Lucene search
K

134 matches found

Mageia
Mageia
added 2019/09/21 4:4 p.m.82 views

Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 4.14.145 and fixes at least the following security issues: There is heap-based buffer overflow in the marvell wifi chip driver that allows local users to cause a denial of servicesystem crash or possibly execute arbitrary code CVE-2019-14814,...

8.8CVSS3.5AI score0.00909EPSS
Exploits3References9
Mageia
Mageia
added 2019/08/10 12:12 a.m.58 views

Updated php packages fix security vulnerabilities

Updated php packages fixes at least the following security issues: When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause ...

7.1CVSS3.1AI score0.0442EPSS
Exploits2References3
Mageia
Mageia
added 2019/06/21 1:7 a.m.79 views

Updated kernel-linus packages fix security vulnerability

This kernel-linus update is based on the upstream 4.14.127 and fixes at least the following security issues: Jonathan Looney discovered that it is possible to send a crafted sequence of SACKs which will fragment the RACK send map. An attacker may be able to further exploit the fragmented send map...

7.8CVSS7.2AI score0.98745EPSS
Exploits4References11
RedHat Linux
RedHat Linux
added 2019/02/28 8:19 a.m.81 views

Moderate: Red Hat Security Advisory: ansible security and bug fix update

An update for ansible is now available for Ansible Engine 2.7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

4.2CVSS6.8AI score0.00522EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2018/12/18 12:1 p.m.125 views

Low: Red Hat Security Advisory: ansible security and bug fix update

An update for ansible is now available for Ansible Engine 2.6. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links i...

5.3CVSS6.8AI score0.02462EPSS
Exploits0References2
Mageia
Mageia
added 2018/09/14 8:41 p.m.17 views

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on the upstream 4.14.69 and adds additional fixes for the L1TF and Spectre security issues. Other fixes in this update: all SPIINTELSPI config options have been disable to prevent a potential bios corrupting bug mga23560 For other changes in this update, see the...

2.1AI score
Exploits0References6
Mageia
Mageia
added 2018/08/19 11:24 a.m.81 views

Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 4.14.65 and adds fixes and mitigations for the now publically known security issue affecting Intel processors called L1 Terminal Fault L1TF: Systems with microprocessors utilizing speculative execution and Intel Software Guard Extensions Intel SGX may...

7.3CVSS7.1AI score0.08101EPSS
Exploits0References7
Mageia
Mageia
added 2018/08/12 8:39 p.m.88 views

Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 4.14.62 and fixes at least the following security issues: Security researchers from FICORA have identified a remote denial of service attack against the Linux kernel caused by inefficient implementation of TCP segment reassembly, named "SegmentSmack". A...

7.8CVSS4.3AI score0.7354EPSS
Exploits0References7
OSV
OSV
added 2018/08/06 10:29 p.m.24 views

CVE-2017-2654

jenkins-email-ext before version 2.57.1 is vulnerable to an Information Exposure. The Email Extension Plugins is able to send emails to a dynamically created list of users based on the changelogs, like authors of SCM changes since the last successful build. This could in some cases result in emai...

5.3CVSS6.7AI score0.01137EPSS
Exploits0References2
NVD
NVD
added 2018/08/06 10:29 p.m.36 views

CVE-2017-2654

jenkins-email-ext before version 2.57.1 is vulnerable to an Information Exposure. The Email Extension Plugins is able to send emails to a dynamically created list of users based on the changelogs, like authors of SCM changes since the last successful build. This could in some cases result in emai...

5.3CVSS4.5AI score0.01137EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/08/06 10:0 p.m.29 views

CVE-2017-2654

jenkins-email-ext before version 2.57.1 is vulnerable to an Information Exposure. The Email Extension Plugins is able to send emails to a dynamically created list of users based on the changelogs, like authors of SCM changes since the last successful build. This could in some cases result in emai...

3.7CVSS5.1AI score0.01137EPSS
Exploits0References2
Prion
Prion
added 2018/07/27 6:29 p.m.15 views

Information disclosure

jenkins-mailer-plugin before version 1.20 is vulnerable to an information disclosure while using the feature to send emails to a dynamically created list of users based on the changelogs. This could in some cases result in emails being sent to people who have no user account in Jenkins, and in ra...

4.3CVSS3.9AI score0.01633EPSS
Exploits0References3Affected Software1
RedHat Linux
RedHat Linux
added 2018/06/19 7:27 p.m.78 views

Moderate: Red Hat Security Advisory: ansible security and bug fix update

An update for ansible is now available for Red Hat Ansible Engine 2.5 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

5.9CVSS7AI score0.03088EPSS
Exploits0References2
Mageia
Mageia
added 2018/03/30 2:21 p.m.61 views

Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 4.14.30 and fixes at least the following security issues: The KPTI mitigation for Meltdown CVE-2017-5754 on 32bit x86 has been updated to revision 4. A flaw was found in the Linux kernel implementation of 32 bit syscall interface for bridging allowing a...

7.2CVSS6.9AI score0.84172EPSS
Exploits4References7
OSV
OSV
added 2018/02/23 5:14 p.m.11 views

MGASA-2018-0134 Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 4.14.20 and adds KPTI mitigation for Meltdown CVE-2017-5754 on 32bit x86. Arm platorm has now also addedmitigations for Meltdown CVE-2017-5754 and Spectre, variant 2 CVE-2017-5715. For other fixes in this update, read the referenced changelogs...

5.6CVSS7AI score0.84172EPSS
Exploits10References4
Mageia
Mageia
added 2018/02/23 5:14 p.m.84 views

Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 4.14.20 and adds KPTI mitigation for Meltdown CVE-2017-5754 on 32bit x86. Arm platorm has now also addedmitigations for Meltdown CVE-2017-5754 and Spectre, variant 2 CVE-2017-5715. For other fixes in this update, read the referenced changelogs...

5.6CVSS7AI score0.84172EPSS
Exploits10References3
Mageia
Mageia
added 2018/02/11 6:42 p.m.73 views

Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 4.14.18 and adds some support for mitigating Spectre, variant 1 CVE-2017-5753 and as it is built with the retpoline-aware gcc-5.5.0-1.mga6, it now provides full retpoline mitigation for Spectre, variant 2 CVE-2017-5715. WireGuard has been updated to...

5.6CVSS7AI score0.93838EPSS
Exploits12References4
Mageia
Mageia
added 2017/10/24 8:9 p.m.61 views

Updated kernel-tmb packages fix security vulnerabilities

This kernel-tmb update is based on upstream 4.4.92 and fixes at least the following security issues: A security flaw was discovered in nl80211setrekeydata function in the Linux kernel since v3.1-rc1 through v4.13. This function does not check whether the required attributes are present in a netli...

7.1CVSS0.9AI score0.01155EPSS
Exploits4References5
Mageia
Mageia
added 2017/09/16 8:24 a.m.56 views

Updated kernel-tmb packages fix security vulnerabilities

This kernel-tmb update is based on upstream 4.9.50 and fixes at least the following security issues: net/xfrm/xfrmpolicy.c in the Linux kernel through 4.12.3, when CONFIGXFRMMIGRATE is enabled, does not ensure that the dir value of xfrmuserpolicyid is XFRMPOLICYMAX or less, which allows local use...

8.8CVSS3.7AI score0.16181EPSS
Exploits12References8
Mageia
Mageia
added 2017/09/16 8:24 a.m.47 views

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 4.9.50 and fixes at least the following security issues: net/xfrm/xfrmpolicy.c in the Linux kernel through 4.12.3, when CONFIGXFRMMIGRATE is enabled, does not ensure that the dir value of xfrmuserpolicyid is XFRMPOLICYMAX or less, which allows local users t...

8.8CVSS3.5AI score0.16181EPSS
Exploits12References8
Rows per page
Query Builder