Lucene search
K

6423 matches found

OSV
OSV
added 2023/05/16 12:0 a.m.35 views

ALSA-2023:2860 Moderate: python27:2.7 security update

Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for...

7.5CVSS8AI score0.02453EPSS
Exploits1References4
OSV
OSV
added 2023/05/16 12:0 a.m.31 views

ALSA-2023:2830 Moderate: tigervnc security and bug fix update

Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...

8.8CVSS8.7AI score0.02685EPSS
Exploits0References14
OSV
OSV
added 2023/05/16 12:0 a.m.22 views

ALSA-2023:3068 Important: mingw-expat security update

Expat is a C library for parsing XML documents. The mingw-expat packages provide a port of the Expat library for MinGW. Security Fixes: expat: a use-after-free in the doContent function in xmlparse.c CVE-2022-40674 For more details about the security issues, including the impact, a CVSS score,...

8.1CVSS7.9AI score0.01659EPSS
Exploits0References4
OSV
OSV
added 2023/05/16 12:0 a.m.35 views

ALSA-2023:2785 Moderate: grafana-pcp security update

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang: net/http: handle server errors after sending GOAWAY CVE-2022-27664 For...

7.5CVSS7.6AI score0.02513EPSS
Exploits0References4
OSV
OSV
added 2023/05/16 12:0 a.m.30 views

ALSA-2023:3000 Moderate: dhcp security and bug fix update

The Dynamic Host Configuration Protocol DHCP is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to...

6.5CVSS7.1AI score0.00664EPSS
Exploits0References6
OSV
OSV
added 2023/05/16 12:0 a.m.20 views

ALSA-2023:2948 Moderate: device-mapper-multipath security and bug fix update

The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Security Fixes: device-mapper-multipath: multipathd: insecure handling of files in /dev/shm leading to symlink attack CVE-2022-41973 For more details about the securi...

7.8CVSS7.4AI score0.00658EPSS
Exploits4References4
OSV
OSV
added 2023/05/16 12:0 a.m.33 views

ALSA-2023:2834 Important: webkit2gtk3 security and bug fix update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: use-after-free issue leading to arbitrary code execution CVE-2022-42826 webkitgtk: memory corruption issue leading to arbitrary code execution CVE-2023-23517 webkitgtk: memory...

8.8CVSS9AI score0.34574EPSS
Exploits2References46
OSV
OSV
added 2023/05/16 12:0 a.m.30 views

ALSA-2023:3108 Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: WebKitGTK: Regression of CVE-2023-28205 fixes in the AlmaLinux CVE-2023-2203 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

8.8CVSS9.1AI score0.27076EPSS
Exploits0References4
OSV
OSV
added 2023/05/16 12:0 a.m.35 views

ALSA-2023:2951 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel 4.18.0. BZ2122230, BZ2122267 Security Fixes: use-after-free caused by l2capreassemblesdu in net/bluetooth/l2capcore.c CVE-2022-3564...

8.8CVSS9.1AI score0.03763EPSS
Exploits17References80
OSV
OSV
added 2023/05/16 12:0 a.m.37 views

ALSA-2023:2757 Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

7.8CVSS7.7AI score0.05552EPSS
Exploits1References16
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.27 views

Moderate: ctags security update

Ctags is a C programming language indexing and cross-reference tool. Security Fixes: ctags: arbitrary command execution via a tag file with a crafted filename CVE-2022-4515 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.8CVSS7AI score0.00577EPSS
Exploits1References4
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.43 views

Moderate: python38:3.8 and python38-devel:3.8 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. The following...

7.5CVSS6.7AI score0.03213EPSS
Exploits1References8
OSV
OSV
added 2023/05/16 12:0 a.m.14 views

ALSA-2023:2863 Moderate: ctags security update

Ctags is a C programming language indexing and cross-reference tool. Security Fixes: ctags: arbitrary command execution via a tag file with a crafted filename CVE-2022-4515 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.8CVSS7.6AI score0.00577EPSS
Exploits1References4
OSV
OSV
added 2023/05/16 12:0 a.m.27 views

ALSA-2023:3104 Important: emacs security update

GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language elisp, and the capability to read e-mail and news. Security Fixes: emacs: Regression of CVE-2023-28617 fixes in the AlmaLinux CVE-2023-2491 For more details about t...

7.8CVSS7.8AI score0.00469EPSS
Exploits0References4
OSV
OSV
added 2023/05/16 12:0 a.m.37 views

ALSA-2023:2771 Moderate: unbound security and bug fix update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: NRDelegation attack leads to uncontrolled resource consumption Non-Responsive Delegation Attack CVE-2022-3204 For more details about the security issues, including the impact, a CVSS...

7.5CVSS7.7AI score0.01259EPSS
Exploits0References4
OSV
OSV
added 2023/05/16 12:0 a.m.25 views

ALSA-2023:3042 Moderate: emacs security and bug fix update

GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language elisp, and the capability to read e-mail and news. Security Fixes: emacs: ctags local command execution vulnerability CVE-2022-45939 For more details about the...

7.8CVSS7.8AI score0.00635EPSS
Exploits0References4
OSV
OSV
added 2023/05/16 12:0 a.m.26 views

ALSA-2023:2867 Moderate: postgresql-jdbc security update

PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. Security Fixes: postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file...

5.5CVSS5.7AI score0.0048EPSS
Exploits1References4
OSV
OSV
added 2023/05/16 12:0 a.m.13 views

ALSA-2023:3107 Important: libreswan security update

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network VPN...

7.5CVSS7.4AI score0.01581EPSS
Exploits0References4
OSV
OSV
added 2023/05/16 12:0 a.m.47 views

ALSA-2023:3087 Important: mysql:8.0 security, bug fix, and enhancement update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql 8.0.32. BZ2177734, BZ2177735, BZ2177736 Security Fixes: mysql: Server:...

7.5CVSS6.4AI score0.43131EPSS
Exploits0References76
OSV
OSV
added 2023/05/16 12:0 a.m.41 views

ALSA-2023:2866 Moderate: git-lfs security and bug fix update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters...

7.5CVSS7.1AI score0.05623EPSS
Exploits1References8
Rows per page
Query Builder