Professional Social Sharing Buttons, Icons & Related Posts – Shareaholic Security Vulnerabilities
Moderate: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer...
9.8CVSS
6.8AI Score
EPSS
kernel-rt security and bug fix update
An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...
9.8CVSS
10AI Score
EPSS
An update is available for pcs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The pcs packages provide a command-line configuration system for the Pacemaker...
5.8CVSS
6.6AI Score
0.0004EPSS
An update is available for booth. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Booth cluster ticket manager is a component to bridge high availability...
5.9CVSS
7.2AI Score
0.001EPSS
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fix(es): rubygem-rack: Denial of Service Vulnerability in Rack Content-Type Parsing (CVE-2024-25126) rubygem-rack: Possible DoS Vulnerability with Range Header in Rack...
5.8CVSS
6.5AI Score
0.0004EPSS
Important: booth security update
The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inputs to local Pacemaker cluster resource managers. It operates as a distributed consensus-based service, presumably on a separate physical network....
5.9CVSS
7.6AI Score
0.001EPSS
Moderate: libtiff security update
The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): libtiff: out-of-bounds read in tiffcp in tools/tiffcp.c (CVE-2022-4645) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments,...
6.8CVSS
6.4AI Score
0.0004EPSS
An update is available for libXpm. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list X.Org X11 libXpm runtime library. Security Fix(es): libXpm: out of bounds...
5.5CVSS
6.7AI Score
0.0004EPSS
python3.11-urllib3 security update
An update is available for python3.11-urllib3. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The python-urllib3 package provides the Python HTTP module with...
8.1CVSS
8.2AI Score
0.001EPSS
perl-Convert-ASN1 security update
An update is available for perl-Convert-ASN1. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Convert::ASN1 encodes and decodes ASN.1 data structures using...
7.5CVSS
6.7AI Score
0.009EPSS
Moderate: virt:rhel and virt-devel:rhel security and enhancement update
Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the....
7CVSS
7.3AI Score
0.002EPSS
go-toolset:rhel8 security update
An update is available for module.golang, go-toolset, delve, module.go-toolset, module.delve, golang. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Go Toolset....
5.5AI Score
0.0004EPSS
An update is available for pcp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for...
8.8CVSS
7.2AI Score
0.0004EPSS
Important: go-toolset:rhel8 security update
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288) golang: net/http/cookiejar: incorrect forwarding of sensitive headers...
5.5AI Score
0.0004EPSS
container-tools:rhel8 security update
An update is available for libslirp, module.buildah, module.crun, buildah, fuse-overlayfs, udica, module.oci-seccomp-bpf-hook, module.netavark, module.runc, conmon, module.containers-common, python-podman, module.libslirp, module.aardvark-dns, module.fuse-overlayfs, runc, criu, aardvark-dns,...
8.6CVSS
6AI Score
0.002EPSS
gstreamer1-plugins-bad-free security update
An update is available for gstreamer1-plugins-bad-free. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GStreamer is a streaming media framework based on graphs....
8.8CVSS
8.9AI Score
0.0005EPSS
An update is available for module.pyusb, module.opendnssec, custodia, module.custodia, pyusb, module.python-kdcproxy, module.slapi-nis, opendnssec, python-yubico, slapi-nis, ipa-healthcheck, softhsm, module.python-qrcode, module.softhsm, module.ipa-healthcheck, python-qrcode, module.python-yubico,....
5.3CVSS
6.7AI Score
0.0004EPSS
pki-core:10.6 and pki-deps:10.6 security update
An update is available for module.slf4j, xerces-j2, javassist, xml-commons-resolver, xml-commons-apis, module.jackson-jaxrs-providers, module.xsom, apache-commons-lang, velocity, module.apache-commons-collections, jackson-core, module.stax-ex, module.jackson-core, pki-core,...
7.5CVSS
7.1AI Score
0.002EPSS
gstreamer1-plugins-good security update
An update is available for gstreamer1-plugins-good. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GStreamer is a streaming media framework based on graphs of.....
7.6CVSS
6.9AI Score
0.0005EPSS
An update is available for grafana. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Grafana is an open source, feature rich metrics dashboard and graph editor...
7.5CVSS
7.3AI Score
0.0005EPSS
Moderate: virt:rhel and virt-devel:rhel security update
Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the....
6.2CVSS
6.7AI Score
0.001EPSS
xorg-x11-server-Xwayland security update
An update is available for xorg-x11-server-Xwayland. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Xwayland is an X server for running X clients under...
7.8CVSS
7.9AI Score
0.0005EPSS
Moderate: idm:DL1 security update
Rocky Enterprise Software Foundation Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): freeipa: specially crafted HTTP requests potentially lead to denial of...
5.3CVSS
6.6AI Score
0.0004EPSS
Moderate: 389-ds:1.4 security update
389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. Security Fix(es): 389-ds-base: a heap overflow leading to denail-of-servce while writing a...
5.5CVSS
6.8AI Score
0.0004EPSS
Important: pcp security update
Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Security Fix(es): pcp:.....
8.8CVSS
7.1AI Score
0.0004EPSS
Moderate: libXpm security update
X.Org X11 libXpm runtime library. Security Fix(es): libXpm: out of bounds read in XpmCreateXpmImageFromBuffer() (CVE-2023-43788) libXpm: out of bounds read on XPM with corrupted colormap (CVE-2023-43789) For more details about the security issue(s), including the impact, a CVSS score,...
5.5CVSS
6.8AI Score
0.0004EPSS
fence-agents security and bug fix update
An update is available for fence-agents. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The fence-agents packages provide a collection of scripts for handling.....
6.1CVSS
6.8AI Score
0.001EPSS
Important: python39:3.9 and python39-devel:3.9 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security...
7.8CVSS
7.7AI Score
EPSS
Moderate: idm:DL1 and idm:client security update
Rocky Enterprise Software Foundation Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): JWCrypto: denail of service Via specifically crafted JWE...
6.8CVSS
6.7AI Score
0.0004EPSS
An update is available for exempi. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Exempi provides a library for easy parsing of XMP metadata. Security...
6.5CVSS
6.7AI Score
0.001EPSS
Moderate: ruby:3.3 security, bug fix, and enhancement update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby (3.3). (Rocky Linux-37446) Security Fix(es): ruby: Buffer overread...
6.3AI Score
EPSS
Moderate: perl-Convert-ASN1 security update
Convert::ASN1 encodes and decodes ASN.1 data structures using BER/DER rules. Security Fix(es): perl-Convert-ASN1: allows remote attackers to cause an infinite loop via unexpected input (CVE-2013-7488) For more details about the security issue(s), including the impact, a CVSS score,...
7.5CVSS
6.6AI Score
0.009EPSS
An update is available for ghostscript. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Ghostscript suite contains utilities for rendering PostScript and...
5.5CVSS
6.8AI Score
0.001EPSS
An update is available for LibRaw. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list LibRaw is a library for reading RAW files obtained from digital photo cameras....
7.8CVSS
7.1AI Score
0.001EPSS
Important: .NET 7.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.119 and .NET Runtime 7.0.19....
6.3CVSS
6.3AI Score
0.0005EPSS
Important: .NET 8.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.105 and .NET Runtime 8.0.5....
6.3CVSS
6.3AI Score
0.0005EPSS
An update is available for dotnet7.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...
6.3CVSS
6.9AI Score
0.0005EPSS
Moderate: python-pillow security update
The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fix(es): python-pillow: uncontrolled resource consumption when textlength in an ImageDraw...
7.5CVSS
6.4AI Score
0.001EPSS
Moderate: mutt security update
Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP. Security Fix(es): mutt: null pointer dereference (CVE-2023-4874) mutt: null pointer dereference...
6.5CVSS
6.4AI Score
0.001EPSS
An update is available for tigervnc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Virtual Network Computing (VNC) is a remote display system which allows...
7.8CVSS
7.8AI Score
0.0005EPSS
Moderate: pki-core:10.6 and pki-deps:10.6 security update
The Public Key Infrastructure (PKI) Core contains fundamental packages required by Rocky Enterprise Software Foundation Certificate System. Security Fix(es): jackson-databind: denial of service via a large depth of nested objects (CVE-2020-36518) For more details about the security issue(s),...
7.5CVSS
7AI Score
0.002EPSS
python39:3.9 and python39-devel:3.9 security update
An update is available for python-pluggy, module.python-iniconfig, module.python-psycopg2, module.python-more-itertools, module.python3x-pip, module.python3x-setuptools, python-requests, python-psutil, numpy, module.python-ply, module.python-psutil, module.python-pycparser, module.python-cffi,...
8.1CVSS
7.1AI Score
0.005EPSS
Important: tomcat security and bug fix update
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. Security Fix(es): Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549) Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672) Bug Fix(es): Rebase tomcat to...
6.6AI Score
0.0004EPSS
Important: git-lfs security update
Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fix(es): golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS...
5.5AI Score
0.0004EPSS
An update is available for pmix. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Process Management Interface (PMI) provides process management functions...
8.1CVSS
6.6AI Score
0.001EPSS
Important: idm:DL1 security update
Rocky Enterprise Software Foundation Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): CVE-2024-2698 freeipa: delegation rules allow a proxy service to...
8.1CVSS
8.2AI Score
0.0004EPSS
Important: grafana security update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394) grafana: vulnerable to authorization bypass (CVE-2024-1313) For...
7.5CVSS
7.2AI Score
0.0005EPSS
Important: tigervnc security update
Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients....
7.8CVSS
7.8AI Score
0.0005EPSS
Moderate: exempi security update
Exempi provides a library for easy parsing of XMP metadata. Security Fix(es): exempi: denial of service via opening of crafted audio file with ID3V2 frame (CVE-2020-18651) exempi: denial of service via opening of crafted webp file (CVE-2020-18652) For more details about the security...
6.5CVSS
6.6AI Score
0.001EPSS
Moderate: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.11.0. Security Fix(es): firefox: Arbitrary JavaScript execution in PDF.js (CVE-2024-4367) firefox: IndexedDB files retained in private browsing mode (CVE-2024-4767) firefox:...
7.5AI Score
0.0004EPSS