Lucene search
K

6423 matches found

Tenable Nessus
Tenable Nessus
added 2023/05/18 12:0 a.m.36 views

AlmaLinux 9 : thunderbird (ALSA-2023:3150)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:3150 advisory. - In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofin...

8.8CVSS7.9AI score0.00753EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2023/05/18 12:0 a.m.21 views

AlmaLinux 9 : libreswan (ALSA-2023:3148)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:3148 advisory. - A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto...

7.5CVSS7.5AI score0.01581EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/05/18 12:0 a.m.30 views

AlmaLinux 9 : firefox (ALSA-2023:3143)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:3143 advisory. - In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofin...

8.8CVSS7.9AI score0.00753EPSS
Exploits0References8
OSV
OSV
added 2023/05/16 12:0 a.m.35 views

ALSA-2023:2951 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel 4.18.0. BZ2122230, BZ2122267 Security Fixes: use-after-free caused by l2capreassemblesdu in net/bluetooth/l2capcore.c CVE-2022-3564...

8.8CVSS9.1AI score0.03763EPSS
Exploits17References80
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.25 views

Important: libreswan security update

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network VPN...

7.5CVSS7.1AI score0.01581EPSS
Exploits0References4
OSV
OSV
added 2023/05/16 12:0 a.m.14 views

ALSA-2023:2863 Moderate: ctags security update

Ctags is a C programming language indexing and cross-reference tool. Security Fixes: ctags: arbitrary command execution via a tag file with a crafted filename CVE-2022-4515 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.8CVSS7.6AI score0.00577EPSS
Exploits1References4
OSV
OSV
added 2023/05/16 12:0 a.m.21 views

ALSA-2023:3068 Important: mingw-expat security update

Expat is a C library for parsing XML documents. The mingw-expat packages provide a port of the Expat library for MinGW. Security Fixes: expat: a use-after-free in the doContent function in xmlparse.c CVE-2022-40674 For more details about the security issues, including the impact, a CVSS score,...

8.1CVSS7.9AI score0.01659EPSS
Exploits0References4
OSV
OSV
added 2023/05/16 12:0 a.m.36 views

ALSA-2023:2757 Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

7.8CVSS7.7AI score0.05552EPSS
Exploits1References16
OSV
OSV
added 2023/05/16 12:0 a.m.32 views

ALSA-2023:2834 Important: webkit2gtk3 security and bug fix update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: use-after-free issue leading to arbitrary code execution CVE-2022-42826 webkitgtk: memory corruption issue leading to arbitrary code execution CVE-2023-23517 webkitgtk: memory...

8.8CVSS9AI score0.34574EPSS
Exploits2References46
OSV
OSV
added 2023/05/16 12:0 a.m.27 views

ALSA-2023:3104 Important: emacs security update

GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language elisp, and the capability to read e-mail and news. Security Fixes: emacs: Regression of CVE-2023-28617 fixes in the AlmaLinux CVE-2023-2491 For more details about t...

7.8CVSS7.8AI score0.00469EPSS
Exploits0References4
OSV
OSV
added 2023/05/16 12:0 a.m.23 views

ALSA-2023:3067 Moderate: autotrace security update

AutoTrace is a program for converting bitmaps to vector graphics. Security Fixes: autotrace: heap-buffer overflow via the ReadImage at input-bmp.c CVE-2022-32323 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer t...

7.3CVSS7.2AI score0.00759EPSS
Exploits0References4
OSV
OSV
added 2023/05/16 12:0 a.m.22 views

ALSA-2023:2883 Moderate: libtiff security update

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: out-of-bounds write in TIFFmemcpy in libtiff/tifunix.c CVE-2022-3627 libtiff: integer overflow in function TIFFReadRGBATileExt of the file CVE-2022-3970 For more...

8.8CVSS8.1AI score0.01237EPSS
Exploits2References6
OSV
OSV
added 2023/05/16 12:0 a.m.25 views

ALSA-2023:2806 Moderate: xorg-x11-server security and bug fix update

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg-x11-server: buffer overflow in GetCountedString in xkb/xkb.c CVE-2022-3550 xorg-x11-server:...

8.8CVSS7.9AI score0.02685EPSS
Exploits0References20
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.34 views

Moderate: device-mapper-multipath security and bug fix update

The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Security Fixes: device-mapper-multipath: multipathd: insecure handling of files in /dev/shm leading to symlink attack CVE-2022-41973 For more details about the securi...

7.8CVSS6.6AI score0.00658EPSS
Exploits4References4
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.62 views

Important: edk2 security update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: openssl: X.400 address type confusion in X.509 GeneralName CVE-2023-0286 openssl: timing attack in RSA Decryption...

7.5CVSS6.7AI score0.59501EPSS
Exploits0References10
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.68 views

Moderate: grafana-pcp security update

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang: net/http: handle server errors after sending GOAWAY CVE-2022-27664 For...

7.5CVSS6.8AI score0.02513EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.32 views

Moderate: freeradius:3.0 security update

FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service RADIUS server, designed to allow centralized authentication and authorization for a network. Security Fixes: freeradius: Information leakage in EAP-PWD CVE-2022-41859 freeradius: Crash on...

7.5CVSS7.2AI score0.01171EPSS
Exploits0References8
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.49 views

Moderate: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters CVE-2022-2880 golang: net/http: handle server errors after sending GOAWAY...

7.5CVSS6.7AI score0.02513EPSS
Exploits1References10
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.55 views

Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: use-after-free caused by l2capreassemblesdu in net/bluetooth/l2capcore.c CVE-2022-3564 net/ulp: use-after-free in listening ULP sockets...

8.8CVSS8AI score0.03763EPSS
Exploits17References80
OSV
OSV
added 2023/05/16 12:0 a.m.30 views

ALSA-2023:3108 Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: WebKitGTK: Regression of CVE-2023-28205 fixes in the AlmaLinux CVE-2023-2203 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

8.8CVSS9.1AI score0.27076EPSS
Exploits0References4
Rows per page
Query Builder