Moderate: php:7.4 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: Passwordverify always return true with some hash CVE-2023-0567 php: Missing error check and insufficient random bytes in...

GHSA-QJRV-V6QP-X99X SurrealDB has an Uncaught Exception Handling Parsing Errors on Empty Strings

The error rendering code from the parser would panic when handling failed parsing of queries where the error occurred when converting an empty string to a SurrealDB value. This would be the case when casting an empty string to a record, duration or datetime, as well as potentially when parsing an...

SurrealDB has an Uncaught Exception Handling Parsing Errors on Empty Strings

The error rendering code from the parser would panic when handling failed parsing of queries where the error occurred when converting an empty string to a SurrealDB value. This would be the case when casting an empty string to a record, duration or datetime, as well as potentially when parsing an...

ROS-20241001-13

A vulnerability in the Botan C++ cryptographic library is related to asymmetric resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the C++ Botan cryptographic library is related to errors in parsing...

DRUPAL-CONTRIB-2024-039

This module provides Drupal with various security-hardening options, for example by emitting various configurable HTTP response headers. The module doesn't sufficiently validate input in Content Security Policy CSP violation reports. This can cause errors when a logging module e.g. dblog or syslo...

ROS-20210716-02

A vulnerability in the DICOM DCMTK library is related to pointer dereferencing errors. Exploitation of the vulnerability allows an attacker to cause a denial of service Vulnerability of the library for working with DICOM DCMTK format is related to allocation of heap memory for parsing the data, b...

RLSA-2024:2985 Moderate: python39:3.9 and python39-devel:3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

UBUNTU-CVE-2024-5458

In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, due to a code logic error, filtering functions such as filtervar when validating URLs FILTERVALIDATEURL for certain types of URLs the function will result in invalid user information username + password part of URLs being...

RHEL 8 : python3.11 (RHSA-2024:3062)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3062 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

ALSA-2024:3062 Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

Moderate: Red Hat Security Advisory: python3.11 security update

An update for python3.11 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

RHEL 9 : python3.11 (RHSA-2024:2292)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2292 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

Fedora 40 : llhttp / python-aiohttp (2023-f2bb9ee617)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-f2bb9ee617 advisory. python-aiohttp 3.8.6 2023-10-07 https://github.com/aio-libs/aiohttp/blob/v3.8.6/CHANGES.rst386-2023-10-07 Security bugfixes - Upgraded llhttp to v9.1.3:...

AZL-39878 CVE-2024-31950 affecting package frr for versions less than 8.5.5-1

In FRRouting FRR through 9.1, there can be a buffer overflow and daemon crash in ospfteparseri for OSPF LSA packets during an attempt to read Segment Routing subTLVs their size is not validated...

PT-2024-2303 · Unknown +1 · Inet Wireless Daemon +1

Name of the Vulnerable Software and Affected Versions: iNet wireless daemon IWD versions 2.15 and earlier Description: The issue is related to initialization problems in the p2putil.c component of the iNet wireless daemon IWD, which can cause a denial of service daemon crash or possibly have othe...

GHSA-8XFF-473H-F863 Uncaught Exception Handling Parsing Errors on Line Terminators

The span rendering would panic when handling failed parsing of queries where the error occurred on a line terminator character. Impact A client that is authorized to run queries in a SurrealDB server is able to execute a malformed query which will fail to parse on a line terminator character and...

Uncaught Exception Handling Parsing Errors on Line Terminators

The span rendering would panic when handling failed parsing of queries where the error occurred on a line terminator character. Impact A client that is authorized to run queries in a SurrealDB server is able to execute a malformed query which will fail to parse on a line terminator character and...

follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse()

An Improper Input Validation flaw was found in follow-redirects due to the improper handling of URLs by the url.parse function. When a new URL throws an error, it can be manipulated to misinterpret the hostname. This issue could allow an attacker to redirect traffic to a malicious site, potential...

Moderate: Red Hat Security Advisory: python3 security update

An update for python3 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...