The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.
7e0c56c108ff3042fd6a6650a808553de15e4dfc7ccc9fcdd6a839de827c47ed
tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.
2b4319ddb3bd2867e72532a233f640a58c2f4d83f1088183ae544b268646ba21
HP Security Bulletin HPSBGN03361 1 - A potential security vulnerability has been identified with HP UCMDB, HP UCMDB Configuration Manager, HP UCMDB Browser, and HP Universal Discovery running TLS. Note: This is the TLS vulnerability using US export-grade 512-bit keys in Diffie-Hellman key exchange known as "Logjam" which could be exploited remotely resulting in disclosure of information. Revision 1 of this advisory.
d7f39361b740cd350c370d82a4abbf3a521be218d6102e8336f6c495e2a2be40
HP Security Bulletin HPSBMU03234 1 - A potential security vulnerability has been identified with HP Vertica running SSLv3. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.
0294e954d25201f94470fffcc267e094019e350889ede165e6610c7c67533e94
Debian Linux Security Advisory 3303-1 - It was discovered that the texttopdf utility, part of cups-filters, was susceptible to multiple heap-based buffer overflows due to improper handling of print jobs with a specially crafted line size. This could allow remote attackers to crash texttopdf or possibly execute arbitrary code.
c4cda9b519e70e14626d7d44c19ba37e1eff42e47edb6f66dae560941f93ea98
Red Hat Security Advisory 2015-1211-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access operation, potentially resulting in memory corruption due to an I/O vector array overrun. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system.
ba69d5584217420f43b38d281a774af957454723c6b0f03bf60d4d62ff50c41b
Ubuntu Security Notice 2668-1 - It was discovered that HAProxy incorrectly handled certain buffers. A remote attacker could possibly use this issue to obtain sensitive information belonging to previous requests.
b107f1345f2ab6dfdbdf52fda2fa1a45e08e413705d2abc04885e58aa92242de
Debian Linux Security Advisory 3302-1 - Insufficient input sanitising in libwmf, a library to process Windows metafile data, may result in denial of service or the execution of arbitrary code if a malformed WMF file is opened.
10317cb2a7565d19e7bf77a889b03d34ac783941edd2d5edcd17f7eb95e6649c
Ubuntu Security Notice 2666-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. Various other issues were also addressed.
47d9b2874b908191ceb7d6cc05e67c129969a7a846612e0abf42f762272cf153
Ubuntu Security Notice 2667-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. Various other issues were also addressed.
122e7a4e496bfa1708ef0318f8bb997c9f1c401557f2e3bc34b52513381ea323
Ubuntu Security Notice 2663-1 - Alexandre Oliva reported a race condition flaw in the btrfs file system's handling of extended attributes (xattrs). A local attacker could exploit this flaw to bypass ACLs and potentially escalate privileges. A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. Various other issues were also addressed.
7d15aa2d77d66a412eb11604a0558247a40f8871ea54563f3265f6cf37232869
Ubuntu Security Notice 2664-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. Various other issues were also addressed.
fa189e6b6391daa79f6ab7ceb545b2f97b172e45e1ec80055aa050d2726b9e27
Ubuntu Security Notice 2665-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. Various other issues were also addressed.
7fe5d45987e82d6beb0aa597ea875fbc6a50d820627071ddf51320c0b6d6db2e
Ubuntu Security Notice 2662-1 - Alexandre Oliva reported a race condition flaw in the btrfs file system's handling of extended attributes (xattrs). A local attacker could exploit this flaw to bypass ACLs and potentially escalate privileges. A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. Various other issues were also addressed.
fd94ef4c48a1bb7444100a0af1dc5c91028a7fce50fdaa1e423dcb48878649a3
Ubuntu Security Notice 2660-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations.
a7b057780c2a9c2c974c9d2ad831cb885a705477c84f727d40ba979a7e08c701
Ubuntu Security Notice 2661-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations.
ffb7e5a9faaa7d5d4aa3790f6cae60c6ac29ec24ba1853e3b7fec3cc4d2f3c94
Red Hat Security Advisory 2015-1210-01 - ABRT is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. It was found that ABRT was vulnerable to multiple race condition and symbolic link flaws. A local attacker could use these flaws to potentially escalate their privileges on the system. It was discovered that the kernel-invoked coredump processor provided by ABRT wrote core dumps to files owned by other system users. This could result in information disclosure if an application crashed while its current directory was a directory writable to by other users.
47a1f50bad2069d1272bed01fda4923643f3bc2e6bea1f01b891e04347c5db10
Gentoo Linux Security Advisory 201507-8 - A vulnerability in libxml2 allows a remote attacker to cause Denial of Service. Versions less than 2.9.2-r1 are affected.
a05e6be79f4500816569633da84b2fc86e92630dadb9318289f0641fce36a486
Gentoo Linux Security Advisory 201507-7 - Multiple vulnerabilities have been found in LibVNCServer, the worst of which could result in execution of arbitrary code or Denial of Service. Versions less than 0.9.10-r1 are affected.
366d16a33ddb4170dce53307384a2c9a1c34ebb67784b0e2096ac1d54dd1cce4
Gentoo Linux Security Advisory 201507-6 - Multiple vulnerabilities have been found in UnRTF, the worst of which may result in execution of arbitrary code. Versions less than 0.21.9 are affected.
32d2427c7b5006399245f373a45eb4f51267c73c831f62852b6c53d4c5aa3906
Gentoo Linux Security Advisory 201507-5 - Multiple vulnerabilities have been found in SQLite, allowing context-dependent attackers to cause a Denial of Service condition. Versions less than 3.8.9 are affected.
25bb7312d841f5f3b900c3e5c0ec81e6d09713156772856e0dd985686dcd1bd2
Gentoo Linux Security Advisory 201507-4 - Multiple vulnerabilities have been found in International Components for Unicode, allowing attackers to execute arbitrary code or cause a Denial of Service condition. Versions less than 55.1 are affected.
68075e049a9e07828a69a230cd6e54754b8c7b4e87d9bf4c7809aa42bf485264
Gentoo Linux Security Advisory 201507-3 - A vulnerability in Exiv2 could lead to Denial of Service condition. Versions less than 0.24-r1 are affected.
6eb2c18229fee3b2350b37ab8ca65dbabb91fcfbfa485a728d95b7645b11404c
Black Cat CMS version 1.1.2 suffers from a cross site scripting vulnerability.
7e257693ee2ab7e64d8f6b1d6364b7b60a5af2d2310bd734bb67fcb1be88fd88
A vulnerability exists in the EMC Documentum Content Server which allows an authenticated user to elevate privileges, hijack Content Server filesystem, or execute arbitrary commands by creating malicious dm_job objects. Although ESA-2014-105 claimed to remediate this issue, it persists.
c2fab15b7849733e911e9d40873b3af36fa3fddd78061a30c82067805f9a0abd