Lucene search
K

6423 matches found

OSV
OSV
added 2023/11/07 12:0 a.m.16 views

ALSA-2023:6497 Moderate: libX11 security update

The libX11 packages contain the core X11 protocol client library. Security Fixes: libX11: InitExt.c can overwrite unintended portions of the Display structure if the extension request leads to a buffer overflow CVE-2023-3138 For more details about the security issues, including the impact, a CVSS...

7.5CVSS7.9AI score0.01656EPSS
Exploits0References4
OSV
OSV
added 2023/11/07 12:0 a.m.29 views

ALSA-2023:6523 Moderate: python-tornado security update

Tornado is a Python web framework and asynchronous networking library that provides an open source version of scalable, non-blocking web server and tools. Security Fixes: python-tornado: open redirect vulnerability in StaticFileHandler under certain configurations CVE-2023-28370 For more details...

6.1CVSS6.5AI score0.01132EPSS
Exploits0References4
OSV
OSV
added 2023/11/07 12:0 a.m.28 views

ALSA-2023:6621 Moderate: protobuf-c security update

The protobuf-c packages provide C bindings for Google's Protocol Buffers. Security Fixes: protobuf-c: unsigned integer overflow in parserequiredmember CVE-2022-48468 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, ref...

5.5CVSS6.3AI score0.00366EPSS
Exploits0References4
OSV
OSV
added 2023/11/07 12:0 a.m.30 views

ALSA-2023:6524 Moderate: dnsmasq security and bug fix update

The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server. Security Fixes: dnsmasq: default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 CVE-2023-28450 For more details about the security issues,...

7.5CVSS7.7AI score0.01334EPSS
Exploits0References4
OSV
OSV
added 2023/11/07 12:0 a.m.27 views

ALSA-2023:6542 Moderate: perl-HTTP-Tiny security update

HTTP::Tiny is a small and simple HTTP/1.1 client written in Perl. Security Fixes: http-tiny: insecure TLS cert default CVE-2023-31486 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in th...

8.1CVSS7.6AI score0.01742EPSS
Exploits0References4
OSV
OSV
added 2023/11/07 12:0 a.m.45 views

ALSA-2023:6402 Moderate: containernetworking-plugins security and bug fix update

The Container Network Interface CNI project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated...

9.8CVSS7.5AI score0.04561EPSS
Exploits0References22
OSV
OSV
added 2023/11/07 12:0 a.m.29 views

ALSA-2023:6508 Moderate: libreoffice security update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

7.8CVSS6.9AI score0.65692EPSS
Exploits2References10
OSV
OSV
added 2023/11/07 12:0 a.m.28 views

ALSA-2023:6569 Moderate: sysstat security and bug fix update

The sysstat packages provide the sar and iostat commands. These commands enable system monitoring of disk, network, and other I/O activity. Security Fixes: sysstat: checkoverflow function can work incorrectly, which could lead to an overflow CVE-2023-33204 For more details about the security...

7.8CVSS7.5AI score0.00327EPSS
Exploits0References4
OSV
OSV
added 2023/11/07 12:0 a.m.47 views

ALSA-2023:6679 Moderate: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: GSS delegation too eager connection re-use CVE-2023-27536 curl: TELNET option IAC injection CVE-2023-27533 curl: SFTP...

9.8CVSS7.6AI score0.02195EPSS
Exploits4References10
AlmaLinux
AlmaLinux
added 2023/11/07 12:0 a.m.36 views

Moderate: libreoffice security update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

7.8CVSS7.2AI score0.65692EPSS
Exploits2References10
AlmaLinux
AlmaLinux
added 2023/11/07 12:0 a.m.33 views

Moderate: libmicrohttpd security update

GNU libmicrohttpd is a small C library that makes it easy to run an HTTP server as part of another application. Security Fixes: libmicrohttpd: remote DoS CVE-2023-27371 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information,...

5.9CVSS7.1AI score0.01243EPSS
Exploits1References4
AlmaLinux
AlmaLinux
added 2023/11/07 12:0 a.m.31 views

Low: gmp security and enhancement update

The gmp packages contain GNU MP, a library for arbitrary precision arithmetics, signed integers operations, rational numbers, and floating point numbers. Security Fixes: gmp: Integer overflow and resultant buffer overflow via crafted input CVE-2021-43618 For more details about the security issues...

7.5CVSS7.7AI score0.03425EPSS
Exploits1References4
AlmaLinux
AlmaLinux
added 2023/11/07 12:0 a.m.39 views

Moderate: ncurses security and bug fix update

The ncurses new curses library routines are a terminal-independent method of updating character screens with reasonable optimization. The ncurses packages contain support utilities including a terminfo compiler tic, a decompiler infocmp, clear, tput, tset, and a termcap conversion tool captoinfo...

7.8CVSS7.3AI score0.00923EPSS
Exploits1References4
AlmaLinux
AlmaLinux
added 2023/11/07 12:0 a.m.27 views

Moderate: LibRaw security update

LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw: stack buffer overflow in LibRawbufferdatastream::gets in src/librawdatastream.cpp CVE-2021-32142 For more details about the security issues, including the...

7.8CVSS7.7AI score0.00424EPSS
Exploits1References4
AlmaLinux
AlmaLinux
added 2023/11/07 12:0 a.m.44 views

Moderate: qt5 security and bug fix update

Qt is a software toolkit for developing applications. Security Fixes: qt: buffer over-read via a crafted reply from a DNS server CVE-2023-33285 qt: allows remote attacker to bypass security restrictions caused by flaw in certificate validation CVE-2023-34410 qtbase: buffer overflow in...

7.5CVSS7.7AI score0.01324EPSS
Exploits1References12
AlmaLinux
AlmaLinux
added 2023/11/07 12:0 a.m.57 views

Moderate: flatpak security, bug fix, and enhancement update

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. The following packages have been upgraded to a later upstream version: flatpak 1.12.8. BZ2221792 Security Fixes: flatpak: TIOCLINUX can send commands outside sandbox if running on a virtual consol...

10CVSS7.5AI score0.00887EPSS
Exploits0References6
AlmaLinux
AlmaLinux
added 2023/11/07 12:0 a.m.55 views

Moderate: perl-HTTP-Tiny security update

HTTP::Tiny is a small and simple HTTP/1.1 client written in Perl. Security Fixes: http-tiny: insecure TLS cert default CVE-2023-31486 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in th...

8.1CVSS7.1AI score0.01742EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2023/11/07 12:0 a.m.43 views

Moderate: cups security and bug fix update

The Common UNIX Printing System CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fixes: cups: heap buffer overflow may lead to DoS CVE-2023-32324 cups: use-after-free in cupsdAcceptClient in scheduler/client.c CVE-2023-34241 For more details about t...

7.5CVSS7.8AI score0.01473EPSS
Exploits2References6
AlmaLinux
AlmaLinux
added 2023/11/07 12:0 a.m.44 views

Moderate: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: GSS delegation too eager connection re-use CVE-2023-27536 curl: TELNET option IAC injection CVE-2023-27533 curl: SFTP...

9.8CVSS7.4AI score0.02195EPSS
Exploits4References10
AlmaLinux
AlmaLinux
added 2023/11/07 12:0 a.m.26 views

Moderate: yajl security update

Yet Another JSON Library YAJL is a small event-driven SAX-style JSON parser written in ANSI C, and a small validating JSON generator. Security Fixes: yajl: Memory leak in yajltreeparse function CVE-2023-33460 For more details about the security issues, including the impact, a CVSS score,...

6.5CVSS7.1AI score0.01129EPSS
Exploits1References4
Rows per page
Query Builder