​00:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​04/​09/​2|2018-04-09 11:​28:​00|CVE-2018-1079\\ CVE-2018-1086|13.62|14.09| 
 +|nghttp2|[vs-plain] nghttp2 vulnerability|2018-04-08 14:​14:​00|2018-04-12 15:​20:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​04/​12/​4|2018-04-12 15:​20:​00|CVE-2018-1000168|4.05|4.05| 
 +|PackageKit|[vs] Multiple local root vulnerabilities involving PackageKit|2018-04-09 14:​06:​00|2018-04-23 14:​44:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​04/​23/​3|2018-04-23 14:​44:​00|CVE-2018-1106|14.03|14.03| 
 +|curl|[vs-plain] curl: RTSP RTP buffer over-read|2018-03-08 15:​57:​00|2018-03-14 06:​55:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​03/​14/​3|2018-03-14 06:​55:​00|CVE-2018-1000122|5.62|5.62| 
 +|gluster|[vs] gluster : privilege escalation on gluster server nodes|2018-04-10 13:​23:​00|2018-04-18 12:​24:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​04/​18/​1|2018-04-18 12:​24:​00|CVE-2018-1088|7.96|7.96| 
 +|OpenSSL|[vs-plain] OpenSSL: RSA key generation follows several non constant time code paths|2018-04-11 08:​03:​00|2018-04-16 16:​46:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​04/​16/​3|2018-04-16 16:​46:​00||5.36|5.36| 
 +|Linux Kernel|[vs-plain] [CVE request] Linux ptrace() bug leading to DoS or possibly corruption|2018-04-17 14:​25:​00|2018-05-01 15:​35:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​05/​01/​3|2018-05-01 15:​35:​00|CVE-2018-1000199|14.05|14.05| 
 +|Linux Kernel|[vs-plain] NULL pointer dereference on oom kill of large mlocked process|2018-04-18 01:​09:​00|2018-04-24 22:​48:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​04/​24/​3|2018-04-24 22:​48:​00|CVE-2018-1000200|6.90|6.90| 
 +|Ghostscript|[vs-plain] CVE-2018-10194 Ghostscript 9.18 stack-based buffer overflow|2018-04-18 14:​26:​00|2018-04-19 22:​22:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​04/​19/​5|2018-04-19 22:​22:​00|CVE-2018-10194|1.33|1.33| 
 +|Knot Resolver|[vs] Knot Resolver 2.3.0 security release|2018-04-19 18:​55:​00|2018-04-23 12:​30:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​04/​23/​2|2018-04-23 12:​30:​00|CVE-2018-1110|3.73|3.73| 
 +|quassecore|[vs-plain] quassecore RCE and DDOS|2018-04-22 15:​04:​00|2018-04-24 21:​28:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​04/​27/​1|2018-04-26 22:​39:​42||2.27|4.32| 
 +|Linux Kernel|[vs-plain] [VS] Linux kernel: memory corruption during exception handling leading to DoS|2018-04-24 10:​19:​00|2018-05-08 17:​35:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​05/​08/​5 http://​www.openwall.com/​lists/​oss-security/​2018/​05/​08/​4|2018-05-08 17:​35:​00|CVE-2018-8897\\ CVE-2018-1087|14.30|14.30| 
 +|curl|[vs-plain] curl (1/2): FTP shutdown response buffer overflow|2018-05-07 10:​46:​00|2018-05-16 06:​25:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​05/​16/​1|2018-05-16 06:​25:​00|CVE-2018-1000300|8.82|8.82| 
 +|curl|[vs-plain] curl (2/2): RTSP bad headers buffer over-read|2018-05-07 10:​46:​00|2018-05-16 06:​25:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​05/​16/​2|2018-05-16 06:​25:​00|CVE-2018-1000301|8.82|8.82| 
 +|procps-ng|[vs] Qualys Security Advisory|2018-05-05 01:​10:​00|2018-05-17 17:​17:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​05/​17/​1|2018-05-17 17:​17:​00|CVE-2018-1120\\ CVE-2018-1121\\ CVE-2018-1122\\ CVE-2018-1123\\ CVE-2018-1124\\ CVE-2018-1125\\ CVE-2018-1126|12.67|12.67| 
 +|Bind|[vs-plain] Multiple BIND CVEs for disclosure on 16 May 2018|2018-05-15 22:​25:​00|2018-05-18 22:​08:​27|http://​www.openwall.com/​lists/​oss-security/​2018/​05/​18/​2|2018-05-18 22:​08:​27|CVE-2018-5736\\ CVE-2018-5737|2.99|2.99| 
 +|Prosody|[vs] prosody: insufficient stream header validation|2018-05-28 13:​44:​00|2018-05-31 18:​31:​02|http://​www.openwall.com/​lists/​oss-security/​2018/​05/​31/​2|2018-05-31 18:​31:​02|CVE-2018-10847|3.20|3.20| 
 +|pppd|[vs] Buffer Overflow in pppd EAP-TLS implementation|2018-06-06 15:​10:​00|2018-06-11 18:​57:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​06/​11/​1|2018-06-11 18:​57:​00|CVE-2018-11574|5.16|5.16| 
 +|Linux Kernel|[vs-plain] Linux Kernel infoleak caused by incorrect handling of the SG_IO ioctl.|2018-06-08 10:​21:​00|2018-06-08 19:​38:​27|http://​www.openwall.com/​lists/​oss-security/​2018/​06/​08/​1|2018-06-08 19:​38:​27|CVE-2018-1000204|0.39|0.39| 
 +|Bind|[vs] BIND vulnerability CVE-2018-5738 will be announce 12 June 2018|2018-06-08 21:​22:​00|2018-06-13 00:​07:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​06/​13/​1|2018-06-13 00:​07:​00|CVE-2018-5738|4.11|4.11| 
 +|gluster|[vs] gluster : privilege escalation on gluster server nodes when TLS is enabled|2018-06-12 13:​34:​00|2018-06-20 19:​58:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​06/​20/​1|2018-06-20 19:​58:​00|CVE-2018-10841|8.27|8.27| 
 +|Intel CPU|[vs-plain] CVE-2018-3665|2018-06-13 17:​48:​00|2018-06-15 14:​55:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​06/​15/​5|2018-06-15 14:​55:​00|CVE-2018-3665|1.88|1.88| 
 +|Git-annex|[vs] git-annex vulnerability|2018-06-15 16:​10:​00|2018-06-26 16:​02:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​06/​26/​4|2018-06-26 16:​02:​00|CVE-2018-10857\\ CVE-2018-10859|10.99|10.99| 
 +|curl|[vs-plain] curl: SMTP send heap buffer overflow|2018-07-01 12:​37:​00|2018-07-11 06:​06:​00|https://​www.openwall.com/​lists/​oss-security/​2018/​07/​11/​1|2018-07-11 06:​06:​00|CVE-2018-0500|9.73|9.73| 
 +|qutebrowser|[vs] qutebrowser:​ Remote code execution|2018-07-09 22:​21:​00|2018-07-11 15:​34:​31|https://​www.openwall.com/​lists/​oss-security/​2018/​07/​11/​7|2018-07-11 15:​34:​31|CVE-2018-10895|1.72|1.72| 
 +|kea|[vs] Kea DHCP vulnerability CVE-2018-5739 will be announce 11 July 2018|2018-07-11 01:​36:​00|2018-07-11 23:​00:​00|https://​www.openwall.com/​lists/​oss-security/​2018/​07/​11/​8|2018-07-11 23:​00:​00|CVE-2018-5739|0.89|0.89| 
 +|Network Manager VPNC|[vs-plain] CVE-2018-10900 NetworkManager-vpnc local authenticated root|2018-07-17 06:​58:​00|2018-07-20 11:​38:​00|https://​www.openwall.com/​lists/​oss-security/​2018/​07/​20/​3|2018-07-20 11:​38:​00|CVE-2018-10900|3.19|3.19| 
 +|fuse|[vs] FUSE user_allow_other restriction may be bypassed|2018-07-18 19:​27:​00|2018-07-24 00:​11:​27|https://​www.openwall.com/​lists/​oss-security/​2018/​07/​24/​1|2018-07-24 00:​11:​27|CVE-2018-10906|5.20|5.20| 
 +|OpenStack|[vs-plain] [pre-OSSA] Vulnerability in OpenStack Keystone (CVE-2018-14432)|2018-07-20 16:​32:​00|2018-07-25 18:​00:​39|https://​www.openwall.com/​lists/​oss-security/​2018/​07/​25/​2|2018-07-25 18:​00:​39|CVE-2018-14432|5.06|5.06| 
 +|Linux Kernel|[vs-plain] Remote Linux kernel DoS (fixed in stable)|2018-07-27 18:​51:​00|2018-08-08 15:​44:​00|https://​www.openwall.com/​lists/​oss-security/​2018/​08/​08/​5|2018-08-08 15:​44:​00|CVE 2018-5390|11.87|11.87| 
 +|Knot Resolver|[vs] Knot Resolver 2.4.1 security release + CVE request|2018-08-01 14:​47:​00|2018-08-09 06:​06:​00|https://​www.openwall.com/​lists/​oss-security/​2018/​08/​09/​2|2018-08-09 06:​06:​00|CVE-2018-10920|7.64|7.64| 
 +|Linux Kernel|[vs-plain] CVE-2017-18344:​ Linux kernel: meltdown-like vulnerability in the timer subsystem|2018-08-02 13:​01:​00|2018-08-02 18:​57:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​08/​02/​3|2018-08-02 18:​57:​00|CVE-2017-18344|0.25|0.25| 
 +|brtfs|[vs-plain] btrfsmaintenance:​ CVE-2018-14722|2018-08-07 11:​25:​00|2018-08-14 15:​57:​00|https://​www.openwall.com/​lists/​oss-security/​2018/​08/​14/​7|2018-08-14 15:​57:​00|CVE-2018-14722|7.19|7.19| 
 +|Bind|[vs] BIND vulnerability CVE-2018-5740 will be announced 08 August 2018|2018-08-07 21:​44:​00|2018-08-09 06:​45:​00|https://​www.openwall.com/​lists/​oss-security/​2018/​08/​09/​1|2018-08-09 06:​45:​00|CVE-2018-5740|1.38|1.38| 
 +|cobbler|[vs] CVE-2018-10931 cobbler: CobblerXMLRPCInterface exports all its methods over XMLRPC|2018-08-08 18:​06:​00|2018-08-09 15:​42:​00|https://​www.openwall.com/​lists/​oss-security/​2018/​08/​09/​9|2018-08-09 15:​42:​00|CVE-2018-10931|0.90|0.90| 
 +|Spice|[vs] spice CVE-2018-10873:​ post-auth crash or potential heap corruption when demarshalling|2018-08-10 03:​16:​00|2018-08-16 23:​51:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​08/​17/​1|2018-08-17 00:​51:​00|CVE-2018-10873|6.86|6.90| 
 +|OpenSSH|[vs-plain] OpenSSH Username Enumeration|2018-08-15 14:​48:​00|2018-08-15 16:​05:​00|https://​www.openwall.com/​lists/​oss-security/​2018/​08/​15/​5|2018-08-15 16:​05:​00||0.05|0.05| 
 +|Linux Kernel|[vs-plain] CVE-2018-10902 - double free in midi subsystem.|2018-08-20 09:​07:​00|2018-08-21 12:​29:​00|https://​www.openwall.com/​lists/​oss-security/​2018/​08/​21/​1|2018-08-21 12:​29:​00|CVE-2018-10902|1.14|1.14| 
 +|Ghostscript|[vs-plain] More Ghostscript Issues|2018-08-21 00:​56:​00|2018-08-21 12:​46:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​08/​21/​2|2018-08-21 12:​46:​00||0.49|0.49| 
 +|gluster|[vs] glusterfs : various flaws|2018-08-22 14:​45:​00|2018-09-04 08:​31:​00|https://​www.openwall.com/​lists/​oss-security/​2018/​09/​04/​1|2018-09-04 08:​31:​00|CVE-2018-10904\\ CVE-2018-10907\\ CVE-2018-10911\\ CVE-2018-10913\\ CVE-2018-10914\\ CVE-2018-10923\\ CVE-2018-10924\\ CVE-2018-10926\\ CVE-2018-10927\\ CVE-2018-10928\\ CVE-2018-10929\\ CVE-2018-10930|12.74|12.74| 
 +|OpenSSH|[vs-plain] Another OpenSSH Username Enumeration|2018-08-24 16:10:​00|2018-08-27 16:​27:​00|http://​www.openwall.com/​lists/​oss-security/​2018/​08/​27/​2|2018-08-27 16:​27:​00|CVE-2018-15919|3.01|3.01
 +|curl|[vs-plain] curl: NTLM password overflow via integer overflow|2018-08-27 05:​55:​00|2018-09-05 05:​55:​00|https://​www.openwall.com/​lists/​oss-security/​2018/​09/​05/​1|2018-09-05 05:​55:​00|CVE-2018-14618|9.00|9.00| 
 +|Linux Kernel|[vs] CVE-2018-6554 and CVE-2018-6555|2018-08-29 16:​58:​00|2018-09-04 16:​47:​00|https://​www.openwall.com/​lists/​oss-security/​2018/​09/​04/​2|2018-09-04 16:​47:​00|CVE-2018-6554\\ CVE-2018-6555|5.99|5.99| 
 +|Linux Kernel|[vs] CVE-2018-14633:​ security flaw in iscsi target code|2018-09-10 09:​25:​00|2018-09-24 10:​03:​00|https://​www.openwall.com/​lists/​oss-security/​2018/​09/​24/​2|2018-09-24 10:​03:​00|CVE-2018-14633|14.03|14.03| 
 +|Linux Kernel|[vs] CVE-2018-14641:​ Linux kernel: a security flaw in the ip_frag_reasm()|2018-09-17 10:​21:​00|2018-09-18 10:02:00|https://​www.openwall.com/​lists/​oss-security/​2018/​09/​18/​1|2018-09-18 ​10:​02:​00|CVE-2018-14641|0.99|0.99| 
 +|Linux Kernel|[vs-plain] potential local priviledge escalation bug in vmacache code|2018-09-18 13:​29:​00|2018-09-18 14:​54:​00|https://​www.openwall.com/​lists/​oss-security/​2018/​09/​18/​4|2018-09-18 14:54:00||0.06|0.06| 
 +|Linux Kernel|[vs-plain] Integer overflow in Linux'​s create_elf_tables() (CVE-2018-14634)|2018-09-18 15:​58:​00|2018-09-25 17:​07:​00|https://​www.openwall.com/​lists/​oss-security/​2018/​09/​25/​4|2018-09-25 17:​07:​00|CVE-2018-14634|7.05|7.05| 
 +|libssh|[vs] libssh security issue CVE-2018-10933|2018-10-08 08:​41:​00|2018-10-16 12:​21:​00|https://​www.openwall.com/​lists/​oss-security/​2018/​10/​16/​1|2018-10-16 12:​21:​00|CVE-2018-10933|8.15|8.15| 
 +|glib|[vs] GLib variant binary form and D-Bus message parsing problems|2018-10-11 02:​09:​00|2018-10-23 03:​46:​00|https://​www.openwall.com/​lists/​oss-security/​2018/​10/​23/​5|2018-10-23 03:​46:​00||12.07|12.07| 
 +|Linux Kernel|[vs-plain] 4.19.0-rc3 global-out-of-bounds read in btusb_work|2018-10-16 11:​51:​00|2018-10-31 14:​11:​00|https://​www.openwall.com/​lists/​oss-security/​2018/​10/​31/​6|2018-10-31 14:​11:​00||15.10|15.10| 
 +|gcc|[vs-plain] GCC Compiler Induced Vulnerability|2018-10-21 02:​34:​00|2018-10-22 15:​07:​00|https://​www.openwall.com/​lists/​oss-security/​2018/​10/​22/​3|2018-10-22 15:​07:​00||1.52|1.52| 
 +|glusterfs|[vs] glusterfs: multiple flaws|2018-10-23 07:​48:​00|2018-10-31 12:​50:​00|https://​www.openwall.com/​lists/​oss-security/​2018/​10/​31/​5|2018-10-31 12:​50:​00|CVE-2018-14651\\ CVE-2018-14652\\ CVE-2018-14653\\ CVE-2018-14654\\ CVE-2018-14659\\ CVE-2018-14660\\ CVE-2018-14661|8.21|8.21| 
 +|curl|[vs-plain] curl - two pending security advisories|2018-10-22 08:​26:​00|2018-10-31 06:​55:​00|https://​www.openwall.com/​lists/​oss-security/​2018/​10/​31/​1|2018-10-31 06:​55:​00|CVE-2018-16839\\ CVE-2018-16840|8.94|8.94| 
 +|Intel CPU|[vs-plain] new side-channel vulnerability on SMT/​Hyper-Threading architectures|2018-10-26 12:​59:​00|2018-11-01 22:​12:​00|https://​www.openwall.com/​lists/​oss-security/​2018/​11/​01/​4|2018-11-01 22:​12:​00|CVE-2018-5407|6.38|6.38| 
 +|PowerDNS|[vs] PowerDNS prenotification|2018-11-01 14:​10:​00|2018-11-06 22:​28:​00|https://​www.openwall.com/​lists/​oss-security/​2018/​11/​06/​8|2018-11-06 22:​28:​00|CVE-2018-10851\\ CVE-2018-14626\\ CVE-2018-14644|5.35|5.35| 
 +|PowerDNS|[vs] PowerDNS prenotification|2018-11-18 00:​00:​00|2018-11-26 16:​14:​00|https://​www.openwall.com/​lists/​oss-security/​2018/​11/​26/​2|2018-11-26 16:​14:​00|CVE-2019-3806|8.68|8.68| 
 +|Linux Kernel|[vs-plain] Kernel heap overflow in bpf leading to LPE (exploit provided)|2018-11-22 13:​45:​00|2018-11-23 17:​22:​00|https://​www.openwall.com/​lists/​oss-security/​2018/​11/​23/​6|2018-11-23 17:​22:​00||1.15|1.15| 
 +|Linux Kernel|[vs-plain] UAF write in usb_audio_probe|2018-12-03 14:​45:​00|2018-12-03 16:​45:​00|https://​www.openwall.com/​lists/​oss-security/​2018/​12/​03/​1|2018-12-03 16:​45:​00|CVE-2018-19824|0.08|0.08| 
 +|Go|[vs-plain] Go security release next week, requesting 3 CVE IDs|2018-12-08 11:​56:​00|2018-12-14 18:​06:​00|https://​www.openwall.com/​lists/​oss-security/​2018/​12/​14/​9|2018-12-14 18:​06:​00|CVE-2018-16873\\ CVE-2018-16874\\ CVE-2018-16875|6.26|6.26| 
 +|Systemd|[vs] Qualys Security Advisory|2018-12-26 20:​40:​00|2019-01-09 19:​02:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​01/​09/​3|2019-01-09 19:​02:​00|CVE-2018-16864\\ CVE-2018-16865\\ CVE-2018-16866|13.93|13.93| 
 +|Linux Kernel|[vs-plain] two information leak vulnerabilities in kernel bluetooth stack|2019-01-01 09:​27:​00|2019-01-11 14:​06:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​01/​11/​2|2019-01-11 14:​06:​00|CVE-2019-3459\\ CVE-2019-3460|10.19|10.19| 
 +|PowerDNS|[vs] PowerDNS prenotification|2019-01-14 15:​21:​00|2019-01-21 14:​23:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​01/​21/​7|2019-01-21 14:​23:​00|CVE-2019-3806|6.96|6.96| 
 +|Spice|[vs] CVE-2019-3813:​ spice|2019-01-21 20:​50:​00|2019-01-28 19:​53:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​01/​28/​2|2019-01-28 19:​53:​00|CVE-2019-3813|6.96|6.96| 
 +|Linux Kernel|[vs] CVE-2018-16880 Linux kernel: oob-write in drivers/​vhost/​net.c:​get_rx_bufs()|2019-01-22 12:​33:​00|2019-01-25 15:​46:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​01/​25/​1|2019-01-25 15:​46:​00|CVE-2018-16880|3.13|3.13| 
 +|dovecot|[vs] Important vulnerability in Dovecot (CVE-2019-3814)|2019-01-24 10:​51:​00|2019-02-05 13:​02:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​02/​05/​1|2019-02-05 13:​02:​00|CVE-2019-3814|12.09|12.09| 
 +|curl|[vs-plain] curl: NTLM type-2 out-of-bounds buffer read (1/​3)|2019-01-28 13:​24:​00|2019-02-06 07:​12:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​02/​06/​1|2019-02-06 07:​12:​00|CVE-2018-16890|8.74|8.74| 
 +|curl|[vs-plain] curl: NTLMv2 type-3 header stack buffer overflow (2/​3)|2019-01-28 13:​24:​00|2019-02-06 07:​12:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​02/​06/​2|2019-02-06 07:​12:​00|CVE-2019-3822|8.74|8.74| 
 +|curl|[vs-plain] curl: SMTP end-of-response out-of-bounds read (3/​3)|2019-01-28 13:​24:​00|2019-02-06 07:​12:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​02/​06/​3|2019-02-06 07:​12:​00|CVE-2019-3823|8.74|8.74| 
 +|runc|[EMBARGOED][vs] CVE-2019-5736:​ runc container breakout notification|2019-02-04 03:​25:​00|2019-02-11 13:​05:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​02/​11/​2|2019-02-11 13:​05:​00|CVE-2019-5736|7.40|7.40| 
 +|Systemd|[vs] systemd (PID1) crash with specially crafted D-Bus message|2019-02-13 18:​32:​00|2019-02-18 16:​48:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​02/​18/​3|2019-02-18 16:​48:​00|CVE-2019-6454|4.93|4.93| 
 +|Bind|[vs] Three BIND vulnerabilities (CVE-2018-5744,​ CVE-2018-5745,​ and CVE-2019-6465) will be announced 21 February 2019|2019-02-20 01:​03:​00|2019-02-22 02:​59:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​02/​22/​1|2019-02-22 02:​59:​00|CVE-2018-5744\\ CVE-2018-5745\\ CVE-2019-6465|2.08|2.08| 
 +|libssh|[vs-plain] libssh2: *nine* security fixes coming (take 2)|2019-03-08 06:​01:​00|2019-03-18 21:​42:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​03/​18/​3|2019-03-18 21:​42:​00|CVE-2019-3855\\ CVE-2019-3856\\ CVE-2019-3857\\ CVE-2019-3858\\ CVE-2019-3859\\ CVE-2019-3860\\ CVE-2019-3861\\ CVE-2019-3862\\ CVE-2019-3863|10.65|10.65| 
 +|Linux Kernel|[vs-plain] Stack/Heap Clashing on Linux >=4.13 when loader directly invoked|2019-03-05 17:​35:​00|2019-03-13 01:​30:​06|https://​www.openwall.com/​lists/​oss-security/​2019/​03/​13/​1|2019-03-13 01:​30:​06||7.33|7.33| 
 +|libseccomp|[vs] linux-distros disclosure|2019-03-11 21:​12:​00|2019-03-14 23:​48:​22|https://​www.openwall.com/​lists/​oss-security/​2019/​03/​15/​1|2019-03-14 23:48:22||3.11|3.11| 
 +|Ghostscript|[vs] ghostscript:​ 2 -dSAFER bypass: CVE-2019-3835 & CVE-2019-3838|2019-03-13 20:​32:​00|2019-03-21 15:​31:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​03/​21/​1|2019-03-21 15:​31:​00|CVE-2019-3835\\ CVE-2019-3838|7.79|7.79| 
 +|dovecot|[vs] Important vulnerability in Dovecot (CVE-2019-7524)|2019-03-21 15:​29:​00|2019-03-28 11:​42:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​03/​28/​1|2019-03-28 11:​42:​00|CVE-2019-7524|6.84|6.84| 
 +|apache|Re: [vs-plain] Apache HTTP Server 2.4.39 is important upgrade for distros due to CVE-2019-0211|2019-04-02 07:​11:​00|2019-04-02 01:​31:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​04/​02/​3|2019-04-02 01:​31:​00|CVE-2019-0211|-0.24|-0.24| 
 +|wpa_supplicant|[vs] VU#871675 and wpa_supplicant/​hostapd|2019-04-03 16:​04:​00|2019-04-10 15:​13:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​04/​10/​2|2019-04-10 15:​13:​00|CVE-2019-9494|6.96|6.96| 
 +|dovecot|[vs] Important security bug in Dovecot|2019-04-15 06:​38:​00|2019-04-18 09:​05:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​04/​18/​3|2019-04-18 09:​05:​00|CVE-2019-10691|3.10|3.10| 
 +|pacemaker|[vs-plain] pacemaker|2019-04-03 05:​01:​00|2019-04-17 09:​40:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​04/​17/​1|2019-04-17 09:​40:​00|CVE-2019-3885|14.19|14.19| 
 +|Bind|[vs-plain] Three BIND vulnerabilities (CVE-2018-5743,​ CVE-2019-6467,​ and CVE-2019-6468) will be announced 24 April 2019|2019-04-24 01:​32:​00|2019-04-25 06:​55:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​04/​25/​1|2019-04-25 06:​55:​00|CVE-2018-5743\\ CVE-2018-6467\\ CVE-2019-6468|1.22|1.22| 
 +|dovecot|[vs] Important security bugs in Dovecot|2019-04-29 06:​11:​00|2019-04-30 13:​35:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​04/​30/​6|2019-04-30 13:​35:​00|CVE-2019-11494\\ CVE-2019-11499|1.31|1.31| 
 +|curl|[vs-plain] curl: Integer overflows in curl_url_set (1/​2)|2019-05-15 06:​07:​00|2019-05-22 07:​24:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​05/​22/​2|2019-05-22 07:​24:​00|CVE-2019-5435|7.05|7.05| 
 +|curl|[vs-plain] curl: TFTP receive buffer overflow (2/​2)|2019-05-15 06:​07:​00|2019-05-22 07:​24:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​05/​22/​3|2019-05-22 07:​24:​00|CVE-2019-5436|7.05|7.05| 
 +|marwell wifi driver|[vs-plain] Bug report and CVE request : Heap Overflow in mwifiex_update_bss_desc_with_ie function of Marvell Wifi Driver in Linux kernel|2019-05-21 08:​39:​00|2019-05-29 12:​52:​18|https://​www.openwall.com/​lists/​oss-security/​2019/​05/​30/​2|2019-05-30 10:​58:​59|CVE-2019-3846|8.18|9.10| 
 +|marwell wifi driver|[vs-plain] CVE request : Heap Overflow in mwifiex_uap_parse_tail_ies function of Marvell Wifi Driver in Linux kernel|2019-05-30 11:​23:​00|2019-06-01 10:​07:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​06/​01/​1|2019-06-01 10:​07:​00|CVE-2019-10126|1.95|1.95| 
 +|Exim|[vs-plain] Qualys Security Advisory|2019-05-28 10:​20:​00|2019-06-05 17:​28:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​06/​04/​1|2019-06-05 17:​28:​00|CVE-2019-10149|8.30|8.30| 
 +|dbus|[vs] CVE-2019-12749:​ DBusServer DBUS_COOKIE_SHA1 authentication bypass|2019-06-09 13:​37:​00|2019-06-11 15:​09:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​06/​11/​2|2019-06-11 15:​09:​00|CVE-2019-12749|2.06|2.06| 
 +|Mozilla Thunderbird|[vs] Thunderbird Vulnerabilities|2019-06-06 17:​11:​00|2019-06-13 20:​27:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​06/​13/​1 https://​www.openwall.com/​lists/​oss-security/​2019/​06/​13/​2 https://​www.openwall.com/​lists/​oss-security/​2019/​06/​13/​3 https://​www.openwall.com/​lists/​oss-security/​2019/​06/​13/​4|2019-06-13 20:​27:​00|CVE-2019-11703\\ CVE-2019-11704\\ CVE-2019-11705\\ CVE-2019-11706|7.14|7.14| 
 +|Kernel Networking Stack (Multiple Kernels)|[vs] Kernel: Multiple remote denial of service issues|2019-06-07 01:​06:​00|2019-06-17 17:​33:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​06/​17/​5|2019-06-17 17:​33:​00|CVE-2019-11477\\ CVE-2019-11478\\ ​ CVE-2019-11479|10.69|10.69| 
 +|PowerDNS|[vs] PowerDNS prenotification|2019-06-18 14:​08:​00|2019-06-21 11:​19:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​06/​21/​5|2019-06-21 11:​19:​00|CVE-2019-10162\\ CVE-2019-10163|2.88|2.88| 
 +|Bind|[vs-plain] BIND vulnerability CVE-2019-6471 will be announced tomorrow (Wednesday, 19 June 2019)|2019-06-18 21:​05:​00|2019-06-20 01:​13:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​06/​20/​1|2019-06-20 01:​13:​00|CVE-2019-6471|1.17|1.17| 
 +|Linux Kernel|[vs-plain] Linux kernel for powerpc mm bug|2019-06-13 16:​41:​00|2019-06-24 14:​44:​00|https://​www.openwall.com/​lists/​oss-security/​2019/​06/​24/​5|2019-06-24 14:​44:​00|CVE-2019-12817|10.92|10.92|
mailing-lists/distros/stats.txt · Last modified: 2019/07/26 03:27 by kristianf
 
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 3.0 Unported
Recent changes RSS feed Donate to DokuWiki Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki Powered by OpenVZ Powered by Openwall GNU/*/Linux