Lucene search
K

40 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in dpkg

In dpkg, the Debian package management system, versions prior to 1.21.8, 1.20.10, 1.19.8, and 1.18.26 are vulnerable to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include debian.tar, the in-place extraction process may...

9.8CVSS7.3AI score0.02871EPSS
Exploits0References2
OSV
OSV
added 2025/06/17 3:15 p.m.8 views

AZL-64227 CVE-2025-49180 affecting package xorg-x11-server for versions less than 1.20.10-16

A flaw was found in the RandR extension, where the RRChangeProviderProperty function does not properly validate input. This issue leads to an integer overflow when computing the total size to allocate...

7.8CVSS6.5AI score0.00279EPSS
Exploits0References1
OSV
OSV
added 2025/06/17 3:15 p.m.6 views

AZL-64196 CVE-2025-49176 affecting package xorg-x11-server 1.20.10-6

A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check...

7.3CVSS6.5AI score0.00306EPSS
Exploits0References1
OSV
OSV
added 2025/06/17 3:15 p.m.5 views

AZL-64235 CVE-2025-49175 affecting package xorg-x11-server for versions less than 1.20.10-16

A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash...

6.1CVSS7.1AI score0.00285EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:59 a.m.8 views

CVE-2023-46653

Jenkins lambdatest-automation Plugin 1.20.10 and earlier logs LAMBDATEST Credentials access token at the INFO level, potentially resulting in its exposure...

6.5CVSS6.8AI score0.00363EPSS
Exploits0
CBLMariner
CBLMariner
added 2025/03/10 3:8 p.m.11 views

CVE-2025-26596 affecting package xorg-x11-server for versions less than 1.20.10-15

CVE-2025-26596 affecting package xorg-x11-server for versions less than 1.20.10-15. A patched version of the package is available...

7.8CVSS6.9AI score0.00399EPSS
Exploits0
OSV
OSV
added 2025/02/25 4:15 p.m.12 views

AZL-57404 CVE-2025-26596 affecting package xorg-x11-server for versions less than 1.20.10-15

A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms differs from what is written in XkbWriteKeySyms, which may lead to a heap-based buffer overflow...

7.8CVSS7.5AI score0.00399EPSS
Exploits0References1
OSV
OSV
added 2025/02/25 4:15 p.m.14 views

AZL-57479 CVE-2025-26597 affecting package xorg-x11-server for versions less than 1.20.10-15

A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because t...

7.8CVSS7.4AI score0.00485EPSS
Exploits0References1
CBLMariner
CBLMariner
added 2024/11/19 9:24 p.m.13 views

CVE-2024-9632 affecting package xorg-x11-server for versions less than 1.20.10-13

CVE-2024-9632 affecting package xorg-x11-server for versions less than 1.20.10-13. A patched version of the package is available...

7.8CVSS6.9AI score0.00894EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/11/13 9:13 a.m.22 views

CVE-2023-39318 affecting package golang for versions less than 1.20.10-1

CVE-2023-39318 affecting package golang for versions less than 1.20.10-1. A patched version of the package is available...

6.1CVSS6.5AI score0.00815EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/08/18 2:44 p.m.15 views

CVE-2024-31080 affecting package xorg-x11-server for versions less than 1.20.10-11

CVE-2024-31080 affecting package xorg-x11-server for versions less than 1.20.10-11. A patched version of the package is available...

7.3CVSS7.8AI score0.00513EPSS
Exploits0
OSV
OSV
added 2024/04/05 12:15 p.m.6 views

AZL-44382 CVE-2024-31083 affecting package xorg-x11-server 1.20.10-6

A use-after-free vulnerability was found in the ProcRenderAddGlyphs function of Xorg servers. This issue occurs when AllocateGlyph is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently,...

7.8CVSS7.6AI score0.01843EPSS
Exploits0References1
OSV
OSV
added 2024/04/04 2:15 p.m.8 views

AZL-39349 CVE-2024-31080 affecting package xorg-x11-server for versions less than 1.20.10-11

A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...

7.3CVSS7AI score0.00513EPSS
Exploits0References1
OSV
OSV
added 2024/01/18 4:15 p.m.6 views

AZL-33352 CVE-2024-0408 affecting package xorg-x11-server for versions less than 1.20.10-14

A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource as with a GetGeometry or when it creates another resource that needs to access that buffer, such as...

5.5CVSS6.7AI score0.00321EPSS
Exploits0References1
OSV
OSV
added 2024/01/18 4:15 p.m.9 views

AZL-33351 CVE-2024-0409 affecting package xorg-x11-server for versions less than 1.20.10-12

A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context...

7.8CVSS7.2AI score0.00356EPSS
Exploits0References1
Oracle linux
Oracle linux
added 2023/12/13 12:0 a.m.43 views

skopeo security update

2:1.13.3-3 - Rebuild with golang 1.20.10 - Related: Jira:RHEL-2786 2:1.13.3-2 - Rebuild with golang 1.21.3 - Related: Jira:RHEL-2786...

7.5CVSS7.3AI score0.01328EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/11/08 12:0 a.m.15 views

PT-2023-7932

Name of the Vulnerable Software and Affected Versions Go versions 1.21.3 and earlier, 1.20.10 and earlier Description The issue is related to the IsLocal function not correctly detecting reserved device names in some cases on Windows. Specifically, reserved names followed by spaces, such as "COM1...

9.8CVSS8.3AI score0.99999EPSS
Exploits23References82
OSV
OSV
added 2023/10/25 6:32 p.m.19 views

GHSA-HPV3-F5P7-PXJ9 Jenkins lambdatest-automation Plugin may expose Credentials access token

Jenkins lambdatest-automation Plugin 1.20.10 and earlier logs LAMBDATEST Credentials access token at the INFO level. This can result in accidental exposure of the token through the default system log. lambdatest-automation Plugin 1.21.0 no longer logs LAMBDATEST Credentials access token...

2.7CVSS6.7AI score0.00363EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/10/25 12:0 a.m.4 views

Jenkins Plugin lambdatest-automation Security Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins Plugin is an application software. A security vulnerability...

6.5CVSS6.7AI score0.00363EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/10/17 12:0 a.m.72 views

Amazon Linux 2 : golang (ALAS-2023-2313)

The version of golang installed on the remote host is prior to 1.20.10-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2313 advisory. 2024-01-03: CVE-2023-39319 was added to this advisory. 2023-10-30: CVE-2023-39318 was added to this advisory. The...

8.1CVSS7.6AI score0.99999EPSS
Exploits19References12
Rows per page
Query Builder