Lucene search
K

72 matches found

Tenable Nessus
Tenable Nessus
added 2020/12/07 12:0 a.m.40 views

openSUSE Security Update : libssh2_org (openSUSE-2020-2126)

This update for libssh2org fixes the following issues : - Version update to 1.9.0: bsc1178083, jscSLE-16922 Enhancements and bugfixes : - adds ECDSA keys and host key support when using OpenSSL - adds ED25519 key and host key support when using OpenSSL 1.1.1 - adds OpenSSH style key file reading ...

9.3CVSS7.6AI score0.09219EPSS
Exploits1References12
OPENSUSE Linux
OPENSUSE Linux
added 2020/12/04 12:0 a.m.35 views

Security update for neomutt (moderate)

openSUSE Security Update: Security update for neomutt Announcement ID: openSUSE-SU-2020:2157-1 Rating: moderate References: 1172906 1172935 1173197 1179035 1179113 Cross-References: CVE-2020-14093 CVE-2020-14154 CVE-2020-14954 CVE-2020-28896 Affected Products: openSUSE Backports SLE-15-SP1 An...

5.9CVSS6.5AI score0.02323EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2020/12/03 12:0 a.m.49 views

openSUSE Security Update : libssh2_org (openSUSE-2020-2129)

This update for libssh2org fixes the following issues : - Version update to 1.9.0: bsc1178083, jscSLE-16922 Enhancements and bugfixes : - adds ECDSA keys and host key support when using OpenSSL - adds ED25519 key and host key support when using OpenSSL 1.1.1 - adds OpenSSH style key file reading ...

9.3CVSS7.6AI score0.09219EPSS
Exploits1References12
OSV
OSV
added 2020/11/07 9:55 a.m.7 views

OPENSUSE-SU-2020:1868-1 Security update for salt

This update for salt fixes the following issues: - Avoid regression on 'salt-master': set passphrase for salt-ssh keys to empty string bsc1178485 - Properly validate eauth credentials and tokens on SSH calls made by Salt API bsc1178319, bsc1178362, bsc1178361, CVE-2020-25592, CVE-2020-17490,...

9.8CVSS7.5AI score0.99585EPSS
Exploits5References14
Github Security Blog
Github Security Blog
added 2020/07/30 2:58 p.m.47 views

False-positive validity for NFT1 genesis transactions

Impact In the npm package named "slp-validate", versions prior to 1.2.2 are vulnerable to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token without burning any o...

7.5CVSS0.9AI score0.01036EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2020/07/30 2:58 p.m.27 views

GHSA-CC2P-4JHR-XHHX False-positive validity for NFT1 genesis transactions in SLPJS

Impact In the npm package named "slpjs", versions prior to 0.27.4 are vulnerable to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token without burning any of the...

7.5CVSS7.5AI score0.01036EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2020/07/30 2:58 p.m.48 views

False-positive validity for NFT1 genesis transactions in SLPJS

Impact In the npm package named "slpjs", versions prior to 0.27.4 are vulnerable to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token without burning any of the...

7.5CVSS0.8AI score0.01036EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/04/02 12:0 a.m.259 views

openSUSE Security Update : ruby2.5 (openSUSE-2020-395)

This update for ruby2.5 toversion 2.5.7 fixes the following issues: ruby 2.5 was updated to version 2.5.7 - CVE-2020-8130: Fixed a command injection in intree copy of rake bsc1164804. - CVE-2019-16255: Fixed a code injection vulnerability of Shell and Shelltest bsc1152990. - CVE-2019-16254: Fixed...

8.1CVSS6.9AI score0.29726EPSS
Exploits8References14
OpenVAS
OpenVAS
added 2020/03/29 12:0 a.m.53 views

openSUSE: Security Advisory for Recommended (openSUSE-SU-2020:0395-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS7.4AI score0.29726EPSS
Exploits8References2
OSV
OSV
added 2020/03/28 5:16 p.m.10 views

OPENSUSE-SU-2020:0395-1 Recommended update for ruby2.5

This update for ruby2.5 toversion 2.5.7 fixes the following issues: ruby 2.5 was updated to version 2.5.7 - CVE-2020-8130: Fixed a command injection in intree copy of rake bsc1164804. - CVE-2019-16255: Fixed a code injection vulnerability of Shell and Shelltest bsc1152990. - CVE-2019-16254: Fixed...

8.1CVSS6.9AI score0.29726EPSS
Exploits8References15
OPENSUSE Linux
OPENSUSE Linux
added 2020/03/28 12:0 a.m.290 views

Recommended update for ruby2.5 (important)

openSUSE Security Update: Recommended update for ruby2.5 Announcement ID: openSUSE-SU-2020:0395-1 Rating: important References: 1140844 1152990 1152992 1152994 1152995 1162396 1164804 Cross-References: CVE-2012-6708 CVE-2015-9251 CVE-2019-15845 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255...

8.1CVSS6.8AI score0.29726EPSS
Exploits8References7
OSV
OSV
added 2020/03/24 2:52 p.m.8 views

SUSE-SU-2020:0762-1 Security Beta update for Salt

This update fixes the following issues: salt: - Requiring python3-distro only for openSUSE/SLE = 15 - Use full option name instead of undocumented abbreviation for zypper - Python-distro is only needed for Python 3.7. Removing it for Python 2 - Fixed a local privilege escalation to root bsc115746...

8.4CVSS9.3AI score0.00386EPSS
Exploits0References7
OSV
OSV
added 2020/03/20 12:47 p.m.7 views

SUSE-SU-2020:0737-1 Recommended update for ruby2.5

This update for ruby2.5 toversion 2.5.7 fixes the following issues: ruby 2.5 was updated to version 2.5.7 - CVE-2020-8130: Fixed a command injection in intree copy of rake bsc1164804. - CVE-2019-16255: Fixed a code injection vulnerability of Shell and Shelltest bsc1152990. - CVE-2019-16254: Fixed...

8.1CVSS7.2AI score0.29726EPSS
Exploits8References15
Tenable Nessus
Tenable Nessus
added 2020/03/19 12:0 a.m.61 views

openSUSE Security Update : salt (openSUSE-2020-357)

This update for salt fixes the following issues : - Avoid possible user escalation upgrading salt-master bsc1157465 CVE-2019-18897 - Fix unit tests failures in testbatchasync tests - Batch Async: Handle exceptions, properly unregister and close instances after running async batching to avoid CPU...

9.8CVSS8.2AI score0.15106EPSS
Exploits0References11
OSV
OSV
added 2020/03/13 12:42 p.m.9 views

SUSE-SU-2020:0684-1 Security update for salt

This update for salt fixes the following issues: - Avoid possible user escalation upgrading salt-master bsc1157465 CVE-2019-18897 - Fix unit tests failures in testbatchasync tests - Batch Async: Handle exceptions, properly unregister and close instances after running async batching to avoid CPU...

9.8CVSS9.2AI score0.15106EPSS
Exploits0References12
Oracle linux
Oracle linux
added 2019/11/14 12:0 a.m.42 views

qt5-qtbase security and bug fix update

qt5-qtbase 5.11-1-7 - Move libQt5EglFSDeviceIntegration lib out of the -devel subpkg Resolves: bz1692970 - Fix QImage allocaion failure Resolve: bz1667860 - Fix double free in QXmlStreamReader Resolve: bz1667858 - Fix segmentation fault on malformed BMP file Resolve: bz1667859 5.11.1-6 - Create a...

9.8CVSS0.8AI score0.03382EPSS
Exploits0
Friends Of PHP
Friends Of PHP
added 2019/07/01 12:55 p.m.42 views

XXE Vulnerability

This is: - a bugfix - a new feature - X security Checklist: - X Changes are covered by unit tests - X Code style is respected - X Commit message explains why the change is made see https://github.com/erlang/otp/wiki/Writing-good-commit-messages - X CHANGELOG.md contains a short summary of the...

8.8CVSS8.7AI score0.0135EPSS
Exploits1Affected Software1
Fedora
Fedora
added 2019/04/22 5:11 a.m.17 views

[SECURITY] Fedora 29 Update: meson-0.50.0-4.fc29

Meson is a build system designed to optimize programmer productivity. It aims to do this by providing simple, out-of-the-box support for modern software development tools and practices, such as unit tests, coverage reports, Valgrind, CCache and the like...

2.1AI score
Exploits0
UbuntuCve
UbuntuCve
added 2018/06/24 10:29 p.m.20 views

CVE-2018-12713

GIMP through 2.10.2 makes ggettmpdir calls to establish temporary filenames, which may result in a filename that already exists, as demonstrated by the gimpwriteandreadfile function in app/tests/test-xcf.c. This might be leveraged by attackers to overwrite files or read file content that was...

9.1CVSS6.8AI score0.01947EPSS
Exploits0References1
Fedora
Fedora
added 2018/06/16 8:20 p.m.34 views

[SECURITY] Fedora 28 Update: nodejs-JSV-4.0.2-12.fc28

JSV is a JavaScript implementation of a extendable, fully compliant JSON Schema validator with the following features: The fastest extendable JSON validator available! Complete implementation of all current JSON Schema draft revisions. Supports creating individual environments sandboxes that...

6.8CVSS1.1AI score0.01342EPSS
Exploits1
Rows per page
Query Builder