This shows you the differences between two versions of the page.
|
mailing-lists:distros:stats [2019/07/26 12:27] kristianf |
mailing-lists:distros:stats [2024/02/06 22:41] (current) solar add 2024 |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== Report statistics for distros ML ====== | + | ====== (linux-)distros list usage statistics by year ====== |
| - | These statistics are updated as of 2019-06-30 23:59 (UTC) | + | |
| - | ===== Statistics by month ===== | + | * Stats for [[mailing-lists/distros/stats/2024|2024]] |
| - | Statistics are grouped by month of the issue being reported to the distros list | + | * Stats for [[mailing-lists/distros/stats/2023|2023]] |
| - | ^Date^All^2017-06^2017-07^2017-08^2017-09^2017-10^2017-11^2017-12^2018-01^2018-02^2018-03^2018-04^2018-05^2018-06^2018-07^2018-08^2018-09^2018-10^2018-11^2018-12^2019-01^2019-02^2019-03^2019-04^2019-05^2019-06^ | + | * Stats for [[mailing-lists/distros/stats/2022|2022]] (incomplete, unreliable) |
| - | |Number of reports|144|1|3|6|9|5|7|5|8|4|6|10|5|6|7|13|4|7|3|3|8|3|5|5|5|6| | + | * Stats for [[mailing-lists/distros/stats/archive|2017-2019]] |
| - | |Average embargo time (first public)|6.18|10.84|4.69|6.39|5.83|4.90|6.70|5.99|7.28|2.99|6.52|7.40|7.30|5.13|5.38|4.36|5.53|8.62|5.06|6.76|8.20|4.80|7.15|5.36|6.51|5.81| | + | |
| - | |Average embargo time (oss-security)|6.37|14.16|5.03|6.39|5.84|5.14|6.70|6.02|9.64|2.99|6.60|7.60|7.30|5.13|5.38|4.36|5.53|8.62|5.06|6.76|8.20|4.80|7.15|5.36|6.69|5.81| | + | |
| - | ===== Data ===== | + | |
| - | ^Project^Subject^Reported (UTC)^Public (UTC)^oss-security posting^Time of oss-security posting (UTC)^CVE(s)^Days embargoed (first public)^Days embargoed (oss-security)^ | + | |
| - | |Spice|[vs] spice|2017-06-30 03:50:00|2017-07-11 00:00:00|http://www.openwall.com/lists/oss-security/2017/07/14/1|2017-07-14 07:38:00|CVE-2017-7506 |10.84|14.16| | + | |
| - | |Jenkins|[vs] CVE ID assignment request from the Jenkins project|2017-07-07 13:13:00|2017-07-10 15:00:00|http://www.openwall.com/lists/oss-security/2017/07/11/9|2017-07-11 11:52:00|CVE-2017-1000084\\ CVE-2017-1000085\\ CVE-2017-1000086\\ CVE-2017-1000087\\ CVE-2017-1000088\\ CVE-2017-1000089\\ CVE-2017-1000090\\ CVE-2017-1000091\\ CVE-2017-1000092\\ CVE-2017-1000093\\ CVE-2017-1000094\\ CVE-2017-1000095\\ CVE-2017-1000096|3.07|3.94| | + | |
| - | |Evince|[vs] evince: Command injection vulnerability in CBT handler|2017-07-10 13:57:00|2017-07-13 12:00:00|http://www.openwall.com/lists/oss-security/2017/07/13/5|2017-07-13 15:43:00|CVE-2017-1000083|2.92|3.07| | + | |
| - | |Linux Kernel|[vs-plain] linux kernel: CVE-2017-7533|2017-07-26 12:18:00|2017-08-03 14:00:00|http://www.openwall.com/lists/oss-security/2017/08/03/2|2017-08-03 14:00:00|CVE-2017-7533|8.07|8.07| | + | |
| - | |Curl|[vs-plain] curl: URL globbing out of bounds read (1/3)|2017-08-01 10:02:00|2017-08-09 06:00:00|http://www.openwall.com/lists/oss-security/2017/08/09/1|2017-08-09 06:00:00|CVE-2017-1000101|7.83|7.83| | + | |
| - | |Curl|[vs-plain] curl: TFTP sends more than buffer size (2/3)|2017-08-01 10:02:00|2017-08-09 06:00:00|http://www.openwall.com/lists/oss-security/2017/08/09/2|2017-08-09 06:00:00|CVE-2017-1000100|7.83|7.83| | + | |
| - | |Curl|[vs-plain] curl: FILE buffer read out of bounds|2017-08-01 10:02:00|2017-08-09 06:00:00|http://www.openwall.com/lists/oss-security/2017/08/09/3|2017-08-09 06:00:00|CVE-2017-1000099|7.83|7.83| | + | |
| - | |Linux Kernel|[vs-plain] Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch|2017-08-04 15:59:00|2017-08-10 20:55:00|http://www.openwall.com/lists/oss-security/2017/08/10/5|2017-08-10 20:55:00|CVE-2017-1000112|6.21|6.21| | + | |
| - | |Linux Kernel|[vs-plain] Linux kernel: heap out-of-bounds in AF_PACKET sockets|2017-08-04 16:48:00|2017-08-10 13:25:00|http://www.openwall.com/lists/oss-security/2017/08/10/7|2017-08-10 13:25:00|CVE-2017-1000111|5.86|5.86| | + | |
| - | |GNOME|[vs] CVE-2017-2885 libsoup - stack based buffer overflow with HTTP Chunked Encoding|2017-08-07 17:54:00|2017-08-10 12:41:00|http://www.openwall.com/lists/oss-security/2017/08/10/1|2017-08-10 12:53:00|CVE-2017-2885 |2.78|2.79| | + | |
| - | |file|[vs] file: stack based buffer overflow|2017-09-01 09:30:00|2017-09-05 16:24:00|http://www.openwall.com/lists/oss-security/2017/09/05/3|2017-09-05 16:24:00|CVE-2017-1000249|4.29|4.29| | + | |
| - | |BlueZ|[vs-plain] Info Leak vulnerability in BlueZ|2017-09-05 20:29:00|2017-09-13 21:08:00|http://www.openwall.com/lists/oss-security/2017/09/13/4|2017-09-13 21:08:00|CVE-2017-1000250\\ CVE-2017-1000251|8.03|8.03| | + | |
| - | |tcpdump|[vs-plain] Re: tcpdump 4.9.2 and NixOS|2017-09-06 13:08:00|2017-09-07 14:06:00|http://www.openwall.com/lists/oss-security/2017/09/07/8|2017-09-07 14:06:00|CVE-2017-11543\\ CVE-2017-13011\\ CVE-2017-12989\\ CVE-2017-12990\\ CVE-2017-12995\\ CVE-2017-12997\\ CVE-2017-11541\\ CVE-2017-11542\\ CVE-2017-12893\\ CVE-2017-12894\\ CVE-2017-12895\\ CVE-2017-12896\\ CVE-2017-12898\\ CVE-2017-12897\\ CVE-2017-12899\\ CVE-2017-12900\\ CVE-2017-12901\\ CVE-2017-12902\\ CVE-2017-12985\\ CVE-2017-12986\\ CVE-2017-12987\\ CVE-2017-12988\\ CVE-2017-12991\\ CVE-2017-12992\\ CVE-2017-12993\\ CVE-2017-11542\\ CVE-2017-11541\\ CVE-2017-12994\\ CVE-2017-12996\\ CVE-2017-12998\\ CVE-2017-12999\\ CVE-2017-13000\\ CVE-2017-13001\\ CVE-2017-13002\\ CVE-2017-13003\\ CVE-2017-13004\\ CVE-2017-13005\\ CVE-2017-13006\\ CVE-2017-13007\\ CVE-2017-13008\\ CVE-2017-13009\\ CVE-2017-13010\\ CVE-2017-13012\\ CVE-2017-13013\\ CVE-2017-13014\\ CVE-2017-13015\\ CVE-2017-11543\\ CVE-2017-13016\\ CVE-2017-13017\\ CVE-2017-13018\\ CVE-2017-13019\\ CVE-2017-13020\\ CVE-2017-13021\\ CVE-2017-13022\\ CVE-2017-13023\\ CVE-2017-13024\\ CVE-2017-13025\\ CVE-2017-13026\\ CVE-2017-13027\\ CVE-2017-13028\\ CVE-2017-13029\\ CVE-2017-13030\\ CVE-2017-13031\\ CVE-2017-13032\\ CVE-2017-13033\\ CVE-2017-13034\\ CVE-2017-13035\\ CVE-2017-13036\\ CVE-2017-13037\\ CVE-2017-13038\\ CVE-2017-13039\\ CVE-2017-13040\\ CVE-2017-13041\\ CVE-2017-13042\\ CVE-2017-13043\\ CVE-2017-13044\\ CVE-2017-13045\\ CVE-2017-13046\\ CVE-2017-13047\\ CVE-2017-13048\\ CVE-2017-13049\\ CVE-2017-13050\\ CVE-2017-13051\\ CVE-2017-13052\\ CVE-2017-13053\\ CVE-2017-13054\\ CVE-2017-13055\\ CVE-2017-13687\\ CVE-2017-13688\\ CVE-2017-13689\\ CVE-2017-13690\\ CVE-2017-13725|1.04|1.04| | + | |
| - | |Linux Kernel|[vs] KVM denial of service|2017-09-08 11:21:00|2017-09-15 16:36:00|http://www.openwall.com/lists/oss-security/2017/09/15/4|2017-09-15 16:36:00|CVE-2017-1000252|7.22|7.22| | + | |
| - | |apache|vs] OPTIONSbleed bug in apache httpd|2017-09-11 10:17:00|2017-09-18 13:18:00|http://www.openwall.com/lists/oss-security/2017/09/18/2|2017-09-18 13:18:00|CVE-2017-9798|7.13|7.13| | + | |
| - | |Linux Kernel|[vs] Qualys Security Advisory (CVE-2017-1000253)|2017-09-20 09:28:00|2017-09-26 15:08:00|http://www.openwall.com/lists/oss-security/2017/09/26/16|2017-09-26 15:08:00|CVE-2017-1000253|6.24|6.24| | + | |
| - | |Linux Kernel|[vs-plain] Bluetooth RCE in Linux Kernel - follow up|2017-09-24 19:20:00|2017-09-27 17:39:00|http://www.openwall.com/lists/oss-security/2017/09/27/10|2017-09-27 17:39:00|CVE-2017-1000251|2.93|2.93| | + | |
| - | |DNSMasq|[vs] DNSMasq Security vulnerabilities, public release October 2nd|2017-09-25 20:59:00|2017-10-02 13:22:00|http://www.openwall.com/lists/oss-security/2017/10/02/5|2017-10-02 15:47:00|CVE-2017-14491\\ CVE-2017-14492\\ CVE-2017-14493\\ CVE-2017-14494\\ CVE-2017-14495\\ CVE-2017-14496|6.68|6.78| | + | |
| - | |Curl|[vs-plain] curl: FTP PWD response parser out of bounds read|2017-09-25 08:26:00|2017-10-04 06:06:00|http://www.openwall.com/lists/oss-security/2017/10/04/1|2017-10-04 06:06:00|CVE-2017-1000254|8.90|8.90| | + | |
| - | |Linux Kernel|[vs] CVE Request for powerpc kernel bug|2017-10-03 00:49:00|2017-10-09|http://www.openwall.com/lists/oss-security/2017/10/10/3|2017-10-10 04:00:00|CVE-2017-1000255|5.97|7.13| | + | |
| - | |wpa_supplicant|[vs] VU#228519 and wpa_supplicant/hostapd|2017-10-10 08:08:00|2017-10-16 09:08:00|http://www.openwall.com/lists/oss-security/2017/10/16/2|2017-10-16 09:08:00|CVE-2017-13077\\ CVE-2017-13078\\ CVE-2017-13079\\ CVE-2017-13080\\ CVE-2017-13081\\ CVE-2017-13082\\ CVE-2017-13084\\ CVE-2017-13086\\ CVE-2017-13087\\ CVE-2017-13088|6.04|6.04| | + | |
| - | |Linux Kernel|[vs-plain] CVE-2017-5123 Linux kernel waitid() not calling access_ok()|2017-10-09 19:06:00|2017-10-12 19:16:00|http://www.openwall.com/lists/oss-security/2017/10/12/18|2017-10-12 20:02:00|CVE-2017-5123|3.01|3.04| | + | |
| - | |Curl|[vs-plain] curl: IMAP FETCH response out of bounds read|2017-10-17 11:54:00|2017-10-23 06:07:00|http://www.openwall.com/lists/oss-security/2017/10/23/1|2017-10-23 06:07:00|CVE-2017-1000257|5.76|5.76| | + | |
| - | |Wget|[vs] [FICORA #1010111] Vulnerability report|2017-10-23 14:50:00|2017-10-27 08:21:00|http://www.openwall.com/lists/oss-security/2017/10/27/1|2017-10-27 08:21:00|CVE-2017-13089\\ CVE-2017-13090|3.73|3.73| | + | |
| - | |PowerDNS|[vs] PowerDNS prenotification|2017-11-20 14:01:00|2017-11-27 16:32:00|http://www.openwall.com/lists/oss-security/2017/11/27/1|2017-11-27 16:32:00|CVE-2017-15090\\ CVE-2017-15091\\ CVE-2017-15092\\ CVE-2017-15093\\ CVE-2017-15094|7.10|7.10| | + | |
| - | |Curl|[vs-plain] (2/2) curl: FTP wildcard out of bounds read|2017-11-21 08:16:00|2017-11-29 09:34:00|http://www.openwall.com/lists/oss-security/2017/11/29/3|2017-11-29 09:34:00|CVE-2017-8817|8.05|8.05| | + | |
| - | |Curl|[vs-plain] curl: NTLM buffer overflow via integer overflow|2017-11-21 08:15:00|2017-11-29 09:34:00|http://www.openwall.com/lists/oss-security/2017/11/29/2|2017-11-29 09:34:00|CVE-2017-8816 |8.05|8.05| | + | |
| - | |Linux Kernel|[vs-plain] Security Bug - transparent huge pages dirty bit|2017-11-22 18:50:00|2017-11-30 00:32:00|http://www.openwall.com/lists/oss-security/2017/11/30/1|2017-11-30 00:32:00|CVE-2017-1000405|7.24|7.24| | + | |
| - | |Curl|[vs-plain] curl: SSL out of buffer access|2017-11-24 09:19:00|2017-11-29 09:34:00|http://www.openwall.com/lists/oss-security/2017/11/29/4|2017-11-29 09:34:00|CVE-2017-8818|5.01|5.01| | + | |
| - | |OpenStack|[vs-plain] [pre-OSSA] Vulnerability in OpenStack Nova (CVE-2017-17051)|2017-11-30 12:35:00|2017-12-05 16:50:00|http://www.openwall.com/lists/oss-security/2017/12/05/5|2017-12-05 16:50:00|CVE-2017-17051|5.18|5.18| | + | |
| - | |Linux Kernel|[vs-plain] Info Leak in the Linux Kernel via Bluetooth|2017-11-30 09:44:00|2017-12-06 16:23:00|http://www.openwall.com/lists/oss-security/2017/12/06/3|2017-12-06 16:23:00||6.28|6.28| | + | |
| - | |Linux Kernel|[vs-plain] Security bug in DCCP socket|2017-12-01 11:08:00|2017-12-04 20:27:00|http://www.openwall.com/lists/oss-security/2017/12/05/1|2017-12-05 00:11:00|CVE-2017-8824|3.39|3.54| | + | |
| - | |PowerDNS|[vs] PowerDNS prenotification|2017-12-04 14:43:00|2017-12-11 12:34:31|http://www.openwall.com/lists/oss-security/2017/12/11/1|2017-12-11 12:34:31|CVE-2017-15120|6.91|6.91| | + | |
| - | |glibc|[vs] Qualys Security Advisory|2017-12-05 14:59:00|2017-12-11 19:14:00|http://www.openwall.com/lists/oss-security/2017/12/11/4|2017-12-11 19:14:00|CVE-2017-1000408\\ CVE-2017-1000409|6.18|6.18| | + | |
| - | |iscsi-initiator-utils|[vs] Bug report|2017-12-11 16:21:00|2017-12-13 19:21:00|http://www.openwall.com/lists/oss-security/2017/12/13/2|2017-12-13 19:21:00||2.13|2.13| | + | |
| - | |glibc|[vs] GNU libc issue (--throw-keyids)|2017-12-31 13:46:00|2018-01-11 21:34:44|http://www.openwall.com/lists/oss-security/2018/01/11/5|2018-01-11 21:34:44|CVE-2018-1000001|11.33|11.33| | + | |
| - | |dovecot|[vs] CVE-2017-15132: dovecot: auth client leaks memory if SASL authentication is aborted.|2018-01-11 10:51:00|2018-01-25 09:35:00|http://www.openwall.com/lists/oss-security/2018/01/25/4|2018-01-25 09:35:00|CVE-2017-15132|13.95|13.95| | + | |
| - | |Linux Kernel|[vs-plain] sound driver Conditional competition|2018-01-12 01:19:00|2018-01-16 14:21:19|http://www.openwall.com/lists/oss-security/2018/01/16/1|2018-01-16 14:21:19||4.54|4.54| | + | |
| - | |PowerDNS,knots|[vs] bug in DNS resolvers - DNSSEC validation|2018-01-15 15:29:00|2018-01-22 00:00:00|http://www.openwall.com/lists/oss-security/2018/02/09/1|2018-02-09 00:43:00|CVE-2018-1000002\\ CVE-2018-1000003|6.35|24.38| | + | |
| - | |Bind|Packager Notification for CVE-2017-3145 [vs]|2018-01-15 20:58:00|2018-01-16 14:25:46|http://www.openwall.com/lists/oss-security/2018/01/16/7|2018-01-16 14:25:46|CVE-2017-3145|0.73|0.73| | + | |
| - | |DHCP|[vs-plain] CVE-2017-3144: ISC DHCP can leak socket descriptors|2018-01-15 21:12:00|2018-01-16 15:38:00|http://www.openwall.com/lists/oss-security/2018/01/16/6|2018-01-16 15:38:00|CVE-2017-3144|0.77|0.77| | + | |
| - | |curl|[vs-plain] : curl: HTTP/2 trailer out-of-bounds read|2018-01-17 09:36:00|2018-01-24 07:11:30|http://www.openwall.com/lists/oss-security/2018/01/24/3|2018-01-24 07:11:30|CVE-2018-1000005|6.90|6.90| | + | |
| - | |InfoZip Unzip|[vs] SEC Consult SA-201801DD-0 :: Multiple vulnerabilities in InfoZip UnZip|2018-01-17 20:54:00|2018-02-07 11:45:00|http://www.openwall.com/lists/oss-security/2018/02/08/1|2018-02-08 07:19:20|CVE-2018-1000035\\ CVE-2018-1000031\\ CVE-2018-1000032\\ CVE-2018-1000033\\ CVE-2018-1000034|20.62|21.43| | + | |
| - | |curl|[vs-plain] curl: HTTP authentication leak in redirects|2018-01-19 22:06:00|2018-01-24 07:11:37|http://www.openwall.com/lists/oss-security/2018/01/24/4|2018-01-24 07:11:37|CVE-2018-1000007|4.38|4.38| | + | |
| - | |quagga|[vs] Quagga security issues|2018-02-10 11:16:00|2018-02-15 23:07:00|http://www.openwall.com/lists/oss-security/2018/02/15/4|2018-02-15 23:07:00|CVE-2018-5378\\ CVE-2018-5379\\ CVE-2018-5380\\ CVE-2018-5381|5.49|5.49| | + | |
| - | |dovecot|[vs] Dovecot Security Advisory: CVE-2017-14461 rfc822_parse_domain Information Leak Vulnerability|2018-02-26 12:04:00|2018-03-01 06:51:00|http://www.openwall.com/lists/oss-security/2018/03/01/2|2018-03-01 06:51:00|CVE-2017-14461|2.78|2.78| | + | |
| - | |dovecot|[vs] Dovecot Security Advisory: CVE-2017-15130 TLS SNI config lookups are inefficient and can be used for DoS|2018-02-26 12:03:00|2018-03-01 06:51:00|http://www.openwall.com/lists/oss-security/2018/03/01/3|2018-03-01 06:51:00|CVE-2017-15130|2.78|2.78| | + | |
| - | |DHCP,Bind|Multiple vulnerabilities in ISC products (ISC DHCP and BIND) will be disclosed 28 February 2018 [vs]|2018-02-27 22:38:00|2018-02-28 20:29:55|http://www.openwall.com/lists/oss-security/2018/02/28/1|2018-02-28 20:29:55|CVE-2018-5734\\ CVE-2018-5732\\ CVE-2018-5733|0.91|0.91| | + | |
| - | |389-ds|[vs] Remote DoS flaw in 389-ds-base|2018-03-02 10:48:00|2018-03-06 03:56:00|http://www.openwall.com/lists/oss-security/2018/03/06/2|2018-03-06 03:56:00|CVE-2018-1054|3.71|3.71| | + | |
| - | |curl|[vs-plain] : curl LDAP NULL pointer dereference|2018-03-07 08:25:00|2018-03-14 06:55:00|http://www.openwall.com/lists/oss-security/2018/03/14/2|2018-03-14 06:55:00|CVE-2018-1000121|6.94|6.94| | + | |
| - | |curl|Re: [vs-plain] curl: FTP path trickery leads to NIL byte out of bounds write|2018-03-07 22:06:00|2018-03-14 06:55:00|http://www.openwall.com/lists/oss-security/2018/03/14/1|2018-03-14 06:55:00|CVE-2018-1000120|6.37|6.37| | + | |
| - | |Linux Kernel|[vs-plain] CVE-2018-1068: kernel: netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets|2018-03-13 12:38:00|2018-03-16 09:30:50|http://www.openwall.com/lists/oss-security/2018/03/16/1|2018-03-16 09:30:50|CVE-2018-1068|2.87|2.87| | + | |
| - | |pcs|[vs-plain] pcs: EMBARGOED CVE-2018-1079 and CVE-2018-1086|2018-03-26 09:12:00|2018-04-09 00:00:00|http://www.openwall.com/lists/oss-security/2018/04/09/2|2018-04-09 11:28:00|CVE-2018-1079\\ CVE-2018-1086|13.62|14.09| | + | |
| - | |nghttp2|[vs-plain] nghttp2 vulnerability|2018-04-08 14:14:00|2018-04-12 15:20:00|http://www.openwall.com/lists/oss-security/2018/04/12/4|2018-04-12 15:20:00|CVE-2018-1000168|4.05|4.05| | + | |
| - | |PackageKit|[vs] Multiple local root vulnerabilities involving PackageKit|2018-04-09 14:06:00|2018-04-23 14:44:00|http://www.openwall.com/lists/oss-security/2018/04/23/3|2018-04-23 14:44:00|CVE-2018-1106|14.03|14.03| | + | |
| - | |curl|[vs-plain] curl: RTSP RTP buffer over-read|2018-03-08 15:57:00|2018-03-14 06:55:00|http://www.openwall.com/lists/oss-security/2018/03/14/3|2018-03-14 06:55:00|CVE-2018-1000122|5.62|5.62| | + | |
| - | |gluster|[vs] gluster : privilege escalation on gluster server nodes|2018-04-10 13:23:00|2018-04-18 12:24:00|http://www.openwall.com/lists/oss-security/2018/04/18/1|2018-04-18 12:24:00|CVE-2018-1088|7.96|7.96| | + | |
| - | |OpenSSL|[vs-plain] OpenSSL: RSA key generation follows several non constant time code paths|2018-04-11 08:03:00|2018-04-16 16:46:00|http://www.openwall.com/lists/oss-security/2018/04/16/3|2018-04-16 16:46:00||5.36|5.36| | + | |
| - | |Linux Kernel|[vs-plain] [CVE request] Linux ptrace() bug leading to DoS or possibly corruption|2018-04-17 14:25:00|2018-05-01 15:35:00|http://www.openwall.com/lists/oss-security/2018/05/01/3|2018-05-01 15:35:00|CVE-2018-1000199|14.05|14.05| | + | |
| - | |Linux Kernel|[vs-plain] NULL pointer dereference on oom kill of large mlocked process|2018-04-18 01:09:00|2018-04-24 22:48:00|http://www.openwall.com/lists/oss-security/2018/04/24/3|2018-04-24 22:48:00|CVE-2018-1000200|6.90|6.90| | + | |
| - | |Ghostscript|[vs-plain] CVE-2018-10194 Ghostscript 9.18 stack-based buffer overflow|2018-04-18 14:26:00|2018-04-19 22:22:00|http://www.openwall.com/lists/oss-security/2018/04/19/5|2018-04-19 22:22:00|CVE-2018-10194|1.33|1.33| | + | |
| - | |Knot Resolver|[vs] Knot Resolver 2.3.0 security release|2018-04-19 18:55:00|2018-04-23 12:30:00|http://www.openwall.com/lists/oss-security/2018/04/23/2|2018-04-23 12:30:00|CVE-2018-1110|3.73|3.73| | + | |
| - | |quassecore|[vs-plain] quassecore RCE and DDOS|2018-04-22 15:04:00|2018-04-24 21:28:00|http://www.openwall.com/lists/oss-security/2018/04/27/1|2018-04-26 22:39:42||2.27|4.32| | + | |
| - | |Linux Kernel|[vs-plain] [VS] Linux kernel: memory corruption during exception handling leading to DoS|2018-04-24 10:19:00|2018-05-08 17:35:00|http://www.openwall.com/lists/oss-security/2018/05/08/5 http://www.openwall.com/lists/oss-security/2018/05/08/4|2018-05-08 17:35:00|CVE-2018-8897\\ CVE-2018-1087|14.30|14.30| | + | |
| - | |curl|[vs-plain] curl (1/2): FTP shutdown response buffer overflow|2018-05-07 10:46:00|2018-05-16 06:25:00|http://www.openwall.com/lists/oss-security/2018/05/16/1|2018-05-16 06:25:00|CVE-2018-1000300|8.82|8.82| | + | |
| - | |curl|[vs-plain] curl (2/2): RTSP bad headers buffer over-read|2018-05-07 10:46:00|2018-05-16 06:25:00|http://www.openwall.com/lists/oss-security/2018/05/16/2|2018-05-16 06:25:00|CVE-2018-1000301|8.82|8.82| | + | |
| - | |procps-ng|[vs] Qualys Security Advisory|2018-05-05 01:10:00|2018-05-17 17:17:00|http://www.openwall.com/lists/oss-security/2018/05/17/1|2018-05-17 17:17:00|CVE-2018-1120\\ CVE-2018-1121\\ CVE-2018-1122\\ CVE-2018-1123\\ CVE-2018-1124\\ CVE-2018-1125\\ CVE-2018-1126|12.67|12.67| | + | |
| - | |Bind|[vs-plain] Multiple BIND CVEs for disclosure on 16 May 2018|2018-05-15 22:25:00|2018-05-18 22:08:27|http://www.openwall.com/lists/oss-security/2018/05/18/2|2018-05-18 22:08:27|CVE-2018-5736\\ CVE-2018-5737|2.99|2.99| | + | |
| - | |Prosody|[vs] prosody: insufficient stream header validation|2018-05-28 13:44:00|2018-05-31 18:31:02|http://www.openwall.com/lists/oss-security/2018/05/31/2|2018-05-31 18:31:02|CVE-2018-10847|3.20|3.20| | + | |
| - | |pppd|[vs] Buffer Overflow in pppd EAP-TLS implementation|2018-06-06 15:10:00|2018-06-11 18:57:00|http://www.openwall.com/lists/oss-security/2018/06/11/1|2018-06-11 18:57:00|CVE-2018-11574|5.16|5.16| | + | |
| - | |Linux Kernel|[vs-plain] Linux Kernel infoleak caused by incorrect handling of the SG_IO ioctl.|2018-06-08 10:21:00|2018-06-08 19:38:27|http://www.openwall.com/lists/oss-security/2018/06/08/1|2018-06-08 19:38:27|CVE-2018-1000204|0.39|0.39| | + | |
| - | |Bind|[vs] BIND vulnerability CVE-2018-5738 will be announce 12 June 2018|2018-06-08 21:22:00|2018-06-13 00:07:00|http://www.openwall.com/lists/oss-security/2018/06/13/1|2018-06-13 00:07:00|CVE-2018-5738|4.11|4.11| | + | |
| - | |gluster|[vs] gluster : privilege escalation on gluster server nodes when TLS is enabled|2018-06-12 13:34:00|2018-06-20 19:58:00|http://www.openwall.com/lists/oss-security/2018/06/20/1|2018-06-20 19:58:00|CVE-2018-10841|8.27|8.27| | + | |
| - | |Intel CPU|[vs-plain] CVE-2018-3665|2018-06-13 17:48:00|2018-06-15 14:55:00|http://www.openwall.com/lists/oss-security/2018/06/15/5|2018-06-15 14:55:00|CVE-2018-3665|1.88|1.88| | + | |
| - | |Git-annex|[vs] git-annex vulnerability|2018-06-15 16:10:00|2018-06-26 16:02:00|http://www.openwall.com/lists/oss-security/2018/06/26/4|2018-06-26 16:02:00|CVE-2018-10857\\ CVE-2018-10859|10.99|10.99| | + | |
| - | |curl|[vs-plain] curl: SMTP send heap buffer overflow|2018-07-01 12:37:00|2018-07-11 06:06:00|https://www.openwall.com/lists/oss-security/2018/07/11/1|2018-07-11 06:06:00|CVE-2018-0500|9.73|9.73| | + | |
| - | |qutebrowser|[vs] qutebrowser: Remote code execution|2018-07-09 22:21:00|2018-07-11 15:34:31|https://www.openwall.com/lists/oss-security/2018/07/11/7|2018-07-11 15:34:31|CVE-2018-10895|1.72|1.72| | + | |
| - | |kea|[vs] Kea DHCP vulnerability CVE-2018-5739 will be announce 11 July 2018|2018-07-11 01:36:00|2018-07-11 23:00:00|https://www.openwall.com/lists/oss-security/2018/07/11/8|2018-07-11 23:00:00|CVE-2018-5739|0.89|0.89| | + | |
| - | |Network Manager VPNC|[vs-plain] CVE-2018-10900 NetworkManager-vpnc local authenticated root|2018-07-17 06:58:00|2018-07-20 11:38:00|https://www.openwall.com/lists/oss-security/2018/07/20/3|2018-07-20 11:38:00|CVE-2018-10900|3.19|3.19| | + | |
| - | |fuse|[vs] FUSE user_allow_other restriction may be bypassed|2018-07-18 19:27:00|2018-07-24 00:11:27|https://www.openwall.com/lists/oss-security/2018/07/24/1|2018-07-24 00:11:27|CVE-2018-10906|5.20|5.20| | + | |
| - | |OpenStack|[vs-plain] [pre-OSSA] Vulnerability in OpenStack Keystone (CVE-2018-14432)|2018-07-20 16:32:00|2018-07-25 18:00:39|https://www.openwall.com/lists/oss-security/2018/07/25/2|2018-07-25 18:00:39|CVE-2018-14432|5.06|5.06| | + | |
| - | |Linux Kernel|[vs-plain] Remote Linux kernel DoS (fixed in stable)|2018-07-27 18:51:00|2018-08-08 15:44:00|https://www.openwall.com/lists/oss-security/2018/08/08/5|2018-08-08 15:44:00|CVE 2018-5390|11.87|11.87| | + | |
| - | |Knot Resolver|[vs] Knot Resolver 2.4.1 security release + CVE request|2018-08-01 14:47:00|2018-08-09 06:06:00|https://www.openwall.com/lists/oss-security/2018/08/09/2|2018-08-09 06:06:00|CVE-2018-10920|7.64|7.64| | + | |
| - | |Linux Kernel|[vs-plain] CVE-2017-18344: Linux kernel: meltdown-like vulnerability in the timer subsystem|2018-08-02 13:01:00|2018-08-02 18:57:00|http://www.openwall.com/lists/oss-security/2018/08/02/3|2018-08-02 18:57:00|CVE-2017-18344|0.25|0.25| | + | |
| - | |brtfs|[vs-plain] btrfsmaintenance: CVE-2018-14722|2018-08-07 11:25:00|2018-08-14 15:57:00|https://www.openwall.com/lists/oss-security/2018/08/14/7|2018-08-14 15:57:00|CVE-2018-14722|7.19|7.19| | + | |
| - | |Bind|[vs] BIND vulnerability CVE-2018-5740 will be announced 08 August 2018|2018-08-07 21:44:00|2018-08-09 06:45:00|https://www.openwall.com/lists/oss-security/2018/08/09/1|2018-08-09 06:45:00|CVE-2018-5740|1.38|1.38| | + | |
| - | |cobbler|[vs] CVE-2018-10931 cobbler: CobblerXMLRPCInterface exports all its methods over XMLRPC|2018-08-08 18:06:00|2018-08-09 15:42:00|https://www.openwall.com/lists/oss-security/2018/08/09/9|2018-08-09 15:42:00|CVE-2018-10931|0.90|0.90| | + | |
| - | |Spice|[vs] spice CVE-2018-10873: post-auth crash or potential heap corruption when demarshalling|2018-08-10 03:16:00|2018-08-16 23:51:00|http://www.openwall.com/lists/oss-security/2018/08/17/1|2018-08-17 00:51:00|CVE-2018-10873|6.86|6.90| | + | |
| - | |OpenSSH|[vs-plain] OpenSSH Username Enumeration|2018-08-15 14:48:00|2018-08-15 16:05:00|https://www.openwall.com/lists/oss-security/2018/08/15/5|2018-08-15 16:05:00||0.05|0.05| | + | |
| - | |Linux Kernel|[vs-plain] CVE-2018-10902 - double free in midi subsystem.|2018-08-20 09:07:00|2018-08-21 12:29:00|https://www.openwall.com/lists/oss-security/2018/08/21/1|2018-08-21 12:29:00|CVE-2018-10902|1.14|1.14| | + | |
| - | |Ghostscript|[vs-plain] More Ghostscript Issues|2018-08-21 00:56:00|2018-08-21 12:46:00|http://www.openwall.com/lists/oss-security/2018/08/21/2|2018-08-21 12:46:00||0.49|0.49| | + | |
| - | |gluster|[vs] glusterfs : various flaws|2018-08-22 14:45:00|2018-09-04 08:31:00|https://www.openwall.com/lists/oss-security/2018/09/04/1|2018-09-04 08:31:00|CVE-2018-10904\\ CVE-2018-10907\\ CVE-2018-10911\\ CVE-2018-10913\\ CVE-2018-10914\\ CVE-2018-10923\\ CVE-2018-10924\\ CVE-2018-10926\\ CVE-2018-10927\\ CVE-2018-10928\\ CVE-2018-10929\\ CVE-2018-10930|12.74|12.74| | + | |
| - | |OpenSSH|[vs-plain] Another OpenSSH Username Enumeration|2018-08-24 16:10:00|2018-08-27 16:27:00|http://www.openwall.com/lists/oss-security/2018/08/27/2|2018-08-27 16:27:00|CVE-2018-15919|3.01|3.01| | + | |
| - | |curl|[vs-plain] curl: NTLM password overflow via integer overflow|2018-08-27 05:55:00|2018-09-05 05:55:00|https://www.openwall.com/lists/oss-security/2018/09/05/1|2018-09-05 05:55:00|CVE-2018-14618|9.00|9.00| | + | |
| - | |Linux Kernel|[vs] CVE-2018-6554 and CVE-2018-6555|2018-08-29 16:58:00|2018-09-04 16:47:00|https://www.openwall.com/lists/oss-security/2018/09/04/2|2018-09-04 16:47:00|CVE-2018-6554\\ CVE-2018-6555|5.99|5.99| | + | |
| - | |Linux Kernel|[vs] CVE-2018-14633: security flaw in iscsi target code|2018-09-10 09:25:00|2018-09-24 10:03:00|https://www.openwall.com/lists/oss-security/2018/09/24/2|2018-09-24 10:03:00|CVE-2018-14633|14.03|14.03| | + | |
| - | |Linux Kernel|[vs] CVE-2018-14641: Linux kernel: a security flaw in the ip_frag_reasm()|2018-09-17 10:21:00|2018-09-18 10:02:00|https://www.openwall.com/lists/oss-security/2018/09/18/1|2018-09-18 10:02:00|CVE-2018-14641|0.99|0.99| | + | |
| - | |Linux Kernel|[vs-plain] potential local priviledge escalation bug in vmacache code|2018-09-18 13:29:00|2018-09-18 14:54:00|https://www.openwall.com/lists/oss-security/2018/09/18/4|2018-09-18 14:54:00||0.06|0.06| | + | |
| - | |Linux Kernel|[vs-plain] Integer overflow in Linux's create_elf_tables() (CVE-2018-14634)|2018-09-18 15:58:00|2018-09-25 17:07:00|https://www.openwall.com/lists/oss-security/2018/09/25/4|2018-09-25 17:07:00|CVE-2018-14634|7.05|7.05| | + | |
| - | |libssh|[vs] libssh security issue CVE-2018-10933|2018-10-08 08:41:00|2018-10-16 12:21:00|https://www.openwall.com/lists/oss-security/2018/10/16/1|2018-10-16 12:21:00|CVE-2018-10933|8.15|8.15| | + | |
| - | |glib|[vs] GLib variant binary form and D-Bus message parsing problems|2018-10-11 02:09:00|2018-10-23 03:46:00|https://www.openwall.com/lists/oss-security/2018/10/23/5|2018-10-23 03:46:00||12.07|12.07| | + | |
| - | |Linux Kernel|[vs-plain] 4.19.0-rc3 global-out-of-bounds read in btusb_work|2018-10-16 11:51:00|2018-10-31 14:11:00|https://www.openwall.com/lists/oss-security/2018/10/31/6|2018-10-31 14:11:00||15.10|15.10| | + | |
| - | |gcc|[vs-plain] GCC Compiler Induced Vulnerability|2018-10-21 02:34:00|2018-10-22 15:07:00|https://www.openwall.com/lists/oss-security/2018/10/22/3|2018-10-22 15:07:00||1.52|1.52| | + | |
| - | |glusterfs|[vs] glusterfs: multiple flaws|2018-10-23 07:48:00|2018-10-31 12:50:00|https://www.openwall.com/lists/oss-security/2018/10/31/5|2018-10-31 12:50:00|CVE-2018-14651\\ CVE-2018-14652\\ CVE-2018-14653\\ CVE-2018-14654\\ CVE-2018-14659\\ CVE-2018-14660\\ CVE-2018-14661|8.21|8.21| | + | |
| - | |curl|[vs-plain] curl - two pending security advisories|2018-10-22 08:26:00|2018-10-31 06:55:00|https://www.openwall.com/lists/oss-security/2018/10/31/1|2018-10-31 06:55:00|CVE-2018-16839\\ CVE-2018-16840|8.94|8.94| | + | |
| - | |Intel CPU|[vs-plain] new side-channel vulnerability on SMT/Hyper-Threading architectures|2018-10-26 12:59:00|2018-11-01 22:12:00|https://www.openwall.com/lists/oss-security/2018/11/01/4|2018-11-01 22:12:00|CVE-2018-5407|6.38|6.38| | + | |
| - | |PowerDNS|[vs] PowerDNS prenotification|2018-11-01 14:10:00|2018-11-06 22:28:00|https://www.openwall.com/lists/oss-security/2018/11/06/8|2018-11-06 22:28:00|CVE-2018-10851\\ CVE-2018-14626\\ CVE-2018-14644|5.35|5.35| | + | |
| - | |PowerDNS|[vs] PowerDNS prenotification|2018-11-18 00:00:00|2018-11-26 16:14:00|https://www.openwall.com/lists/oss-security/2018/11/26/2|2018-11-26 16:14:00|CVE-2019-3806|8.68|8.68| | + | |
| - | |Linux Kernel|[vs-plain] Kernel heap overflow in bpf leading to LPE (exploit provided)|2018-11-22 13:45:00|2018-11-23 17:22:00|https://www.openwall.com/lists/oss-security/2018/11/23/6|2018-11-23 17:22:00||1.15|1.15| | + | |
| - | |Linux Kernel|[vs-plain] UAF write in usb_audio_probe|2018-12-03 14:45:00|2018-12-03 16:45:00|https://www.openwall.com/lists/oss-security/2018/12/03/1|2018-12-03 16:45:00|CVE-2018-19824|0.08|0.08| | + | |
| - | |Go|[vs-plain] Go security release next week, requesting 3 CVE IDs|2018-12-08 11:56:00|2018-12-14 18:06:00|https://www.openwall.com/lists/oss-security/2018/12/14/9|2018-12-14 18:06:00|CVE-2018-16873\\ CVE-2018-16874\\ CVE-2018-16875|6.26|6.26| | + | |
| - | |Systemd|[vs] Qualys Security Advisory|2018-12-26 20:40:00|2019-01-09 19:02:00|https://www.openwall.com/lists/oss-security/2019/01/09/3|2019-01-09 19:02:00|CVE-2018-16864\\ CVE-2018-16865\\ CVE-2018-16866|13.93|13.93| | + | |
| - | |Linux Kernel|[vs-plain] two information leak vulnerabilities in kernel bluetooth stack|2019-01-01 09:27:00|2019-01-11 14:06:00|https://www.openwall.com/lists/oss-security/2019/01/11/2|2019-01-11 14:06:00|CVE-2019-3459\\ CVE-2019-3460|10.19|10.19| | + | |
| - | |PowerDNS|[vs] PowerDNS prenotification|2019-01-14 15:21:00|2019-01-21 14:23:00|https://www.openwall.com/lists/oss-security/2019/01/21/7|2019-01-21 14:23:00|CVE-2019-3806|6.96|6.96| | + | |
| - | |Spice|[vs] CVE-2019-3813: spice|2019-01-21 20:50:00|2019-01-28 19:53:00|https://www.openwall.com/lists/oss-security/2019/01/28/2|2019-01-28 19:53:00|CVE-2019-3813|6.96|6.96| | + | |
| - | |Linux Kernel|[vs] CVE-2018-16880 Linux kernel: oob-write in drivers/vhost/net.c:get_rx_bufs()|2019-01-22 12:33:00|2019-01-25 15:46:00|https://www.openwall.com/lists/oss-security/2019/01/25/1|2019-01-25 15:46:00|CVE-2018-16880|3.13|3.13| | + | |
| - | |dovecot|[vs] Important vulnerability in Dovecot (CVE-2019-3814)|2019-01-24 10:51:00|2019-02-05 13:02:00|https://www.openwall.com/lists/oss-security/2019/02/05/1|2019-02-05 13:02:00|CVE-2019-3814|12.09|12.09| | + | |
| - | |curl|[vs-plain] curl: NTLM type-2 out-of-bounds buffer read (1/3)|2019-01-28 13:24:00|2019-02-06 07:12:00|https://www.openwall.com/lists/oss-security/2019/02/06/1|2019-02-06 07:12:00|CVE-2018-16890|8.74|8.74| | + | |
| - | |curl|[vs-plain] curl: NTLMv2 type-3 header stack buffer overflow (2/3)|2019-01-28 13:24:00|2019-02-06 07:12:00|https://www.openwall.com/lists/oss-security/2019/02/06/2|2019-02-06 07:12:00|CVE-2019-3822|8.74|8.74| | + | |
| - | |curl|[vs-plain] curl: SMTP end-of-response out-of-bounds read (3/3)|2019-01-28 13:24:00|2019-02-06 07:12:00|https://www.openwall.com/lists/oss-security/2019/02/06/3|2019-02-06 07:12:00|CVE-2019-3823|8.74|8.74| | + | |
| - | |runc|[EMBARGOED][vs] CVE-2019-5736: runc container breakout notification|2019-02-04 03:25:00|2019-02-11 13:05:00|https://www.openwall.com/lists/oss-security/2019/02/11/2|2019-02-11 13:05:00|CVE-2019-5736|7.40|7.40| | + | |
| - | |Systemd|[vs] systemd (PID1) crash with specially crafted D-Bus message|2019-02-13 18:32:00|2019-02-18 16:48:00|https://www.openwall.com/lists/oss-security/2019/02/18/3|2019-02-18 16:48:00|CVE-2019-6454|4.93|4.93| | + | |
| - | |Bind|[vs] Three BIND vulnerabilities (CVE-2018-5744, CVE-2018-5745, and CVE-2019-6465) will be announced 21 February 2019|2019-02-20 01:03:00|2019-02-22 02:59:00|https://www.openwall.com/lists/oss-security/2019/02/22/1|2019-02-22 02:59:00|CVE-2018-5744\\ CVE-2018-5745\\ CVE-2019-6465|2.08|2.08| | + | |
| - | |libssh|[vs-plain] libssh2: *nine* security fixes coming (take 2)|2019-03-08 06:01:00|2019-03-18 21:42:00|https://www.openwall.com/lists/oss-security/2019/03/18/3|2019-03-18 21:42:00|CVE-2019-3855\\ CVE-2019-3856\\ CVE-2019-3857\\ CVE-2019-3858\\ CVE-2019-3859\\ CVE-2019-3860\\ CVE-2019-3861\\ CVE-2019-3862\\ CVE-2019-3863|10.65|10.65| | + | |
| - | |Linux Kernel|[vs-plain] Stack/Heap Clashing on Linux >=4.13 when loader directly invoked|2019-03-05 17:35:00|2019-03-13 01:30:06|https://www.openwall.com/lists/oss-security/2019/03/13/1|2019-03-13 01:30:06||7.33|7.33| | + | |
| - | |libseccomp|[vs] linux-distros disclosure|2019-03-11 21:12:00|2019-03-14 23:48:22|https://www.openwall.com/lists/oss-security/2019/03/15/1|2019-03-14 23:48:22||3.11|3.11| | + | |
| - | |Ghostscript|[vs] ghostscript: 2 -dSAFER bypass: CVE-2019-3835 & CVE-2019-3838|2019-03-13 20:32:00|2019-03-21 15:31:00|https://www.openwall.com/lists/oss-security/2019/03/21/1|2019-03-21 15:31:00|CVE-2019-3835\\ CVE-2019-3838|7.79|7.79| | + | |
| - | |dovecot|[vs] Important vulnerability in Dovecot (CVE-2019-7524)|2019-03-21 15:29:00|2019-03-28 11:42:00|https://www.openwall.com/lists/oss-security/2019/03/28/1|2019-03-28 11:42:00|CVE-2019-7524|6.84|6.84| | + | |
| - | |apache|Re: [vs-plain] Apache HTTP Server 2.4.39 is important upgrade for distros due to CVE-2019-0211|2019-04-02 07:11:00|2019-04-02 01:31:00|https://www.openwall.com/lists/oss-security/2019/04/02/3|2019-04-02 01:31:00|CVE-2019-0211|-0.24|-0.24| | + | |
| - | |wpa_supplicant|[vs] VU#871675 and wpa_supplicant/hostapd|2019-04-03 16:04:00|2019-04-10 15:13:00|https://www.openwall.com/lists/oss-security/2019/04/10/2|2019-04-10 15:13:00|CVE-2019-9494|6.96|6.96| | + | |
| - | |dovecot|[vs] Important security bug in Dovecot|2019-04-15 06:38:00|2019-04-18 09:05:00|https://www.openwall.com/lists/oss-security/2019/04/18/3|2019-04-18 09:05:00|CVE-2019-10691|3.10|3.10| | + | |
| - | |pacemaker|[vs-plain] pacemaker|2019-04-03 05:01:00|2019-04-17 09:40:00|https://www.openwall.com/lists/oss-security/2019/04/17/1|2019-04-17 09:40:00|CVE-2019-3885|14.19|14.19| | + | |
| - | |Bind|[vs-plain] Three BIND vulnerabilities (CVE-2018-5743, CVE-2019-6467, and CVE-2019-6468) will be announced 24 April 2019|2019-04-24 01:32:00|2019-04-25 06:55:00|https://www.openwall.com/lists/oss-security/2019/04/25/1|2019-04-25 06:55:00|CVE-2018-5743\\ CVE-2018-6467\\ CVE-2019-6468|1.22|1.22| | + | |
| - | |dovecot|[vs] Important security bugs in Dovecot|2019-04-29 06:11:00|2019-04-30 13:35:00|https://www.openwall.com/lists/oss-security/2019/04/30/6|2019-04-30 13:35:00|CVE-2019-11494\\ CVE-2019-11499|1.31|1.31| | + | |
| - | |curl|[vs-plain] curl: Integer overflows in curl_url_set (1/2)|2019-05-15 06:07:00|2019-05-22 07:24:00|https://www.openwall.com/lists/oss-security/2019/05/22/2|2019-05-22 07:24:00|CVE-2019-5435|7.05|7.05| | + | |
| - | |curl|[vs-plain] curl: TFTP receive buffer overflow (2/2)|2019-05-15 06:07:00|2019-05-22 07:24:00|https://www.openwall.com/lists/oss-security/2019/05/22/3|2019-05-22 07:24:00|CVE-2019-5436|7.05|7.05| | + | |
| - | |marwell wifi driver|[vs-plain] Bug report and CVE request : Heap Overflow in mwifiex_update_bss_desc_with_ie function of Marvell Wifi Driver in Linux kernel|2019-05-21 08:39:00|2019-05-29 12:52:18|https://www.openwall.com/lists/oss-security/2019/05/30/2|2019-05-30 10:58:59|CVE-2019-3846|8.18|9.10| | + | |
| - | |marwell wifi driver|[vs-plain] CVE request : Heap Overflow in mwifiex_uap_parse_tail_ies function of Marvell Wifi Driver in Linux kernel|2019-05-30 11:23:00|2019-06-01 10:07:00|https://www.openwall.com/lists/oss-security/2019/06/01/1|2019-06-01 10:07:00|CVE-2019-10126|1.95|1.95| | + | |
| - | |Exim|[vs-plain] Qualys Security Advisory|2019-05-28 10:20:00|2019-06-05 17:28:00|https://www.openwall.com/lists/oss-security/2019/06/04/1|2019-06-05 17:28:00|CVE-2019-10149|8.30|8.30| | + | |
| - | |dbus|[vs] CVE-2019-12749: DBusServer DBUS_COOKIE_SHA1 authentication bypass|2019-06-09 13:37:00|2019-06-11 15:09:00|https://www.openwall.com/lists/oss-security/2019/06/11/2|2019-06-11 15:09:00|CVE-2019-12749|2.06|2.06| | + | |
| - | |Mozilla Thunderbird|[vs] Thunderbird Vulnerabilities|2019-06-06 17:11:00|2019-06-13 20:27:00|https://www.openwall.com/lists/oss-security/2019/06/13/1 https://www.openwall.com/lists/oss-security/2019/06/13/2 https://www.openwall.com/lists/oss-security/2019/06/13/3 https://www.openwall.com/lists/oss-security/2019/06/13/4|2019-06-13 20:27:00|CVE-2019-11703\\ CVE-2019-11704\\ CVE-2019-11705\\ CVE-2019-11706|7.14|7.14| | + | |
| - | |Kernel Networking Stack (Multiple Kernels)|[vs] Kernel: Multiple remote denial of service issues|2019-06-07 01:06:00|2019-06-17 17:33:00|https://www.openwall.com/lists/oss-security/2019/06/17/5|2019-06-17 17:33:00|CVE-2019-11477\\ CVE-2019-11478\\ CVE-2019-11479|10.69|10.69| | + | |
| - | |PowerDNS|[vs] PowerDNS prenotification|2019-06-18 14:08:00|2019-06-21 11:19:00|https://www.openwall.com/lists/oss-security/2019/06/21/5|2019-06-21 11:19:00|CVE-2019-10162\\ CVE-2019-10163|2.88|2.88| | + | |
| - | |Bind|[vs-plain] BIND vulnerability CVE-2019-6471 will be announced tomorrow (Wednesday, 19 June 2019)|2019-06-18 21:05:00|2019-06-20 01:13:00|https://www.openwall.com/lists/oss-security/2019/06/20/1|2019-06-20 01:13:00|CVE-2019-6471|1.17|1.17| | + | |
| - | |Linux Kernel|[vs-plain] Linux kernel for powerpc mm bug|2019-06-13 16:41:00|2019-06-24 14:44:00|https://www.openwall.com/lists/oss-security/2019/06/24/5|2019-06-24 14:44:00|CVE-2019-12817|10.92|10.92| | + | |