Lucene search
K

6423 matches found

OSV
OSV
added 2023/05/16 12:0 a.m.28 views

ALSA-2023:3018 Low: libarchive security update

The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file...

9.8CVSS7.9AI score0.01936EPSS
Exploits0References4
OSV
OSV
added 2023/05/16 12:0 a.m.20 views

ALSA-2023:2948 Moderate: device-mapper-multipath security and bug fix update

The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Security Fixes: device-mapper-multipath: multipathd: insecure handling of files in /dev/shm leading to symlink attack CVE-2022-41973 For more details about the securi...

7.8CVSS7.4AI score0.00658EPSS
Exploits4References4
OSV
OSV
added 2023/05/16 12:0 a.m.29 views

ALSA-2023:3000 Moderate: dhcp security and bug fix update

The Dynamic Host Configuration Protocol DHCP is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to...

6.5CVSS7.1AI score0.00664EPSS
Exploits0References6
OSV
OSV
added 2023/05/16 12:0 a.m.33 views

ALSA-2023:2898 Moderate: libtar security update

The libtar packages contain a C library for manipulating tar archives. The library supports both the strict POSIX tar format and many of the commonly used GNU extensions. Security Fixes: libtar: out-of-bounds read in gnulonglink CVE-2021-33643 libtar: out-of-bounds read in gnulongname...

9.1CVSS7.8AI score0.01431EPSS
Exploits0References10
OSV
OSV
added 2023/05/16 12:0 a.m.35 views

ALSA-2023:2785 Moderate: grafana-pcp security update

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang: net/http: handle server errors after sending GOAWAY CVE-2022-27664 For...

7.5CVSS7.6AI score0.02513EPSS
Exploits0References4
OSV
OSV
added 2023/05/16 12:0 a.m.37 views

ALSA-2023:2771 Moderate: unbound security and bug fix update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: NRDelegation attack leads to uncontrolled resource consumption Non-Responsive Delegation Attack CVE-2022-3204 For more details about the security issues, including the impact, a CVSS...

7.5CVSS7.7AI score0.01259EPSS
Exploits0References4
OSV
OSV
added 2023/05/16 12:0 a.m.47 views

ALSA-2023:3087 Important: mysql:8.0 security, bug fix, and enhancement update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql 8.0.32. BZ2177734, BZ2177735, BZ2177736 Security Fixes: mysql: Server:...

7.5CVSS6.4AI score0.43131EPSS
Exploits0References76
OSV
OSV
added 2023/05/16 12:0 a.m.25 views

ALSA-2023:2893 Moderate: python-mako security update

Mako is a template library written in Python. It provides a familiar, non-XML syntax which compiles into Python modules for maximum performance. Security Fixes: mako: REDoS in Lexer class CVE-2022-40023 For more details about the security issues, including the impact, a CVSS score, acknowledgment...

7.5CVSS7.6AI score0.01656EPSS
Exploits1References4
OSV
OSV
added 2023/05/16 12:0 a.m.30 views

ALSA-2023:2830 Moderate: tigervnc security and bug fix update

Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...

8.8CVSS8.7AI score0.02685EPSS
Exploits0References14
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.38 views

Moderate: libtiff security update

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: out-of-bounds write in TIFFmemcpy in libtiff/tifunix.c CVE-2022-3627 libtiff: integer overflow in function TIFFReadRGBATileExt of the file CVE-2022-3970 For more...

8.8CVSS7.1AI score0.01237EPSS
Exploits2References6
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.37 views

Moderate: libtar security update

The libtar packages contain a C library for manipulating tar archives. The library supports both the strict POSIX tar format and many of the commonly used GNU extensions. Security Fixes: libtar: out-of-bounds read in gnulonglink CVE-2021-33643 libtar: out-of-bounds read in gnulongname...

9.1CVSS6.6AI score0.01431EPSS
Exploits0References10
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.38 views

Moderate: postgresql-jdbc security update

PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. Security Fixes: postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file...

5.5CVSS6.7AI score0.0048EPSS
Exploits1References4
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.29 views

Moderate: tigervnc security and bug fix update

Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...

8.8CVSS7AI score0.02685EPSS
Exploits0References14
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.34 views

Moderate: gcc-toolset-12-binutils security update

The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fixes: binutils: NULL pointer...

5.5CVSS6.9AI score0.00437EPSS
Exploits1References4
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.28 views

Moderate: python-mako security update

Mako is a template library written in Python. It provides a familiar, non-XML syntax which compiles into Python modules for maximum performance. Security Fixes: mako: REDoS in Lexer class CVE-2022-40023 For more details about the security issues, including the impact, a CVSS score, acknowledgment...

7.5CVSS6.7AI score0.01656EPSS
Exploits1References4
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.72 views

Important: webkit2gtk3 security and bug fix update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: use-after-free issue leading to arbitrary code execution CVE-2022-42826 webkitgtk: memory corruption issue leading to arbitrary code execution CVE-2023-23517 webkitgtk: memory...

8.8CVSS8AI score0.34574EPSS
Exploits2References46
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.56 views

Moderate: unbound security and bug fix update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: NRDelegation attack leads to uncontrolled resource consumption Non-Responsive Delegation Attack CVE-2022-3204 For more details about the security issues, including the impact, a CVSS...

7.5CVSS6.7AI score0.01259EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.22 views

Moderate: frr security and bug fix update

FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Security Fixes: frr: out-of-bounds read in the BGP daemon may lead to information disclosure or denial of service CVE-2022-37032 For more...

9.1CVSS6.7AI score0.01578EPSS
Exploits1References4
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.40 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: WebKitGTK: Regression of CVE-2023-28205 fixes in the AlmaLinux CVE-2023-2203 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

8.8CVSS6.9AI score0.00934EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.27 views

Moderate: ctags security update

Ctags is a C programming language indexing and cross-reference tool. Security Fixes: ctags: arbitrary command execution via a tag file with a crafted filename CVE-2022-4515 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.8CVSS7AI score0.00577EPSS
Exploits1References4
Rows per page
Query Builder