Important: Red Hat Security Advisory: valkey security update

An update for valkey is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

Important: Red Hat Security Advisory: golang security update

An update for golang is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Moderate: Red Hat Security Advisory: libssh security update

An update for libssh is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Moderate: Red Hat Security Advisory: grafana security update

An update for grafana is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: haproxy security update

An update for haproxy is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

Microsoft Service Fabric 安全漏洞

Microsoft Service Fabric is a set of distributed system platforms from Microsoft USA. The platform is primarily used for packaging, deploying, and managing microservices, containers, and so on. A security vulnerability exists in Microsoft Service Fabric. An attacker exploiting this vulnerability...

Debian DSA-4931-1 : xen - security update

Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service or information leaks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4931. The...

Debian DSA-4868-1 : flatpak - security update

Anton Lydike discovered that sandbox restrictions in Flatpak, an application deployment framework for desktop apps, could be bypassed via a malicious .desktop file. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...

Debian DSA-4866-1 : thunderbird - security update

Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4866. The text itself ...

Debian DSA-4852-1 : openvswitch - security update

Joakim Hindersson discovered that Open vSwitch, a software-based Ethernet virtual switch, allowed a malicious user to cause a denial-of-service by sending a specially crafted packet. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

Debian DSA-4822-1 : p11-kit - security update

David Cook reported several memory safety issues affecting the RPC protocol in p11-kit, a library providing a way to load and enumerate PKCS11 modules. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4822. Th...

Debian DSA-4820-1 : horizon - security update

Pritam Singh discovered an open redirect in the workflow forms of OpenStack Horizon. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4820. The text itself is copyright C Software in the Public Interest, Inc...

Debian DSA-4800-1 : libproxy - security update

Two vulnerabilities were discovered in libproxy, an automatic proxy configuration management library, which could result in denial of service, or possibly, execution of arbitrary code. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debi...

Debian DSA-4782-1 : openldap - security update

A vulnerability in the handling of normalization with modrdn was discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol. An unauthenticated remote attacker can use this flaw to cause a denial of service slapd daemon crash via a specially crafted packet. C Tenab...

Debian DSA-4776-1 : mariadb-10.3 - security update

A security issue was discovered in the MariaDB database server. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4776. The text itself is copyright C Software in the Public Interest, Inc. include"compat.inc"; ...

Debian DSA-4765-1 : modsecurity - security update

Ervin Hegedues discovered that ModSecurity v3 enabled global regular expression matching which could result in denial of service. For additional information please refer to https://coreruleset.org/20200914/cve-2020-15598/ C Tenable Network Security, Inc. The descriptive text and package checks in...

Debian DSA-4610-1 : webkit2gtk - security update

The following vulnerabilities have been discovered in the webkit2gtk web engine : - CVE-2019-8835 An anonymous researcher discovered that maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8844 William Bowling discovered that maliciously crafted web content may lead ...

CVE-2005-4791

Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the working directory to be added to LDLIBRARYPATH, which might allow local users to execute arbitrary code via 1 liferea or 2 banshee...

Debian DSA-4486-1 : openjdk-11 - security update

Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in information disclosure, denial of service or bypass of sandbox restrictions. In addition the implementation of elliptic curve cryptography was modernised. C Tenable Network Security, Inc. The descriptive text a...