Lucene search
K

34 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/12/09 9:3 p.m.7 views

Security Bulletin: IBM® Db2® is affected by a vulnerability in the corosync library. (CVE-2025-30472)

Summary If encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orftokenendianconvert in exec/totemsrp.c via a large UDP packet. Note, this vulnerability has been fixed in Corosync 3.1.7-3 for Db2 11.5.9 and Corosync 3.1.8-6 for Db2 12.1.2 and late...

9.8CVSS7AI score0.00433EPSS
Exploits1Affected Software1
OSV
OSV
added 2025/10/04 12:11 a.m.3 views

RLSA-2025:7201 Moderate: corosync security update

The corosync packages provide the Corosync Cluster Engine and C APIs for Rocky Linux cluster software. Security Fixes: corosync: Stack buffer overflow from 'orftokenendianconvert' CVE-2025-30472 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

6.6CVSS6.9AI score0.00433EPSS
Exploits1References2
Rockylinux
Rockylinux
added 2025/10/03 7:56 p.m.3 views

corosync security update

An update is available for corosync. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The corosync packages provide the Corosync Cluster Engine and C APIs for...

9.8CVSS7.3AI score0.00433EPSS
Exploits1
OpenVAS
OpenVAS
added 2025/09/23 12:0 a.m.5 views

Debian: Security Advisory (DLA-4308-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.8AI score0.00433EPSS
Exploits1References2
Debian
Debian
added 2025/09/22 9:29 p.m.3 views

[SECURITY] [DLA 4308-1] corosync security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4308-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz September 22, 2025 https://wiki.debian.org/LTS -...

9.8CVSS7.2AI score0.00433EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/07/03 12:0 a.m.10 views

AlmaLinux 9 : corosync (ALSA-2025:7201)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:7201 advisory. corosync: Stack buffer overflow from 'orftokenendianconvert' CVE-2025-30472 Tenable has extracted the preceding description block directly from the AlmaLinux...

9.8CVSS7.2AI score0.00433EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/07/02 12:0 a.m.5 views

Oracle Linux 10 : corosync (ELSA-2025-7478)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-7478 advisory. 3.1.9-1.1 - Resolves: RHEL-84612 - totemsrp: Check size of orftoken msg fixes CVE-2025-30472 Tenable has extracted the preceding description block directly fro...

9.8CVSS6.9AI score0.00433EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/28 12:8 a.m.5 views

Security Bulletin: Due to use of Corosync, IBM MQ is vulnerable to a stack-based buffer overflow

Summary Corosync is used by IBM MQ as part of the RDQM component CVE-2025-30472 Vulnerability Details CVEID:CVE-2025-30472 DESCRIPTION: Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orftokenendianconvert in...

9.8CVSS8.2AI score0.00433EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/06/05 12:0 a.m.10 views

RHEL 10 : corosync (RHSA-2025:7478)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7478 advisory. The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. Security Fixes: corosync: Stack...

9.8CVSS7.2AI score0.00433EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/05/27 12:0 a.m.13 views

RHEL 9 : corosync (RHSA-2025:7201)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7201 advisory. The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. Security Fixes: corosync: Stack...

9.8CVSS7.2AI score0.00433EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.5 views

Fedora: Security Advisory (FEDORA-2025-c55f39aeb3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.00433EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.3 views

Fedora: Security Advisory (FEDORA-2025-a350309ddb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.00433EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/05/22 12:0 a.m.10 views

Oracle Linux 9 : corosync (ELSA-2025-7201)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-7201 advisory. - totemsrp: Check size of orftoken msg fixes CVE-2025-30472 Tenable has extracted the preceding description block directly from the Oracle Linux security...

9.8CVSS6.9AI score0.00433EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/05/19 12:0 a.m.16 views

Alibaba Cloud Linux 3 : 0066: corosync (ALINUX3-SA-2025:0066)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0066 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-30472: Corosync through 3.1.9, if encrypti...

9.8CVSS7.2AI score0.00433EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2025/05/13 8:39 a.m.8 views

Moderate: Red Hat Security Advisory: corosync security update

An update for corosync is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.8CVSS6.9AI score0.00433EPSS
Exploits1References4
OSV
OSV
added 2025/05/13 12:0 a.m.7 views

ALSA-2025:7201 Moderate: corosync security update

The corosync packages provide the Corosync Cluster Engine and C APIs for AlmaLinux cluster software. Security Fixes: corosync: Stack buffer overflow from 'orftokenendianconvert' CVE-2025-30472 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...

9.8CVSS7.3AI score0.00433EPSS
Exploits1References4
OSV
OSV
added 2025/05/13 12:0 a.m.5 views

ALSA-2025:7478 Moderate: corosync security update

The corosync packages provide the Corosync Cluster Engine and C APIs for AlmaLinux cluster software. Security Fixes: corosync: Stack buffer overflow from 'orftokenendianconvert' CVE-2025-30472 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...

9.8CVSS8.5AI score0.00433EPSS
Exploits1References4
AlmaLinux
AlmaLinux
added 2025/05/13 12:0 a.m.7 views

Moderate: corosync security update

The corosync packages provide the Corosync Cluster Engine and C APIs for AlmaLinux cluster software. Security Fixes: corosync: Stack buffer overflow from 'orftokenendianconvert' CVE-2025-30472 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...

9.8CVSS7.4AI score0.00433EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2025/05/06 12:0 a.m.15 views

Ubuntu: Security Advisory (USN-7478-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.1AI score0.00433EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2025/04/07 12:0 a.m.8 views

Mageia: Security Advisory (MGASA-2025-0127)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.00433EPSS
Exploits1References4
Rows per page
Query Builder