Lucene search
+L

2751 matches found

Mageia
Mageia
added 2023/10/23 10:5 p.m.32 views

Updated libcue packages fix a security vulnerability

Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment can be exploited by downloading a cue sheet from a malicious webpage. Because the file is saved to /Downloads, it is then automatically scanned by tracker-miners. And because it has a .c...

8.8CVSS7.5AI score0.1657EPSS
Exploits1References2
OSV
OSV
added 2023/09/30 7:15 p.m.11 views

MGASA-2023-0273 Updated quictls packages fix security vulnerabilities

The updated packages fix security vulnerabilities: AES-SIV implementation ignores empty associated data entries. CVE-2023-2975 Excessive time spent checking DH keys and parameters. CVE-2023-3446 Excessive time spent checking DH q parameter value. CVE-2023-3817...

5.3CVSS5.8AI score0.05533EPSS
Exploits0References8
Mageia
Mageia
added 2023/09/30 7:15 p.m.37 views

Updated flac packages fix security vulnerability

The updated packages fix a security vulnerability: Buffer Overflow vulnerability in function bitwritergrow in flac before 1.4.0 allows remote attackers to run arbitrary code via crafted input to the encoder. CVE-2020-22219...

7.8CVSS7.9AI score0.00742EPSS
Exploits1References3
Amazon
Amazon
added 2023/07/26 12:0 a.m.7 views

Medium: curl

Issue Overview: libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the now freed hash. This flaw risks inserting sensitive heap-based data into t...

7.5CVSS6.9AI score0.02489EPSS
Exploits3
Mageia
Mageia
added 2023/06/15 7:27 a.m.74 views

Updated webkit2 packages fix security vulnerability

Out-of-bounds read CVE-2023-28204 Use-after-free issue CVE-2023-32373...

8.8CVSS7.1AI score0.14292EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/25 1:6 p.m.38 views

Security Bulletin: A vulnerability in Etcd-io could affect IBM CICS TX Advanced [CVE-2021-28235]

Summary CVE-2021-28235 related to etcd package could affect IBM CICS TX Advanced. IBM CICS TX Advanced has addressed the applicable CVE. CVE-2021-28235 Vulnerability Details CVEID:CVE-2021-28235 DESCRIPTION: Etcd-io could allow a remote attacker to gain elevated privileges on the system, caused b...

9.8CVSS9.6AI score0.01605EPSS
Exploits0Affected Software1
Mageia
Mageia
added 2023/05/16 7:17 p.m.48 views

Updated golang packages fix security vulnerability

Angle brackets were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for injection of unexpected HMTL, if executed with untrusted input...

9.8CVSS7.4AI score0.01548EPSS
Exploits0References3
Mageia
Mageia
added 2023/04/06 9:20 p.m.50 views

Updated ldb/samba packages fix security vulnerability

Deletion of AD DC "dnsHostname" attribute by unprivileged authenticated users CVE-2023-0225 Read access controlled AD LDAP attributes CVE-2023-0614 Cleartext password sending by AD DC admin tool CVE-2023-0922...

7.7CVSS5.9AI score0.00719EPSS
Exploits0References5
OSV
OSV
added 2023/03/31 12:13 a.m.5 views

MGASA-2023-0121 Updated xapian packages fix security vulnerability

Xapian database corruption on disk full is possible. It doesn't happen in every case as ENOSPC needs to happen on a particular operation during the commit but then not happen on a repeat attempt at that operation. bdo1032398...

7.2AI score
Exploits0References3
Mageia
Mageia
added 2023/03/24 5:55 a.m.22 views

Updated libmicrohttpd packages fix security vulnerability

In the MHDPostProcessor, malformed inputs can be used to crash the server for denial-of-service...

6.8AI score
Exploits0References2
Mageia
Mageia
added 2023/02/14 10:43 p.m.48 views

Updated webkit2 packages fix security vulnerability

Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2022-42826 CVE-2023-23517 CVE-2023-23518...

8.8CVSS9.1AI score0.00902EPSS
Exploits0References3
OSV
OSV
added 2022/12/30 10:39 p.m.5 views

MGASA-2022-0486 Updated webkit2 packages fix security vulnerability

The updated packages fix security vulnerabilities and other issues. See references for details...

8.8CVSS7.7AI score0.34574EPSS
Exploits2References4
OSV
OSV
added 2022/12/30 10:39 p.m.5 views

MGASA-2022-0484 Updated thunderbird packages fix security vulnerability

Drag and Dropped Filenames could have been truncated to malicious extensions. CVE-2022-46874...

8.8CVSS9.3AI score0.00884EPSS
Exploits0References4
OSV
OSV
added 2022/11/13 2:25 a.m.8 views

MGASA-2022-0421 Updated webkit2 packages fix security vulnerability

The updated packages fix a security vulnerability and other issues...

8.8CVSS6.9AI score0.0141EPSS
Exploits0References4
Mageia
Mageia
added 2022/11/13 2:25 a.m.60 views

Updated nodejs packages fix security vulnerability

DNS rebinding in --inspect via invalid octal IP address CVE-2022-43548 In addition, 14.21.0 has provided the following changes: deps update corepack to 0.14.2 Node.js GitHub Bot 44775 src add --openssl-shared-config option Daniel Bevenius 43124...

8.1CVSS2.8AI score0.14024EPSS
Exploits0References5
Mageia
Mageia
added 2022/11/13 2:25 a.m.57 views

Updated webkit2 packages fix security vulnerability

The updated packages fix a security vulnerability and other issues...

8.8CVSS7.2AI score0.0141EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/11/08 12:0 a.m.1 views

PT-2022-37581 · Mageia · Bluez

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The issue pertains to security vulnerabilities for which updated packages provide additional fixes. Details can be found in the references. Recommendations: At the moment, there is no...

7.2AI score
Exploits0References5
OSV
OSV
added 2022/11/01 10:58 p.m.6 views

MGASA-2022-0404 Updated libksba packages fix security vulnerability

Integer Overflow in LibKSBA. CVE-2022-3515...

9.8CVSS9.5AI score0.01635EPSS
Exploits1References3
Mageia
Mageia
added 2022/10/13 8:5 p.m.16 views

Updated libofx packages fix security vulnerability

The updated packages fix memory issues in libofx. rhbz2127755...

2.1AI score
Exploits0References6
Mageia
Mageia
added 2022/09/21 6:15 p.m.102 views

Updated firefox packages fix security vulnerabilities

When injecting an HTML base element, some requests would ignore the CSP's base-uri settings and accept the injected element's base instead CVE-2022-40956. By injecting a cookie with certain special characters, an attacker on a shared subdomain which is not a secure context could set and thus...

8.8CVSS1.5AI score0.01342EPSS
Exploits0References5
Rows per page
Query Builder