CVE-2021-44716 affecting package moby-cli for versions less than 20.10.27-5

CVE-2021-44716 affecting package moby-cli for versions less than 20.10.27-5. A patched version of the package is available...

sudo: Fix of CVE-2023-42465

CVE-2023-42465: make sudo less vulnerable to ROWHAMMER attacks...

CVE-2021-44716 affecting package prometheus-node-exporter for versions less than 1.3.1-24

CVE-2021-44716 affecting package prometheus-node-exporter for versions less than 1.3.1-24. A patched version of the package is available...

Advisory ROSA-SA-2024-2336

software: hiredis 0.13.3 AXIS: ROSA-CHROME packageevrstring: hiredis-0.13.3-2.src.rpm CVE-ID: CVE-2021-32765 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: In vulnerable versions, Hiredis is vulnerable to integer overflow if provided with maliciously crafted or corrupted RESP mult-bulk protocol data. Whe...

CVE-2023-49083 affecting package python-cryptography for versions less than 3.3.2-6

CVE-2023-49083 affecting package python-cryptography for versions less than 3.3.2-6. A patched version of the package is available...

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Arbitrary Remote Code Execution CVE-2023-42917 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to...

squid34: Fix of CVE-2023-46847

CVE-2023-46847: Fix stack buffer overflow when parsing Digest Authorization...

shadow-utils: possible password leak during passwd(1) change

A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from...

.NET 6.0 security update

6.0.124-1.0.1 - Update to .NET SDK 6.0.124 and Runtime 6.0.24 - Resolves: RHEL-14466...

Advisory ROSA-SA-2023-2225

software: pesign 116 WASP: ROSA-CHROME packageevrstring: pesign-116-1.src.rpm CVE-ID: CVE-2022-3560 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A flaw has been discovered in the design. The pesign package provides a systemd service used to run the pesign daemon. This service module runs a script to...

CVE-2023-3389 affecting package kernel for versions less than 5.15.122.1-2

CVE-2023-3389 affecting package kernel for versions less than 5.15.122.1-2. A patched version of the package is available...

Important Photon OS Security Update - PHSA-2023-3.0-0629

Updates of 'xinetd' packages of Photon OS have been released...

openssh security update

8.0p1-19 - Release bump 8.0p1-18 - Avoid remote code execution in ssh-agent PKCS11 support Resolves: CVE-2023-38408...

CVE-2023-3389 affecting package kernel 5.10.183.1-1

CVE-2023-3389 affecting package kernel 5.10.183.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-22044 vulnerabilities

Vulnerabilities for packages: openjdk...

CVE-2023-37207

A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13...

18 security update

nodejs 1:18.14.2-3 - Update bundled c-ares to 1.19.1 Resolves: CVE-2023-31124 CVE-2023-31130 CVE-2023-31147 CVE-2023-32067...

CVE-2023-29405 vulnerabilities

Vulnerabilities for packages: falco, kind, policy-controller...

CVE-2023-33968

Kanboard is open source project management software that focuses on the Kanban methodology. Versions prior to 1.2.30 are subject to a missing access control vulnerability that allows a user with low privileges to create or transfer tasks to any project within the software, even if they have not...

CVE-2023-2251

Uncaught Exception in GitHub repository eemeli/yaml prior to 2.0.0-5...