Subscribe to email alerts
http://www.debian.org/security/
http://article.gmane.org/gmane.linux.debian.security.announce/2740
http://lwn.net/Vulnerabilities/
http://lwn.net/Alerts/
http://lwn.net/Security/
http://lwn.net/Vulnerabilities/
https://www.owasp.org/index.php/Category:Vulnerability
Package(s):railsCVE #(s):CVE-2013-0155Created:January 17, 2013Updated:January 17, 2013Description:From the Debian advisory:An interpretation conflict can cause the Active Record component of Rails, a web framework for the Ruby programming language, to truncate queries in unexpected ways. This may allow attackers to elevate their privileges.Alerts:DebianDSA-2609-12013-01-16
Most recent security alerts
DistributionIDPackageDateMageiaMGASA-2013-0011kernel-tmb2013-01-18MageiaMGASA-2013-0009kernel-linus2013-01-18MageiaMGASA-2013-0013virtualbox2013-01-18MageiaMGASA-2013-0014claws-mail-plugins2013-01-18MageiaMGASA-2013-0012kernel-vserver2013-01-18SUSESUSE-SU-2013:0047-1Acrobat Reader2013-01-18MageiaMGASA-2013-0015tomcat62013-01-18MageiaMGASA-2013-0010kernel2013-01-18UbuntuUSN-1695-1rpm2013-01-17UbuntuUSN-1694-1rpm2013-01-17UbuntuUSN-1699-1linux2013-01-17OracleELSA-2013-0165java-1.7.0-openjdk2013-01-17UbuntuUSN-1696-1linux2013-01-17SUSESUSE-SU-2013:0044-1Acrobat Reader2013-01-17UbuntuUSN-1698-1linux-ti-omap42013-01-17UbuntuUSN-1700-1linux-ti-omap42013-01-17Scientific LinuxSL-java-20130116java-1.7.0-openjdk2013-01-16Scientific LinuxSL-cong-20130116conga2013-01-16FedoraFEDORA-2013-0891xulrunner2013-01-16Scientific LinuxSL-quot-20130116quota2013-01-16
This database contains security alerts from numerous Linux distributors.
Distributors in the database
CentOSConectivaDebianDebian-TestingEnGardeEridaniFedoraFedora-LegacyForesightGentooHPImmunixMageiaMandrakeMandrivaMeeGoNetwosixOpenPKGopenSUSEOraclePardusProgenyRed HatrPathScientific LinuxSCO GroupSlackwareSorcererSuSESUSETawietinysofaTrustixTurbolinuxUbuntuWhiteboxYellow Dog
The LWN security vulnerabilities database
The LWN security vulnerabilities database
This is the main page for LWN.net's security vulnerability database.
Vulnerabilities with recent alerts
IDUpdatePackage(s)Description533235January 18, 2013linuxkernel: denial of service531056January 18, 2013virtualbox-osevirtualbox-ose: denial of service533230January 18, 2013kernelkernel: information disclosure527917January 18, 2013claws-mailclaws-mail: user credential leak533070January 17, 2013rpmrpm: incorrect signature checking532808January 17, 2013qemu-kvm, qemuqemu: buffer overflow532660January 17, 2013java-1.7.0-oraclejava: multiple vulnerabilities532086January 17, 2013firefox thunderbird xulrunner seamonkeymozilla: multiple vulnerabilities532122January 17, 2013firefox thunderbirdmozilla: multiple vulnerabilities533068January 17, 2013xorg-x11-appsxorg-x11-apps: unspecified vulnerability533067January 17, 2013railsrails: privilege escalation514776January 17, 2013java-1.7.0-openjdkjava: multiple vulnerabilities470976January 17, 2013sossos: key disclosure533031January 17, 2013squirrelmailsquirrelmail: denial of service532553January 17, 2013autofsautofs: denial of service264473January 17, 2013postgresqlPostgreSQL: multiple vulnerabilities520751January 17, 2013rubyruby: unintended file creation519492January 17, 2013ruby1.8ruby: access restriction bypass532554January 17, 2013mysqlmysql: authentication bypass532551January 17, 2013OpenIPMIOpenIPMI: invalid permissionsNext 20 vulnerabilities
No comments:
Post a Comment