Lucene search
K

6423 matches found

AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.75 views

Important: edk2 security, bug fix, and enhancement update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: openssl: X.400 address type confusion in X.509 GeneralName CVE-2023-0286 edk2: integer underflow in SmmEntryPoint function...

9.8CVSS7.6AI score0.59501EPSS
Exploits0References12
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.76 views

Moderate: fwupd security and bug fix update

The fwupd packages provide a service that allows session software to update device firmware. Security Fixes: fwupd: world readable password in /etc/fwupd/redfish.conf CVE-2022-3287 shim: 3rd party shim allow secure boot bypass CVE-2022-34301 shim: 3rd party shim allow secure boot bypass...

6.7CVSS7AI score0.01046EPSS
Exploits0References10
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.34 views

Moderate: device-mapper-multipath security and bug fix update

The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Security Fixes: device-mapper-multipath: multipathd: insecure handling of files in /dev/shm leading to symlink attack CVE-2022-41973 For more details about the securi...

7.8CVSS7.5AI score0.00658EPSS
Exploits4References4
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.26 views

Moderate: autotrace security update

AutoTrace is a program for converting bitmaps to vector graphics. Security Fixes: autotrace: heap-buffer overflow via the ReadImage at input-bmp.c CVE-2022-32323 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer t...

7.3CVSS7.2AI score0.00759EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.30 views

Low: lua security update

The lua packages provide support for Lua, a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Security Fixes: lua: heap buffer overread CVE-2022-28805 For more details about the security issues,...

9.1CVSS8.7AI score0.02919EPSS
Exploits1References4
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.34 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: WebKitGTK: Regression of CVE-2023-28205 fixes in the AlmaLinux CVE-2023-2203 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

8.8CVSS8.6AI score0.00934EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.34 views

Moderate: gdk-pixbuf2 security update

The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. Security Fixes: gdk-pixbuf: heap-buffer overflow when decoding the lzw compressed stream of image data CVE-2021-44648 gdk-pixbu...

8.8CVSS8.6AI score0.01891EPSS
Exploits2References6
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.27 views

Moderate: gstreamer1-plugins-good security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. Security Fixes: gstreamer-plugins-good: Potential heap overwrite in...

7.8CVSS7.9AI score0.00465EPSS
Exploits7References16
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.34 views

Moderate: krb5 security, bug fix, and enhancement update

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...

9CVSS7.9AI score0.13794EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.32 views

Moderate: poppler security and bug fix update

Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: integer overflow in JBIG2 decoder using malformed files CVE-2022-38784 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

7.8CVSS7.6AI score0.00574EPSS
Exploits1References4
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.25 views

Moderate: tigervnc security and bug fix update

Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...

8.8CVSS8.5AI score0.02685EPSS
Exploits0References14
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.56 views

Moderate: podman security and bug fix update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests...

5.3CVSS7.9AI score0.05623EPSS
Exploits1References6
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.63 views

Important: webkit2gtk3 security and bug fix update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: use-after-free issue leading to arbitrary code execution CVE-2022-42826 webkitgtk: memory corruption issue leading to arbitrary code execution CVE-2023-23517 webkitgtk: memory...

8.8CVSS8.9AI score0.34574EPSS
Exploits2References46
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.61 views

Moderate: postgresql-jdbc security update

PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. Security Fixes: postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file...

5.5CVSS6.1AI score0.0048EPSS
Exploits1References4
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.37 views

Moderate: freerdp security update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: clients using /parallel command line switch might read...

7.5CVSS6.6AI score0.00985EPSS
Exploits0References20
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.48 views

Moderate: libtpms security update

The libtpms is a library providing Trusted Platform Module TPM functionality for virtual machines. Security Fixes: tpm: TCG TPM2.0 implementations vulnerable to memory corruption CVE-2023-1017 tpm2: TCG TPM2.0 implementations vulnerable to memory corruption CVE-2023-1018 For more details about th...

7.8CVSS7AI score0.05552EPSS
Exploits0References6
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.80 views

Low: openssl security and bug fix update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: Using a Custom Cipher with NIDundef may lead to NULL encryption CVE-2022-3358 For more details...

7.5CVSS7.6AI score0.02846EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.60 views

Moderate: qemu-kvm security, bug fix, and enhancement update

Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. The following packages have been upgraded to a later upstream version: qemu-kvm 7.2.0...

6.5CVSS7.2AI score0.0114EPSS
Exploits1References6
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.61 views

Moderate: grafana security and enhancement update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters CVE-2022-2880 golang: net/http: handle server errors after sending GOAWAY...

7.5CVSS6.9AI score0.02513EPSS
Exploits1References12
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.28 views

Moderate: libguestfs-winsupport security update

The libguestfs-winsupport package adds support for Windows guests to libguestfs, a set of tools and libraries allowing users to access and modify virtual machine VM disk images. Security Fixes: ntfs-3g: heap-based buffer overflow in ntfsck CVE-2021-46790 ntfs-3g: crafted NTFS image can cause heap...

7.8CVSS7.8AI score0.00504EPSS
Exploits1References12
Rows per page
Query Builder