Lucene search
K

6423 matches found

AlmaLinux
AlmaLinux
added 2023/11/07 12:0 a.m.38 views

Moderate: grafana security and enhancement update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: persistent xss in grafana core plugins CVE-2022-23552 grafana: plugin signature bypass CVE-2022-31123 grafana: data source and plugin proxy endpoints leaking...

8.1CVSS7.7AI score0.05623EPSS
Exploits0References20
AlmaLinux
AlmaLinux
added 2023/11/07 12:0 a.m.32 views

Moderate: python-tornado security update

Tornado is a Python web framework and asynchronous networking library that provides an open source version of scalable, non-blocking web server and tools. Security Fixes: python-tornado: open redirect vulnerability in StaticFileHandler under certain configurations CVE-2023-28370 For more details...

6.1CVSS7.1AI score0.01132EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2023/11/07 12:0 a.m.60 views

Moderate: skopeo security update

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: golang: html/template: improper handling of JavaScript whitespace CVE-2023-24540 net/http, golang.org/x/net/http2: avoid quadrati...

9.8CVSS7.2AI score0.04561EPSS
Exploits0References24
OSV
OSV
added 2023/11/07 12:0 a.m.42 views

ALSA-2023:6707 Moderate: avahi security update

Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other...

5.5CVSS6.2AI score0.0045EPSS
Exploits2References8
OSV
OSV
added 2023/11/07 12:0 a.m.29 views

ALSA-2023:6469 Moderate: wireshark security update

The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. Security Fixes: wireshark: RTPS dissector crash CVE-2023-0666 wireshark: IEEE C37.118 Synchrophasor dissector crash CVE-2023-0668 wireshark: Candump log file parser cra...

6.5CVSS6.4AI score0.02275EPSS
Exploits6References14
OSV
OSV
added 2023/11/07 12:0 a.m.49 views

ALSA-2023:6615 Moderate: python-cryptography security update

The python-cryptography packages contain a Python Cryptographic Authority's PyCA's cryptography library, which provides cryptographic primitives and recipes to Python developers. Security Fixes: python-cryptography: memory corruption via immutable objects CVE-2023-23931 For more details about the...

6.5CVSS6.8AI score0.01301EPSS
Exploits1References4
OSV
OSV
added 2023/11/07 12:0 a.m.27 views

ALSA-2023:6539 Moderate: perl-CPAN security update

The CPAN module is a tool to query, download and build perl modules from CPAN sites. Security Fixes: perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS CVE-2023-31484 For more details about the security issues, including the impact, a CVSS score,...

8.1CVSS7.1AI score0.01561EPSS
Exploits1References4
OSV
OSV
added 2023/11/07 12:0 a.m.31 views

ALSA-2023:6593 Moderate: binutils security update

The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fixes: binutils: NULL pointer...

5.5CVSS6.7AI score0.00437EPSS
Exploits1References4
OSV
OSV
added 2023/11/07 12:0 a.m.18 views

ALSA-2023:6482 Moderate: librabbitmq security update

The librabbitmq packages provide an Advanced Message Queuing Protocol AMQP client library that allows you to communicate with AMQP servers using protocol version 0-9-1. Security Fixes: rabbitmq-c/librabbitmq: Insecure credentials submission CVE-2023-35789 For more details about the security issue...

5.5CVSS5.6AI score0.00214EPSS
Exploits0References4
OSV
OSV
added 2023/11/07 12:0 a.m.16 views

ALSA-2023:6341 Moderate: xorg-x11-server-Xwayland security, bug fix, and enhancement update

Xwayland is an X server for running X clients under Wayland. The following packages have been upgraded to a later upstream version: xorg-x11-server-Xwayland 22.1.9. BZ2158761 Security Fixes: xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability...

7.8CVSS8.1AI score0.0044EPSS
Exploits0References4
OSV
OSV
added 2023/11/07 12:0 a.m.28 views

ALSA-2023:6569 Moderate: sysstat security and bug fix update

The sysstat packages provide the sar and iostat commands. These commands enable system monitoring of disk, network, and other I/O activity. Security Fixes: sysstat: checkoverflow function can work incorrectly, which could lead to an overflow CVE-2023-33204 For more details about the security...

7.8CVSS7.5AI score0.00327EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2023/11/07 12:0 a.m.44 views

Moderate: toolbox security and bug fix update

Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI. Security Fixes: go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YA...

9.8CVSS7.3AI score0.04561EPSS
Exploits0References22
OSV
OSV
added 2023/11/07 12:0 a.m.41 views

ALSA-2023:6595 Important: linux-firmware security, bug fix, and enhancement update

The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fixes: hw: intel: Improper access control for some IntelR PROSet/Wireless WiFi CVE-2022-27635 hw: intel: Improper access control for some IntelR PROSet/Wireless WiFi...

8.2CVSS7.3AI score0.0616EPSS
Exploits1References14
OSV
OSV
added 2023/11/07 12:0 a.m.29 views

ALSA-2023:6496 Moderate: haproxy security and bug fix update

The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fixes: haproxy: data leak via fcgi requests CVE-2023-0836 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relate...

7.5CVSS7.4AI score0.01201EPSS
Exploits0References4
OSV
OSV
added 2023/11/07 12:0 a.m.41 views

ALSA-2023:6635 Moderate: c-ares security, bug fix, and enhancement update

The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. The following packages have been upgraded to a later upstream version: c-ares 1.19.1. BZ2210370 Security Fixes: c-ares: buffer overflow in configsortlist due to missing string length check...

8.6CVSS7.5AI score0.01232EPSS
Exploits1References10
OSV
OSV
added 2023/11/07 12:0 a.m.37 views

ALSA-2023:6346 Moderate: toolbox security and bug fix update

Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI. Security Fixes: go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YA...

9.8CVSS8AI score0.04561EPSS
Exploits0References22
OSV
OSV
added 2023/11/07 12:0 a.m.35 views

ALSA-2023:6570 Moderate: tomcat security and bug fix update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: Apache Commons FileUpload: FileUpload DoS with excessive parts CVE-2023-24998 tomcat: not including the secure attribute causes information disclosure CVE-2023-28708 tomcat: Fix for...

7.5CVSS7AI score0.51547EPSS
Exploits1References8
OSV
OSV
added 2023/11/07 12:0 a.m.23 views

ALSA-2023:6578 Moderate: libqb security update

The libqb packages provide a library with the primary purpose of providing high performance client/server reusable features, such as high performance logging, tracing, inter-process communication, and polling. Security Fixes: libqb: Buffer overflow in logblackbox.c CVE-2023-39976 For more details...

9.8CVSS8.3AI score0.00984EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2023/11/07 12:0 a.m.36 views

Moderate: libtiff security update

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: null pointer dereference in LZWDecode in libtiff/tiflzw.c CVE-2023-2731 libtiff: tiffcrop: null pointer dereference in TIFFClose CVE-2023-3316 libtiff: memory leak in...

6.5CVSS7.1AI score0.01124EPSS
Exploits4References12
OSV
OSV
added 2023/11/07 12:0 a.m.13 views

ALSA-2023:6566 Moderate: libmicrohttpd security update

GNU libmicrohttpd is a small C library that makes it easy to run an HTTP server as part of another application. Security Fixes: libmicrohttpd: remote DoS CVE-2023-27371 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information,...

5.9CVSS5.9AI score0.01243EPSS
Exploits1References4
Rows per page
Query Builder