OpenSSL 3.0.0 < 3.0.15 Vulnerability

The version of OpenSSL installed on the remote host is prior to 3.0.15. It is, therefore, affected by a vulnerability as referenced in the 3.0.15 advisory. - Issue summary: Calling the OpenSSL API function SSLselectnextproto with an empty supported client protocols buffer may cause a crash or...

OpenSSL 1.1.1 < 1.1.1za Vulnerability

The version of OpenSSL installed on the remote host is prior to 1.1.1za. It is, therefore, affected by a vulnerability as referenced in the 1.1.1za advisory. - Issue summary: Calling the OpenSSL API function SSLselectnextproto with an empty supported client protocols buffer may cause a crash or...

PT-2024-36813

Name of the Vulnerable Software and Affected Versions CPython versions 3.9 and earlier Description The issue arises from configuring an empty list for SSLContext.set npn protocols, which is an invalid value for the underlying OpenSSL API, resulting in a buffer over-read when NPN is used. This is...

OpenSSL 3.1.0 < 3.1.7 Vulnerability

The version of OpenSSL installed on the remote host is prior to 3.1.7. It is, therefore, affected by a vulnerability as referenced in the 3.1.7 advisory. - Issue summary: Calling the OpenSSL API function SSLselectnextproto with an empty supported client protocols buffer may cause a crash or memor...

PT-2024-6694 · Foxit · Foxit Pdf Reader

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this issue, where the...

PT-2024-6610 · Pdf Xchange · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this, where the targ...

FreeRTOS-Plus-TCP Security Vulnerability

FreeRTOS-Plus-TCP is an extensible open source and thread-safe TCP/IP stack for FreeRTOS. A security vulnerability exists in FreeRTOS-Plus-TCP versions prior to 4.1.1 that stems from a buffer over-read in the DNS response parser...

The vulnerability in the web interface of microprogramming software for devices that control lighting and energy consumption from a distance—Schneider Electric Sage—allows a perpetrator to trigger a service failure.

The vulnerability of the web interface of microprogramming software for devices for remote control of lighting and energy consumption in Schneider Electric Sage is related to reading data outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service...

RLSA-2024:3671 Moderate: ruby:3.3 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 3.3. Rocky Linux-37697 Security Fixes: ruby: Buffer overread...

ruby:3.3 security, bug fix, and enhancement update

An update is available for rubygem-pg, module.rubygem-mysql2, rubygem-mysql2, module.rubygem-pg. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Ruby is an...

RLSA-2024:3668 Moderate: ruby:3.1 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 3.1. Rocky Linux-35449 Security Fixes: ruby: Buffer overread...

RLSA-2024:3343 Important: xorg-x11-server-Xwayland security update

Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents CVE-2024-31080 xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice CVE-2024-31081 xorg-x11-server: Use-after-free in...

xorg-x11-server-Xwayland security update

An update is available for xorg-x11-server-Xwayland. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Xwayland is an X server for running X clients under Wayland...

ruby:3.3 security, bug fix, and enhancement update

An update is available for module.rubygem-abrt, rubygem-mysql2, module.rubygem-pg, ruby, module.rubygem-mysql2, rubygem-abrt, module.ruby, rubygem-pg. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

tigervnc security update

An update is available for tigervnc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Virtual Network Computing VNC is a remote display system which allows users ...

ruby:3.1 security, bug fix, and enhancement update

An update is available for module.rubygem-abrt, rubygem-mysql2, module.rubygem-pg, ruby, module.rubygem-mysql2, rubygem-abrt, module.ruby, rubygem-pg. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

xorg-x11-server security update

An update is available for xorg-x11-server. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list X.Org is an open-source implementation of the X Window System. It...

RLSA-2024:3670 Moderate: ruby:3.3 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 3.3. Rocky Linux-37446 Security Fixes: ruby: Buffer overread...

RLSA-2024:3258 Moderate: xorg-x11-server security update

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents CVE-2024-31080 xorg-x11-server:...

RLSA-2024:3546 Moderate: ruby:3.1 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: ruby: RCE vulnerability with .rdocoptions in RDoc CVE-2024-27281 ruby: Buffer overread vulnerability in StringIO CVE-2024-27280...