68 matches found
SUSE-SU-2023:3526-1 Security update for sccache
This update for sccache fixes the following issues: - Update to version 0.4.2. - CVE-2021-45710: Fixed a segmentation fault due to data race in tokio crate. bsc1194119 - CVE-2022-24713: Fixed a ReDoS issue due to vulnerable regex crate. bsc1196972 - CVE-2022-31394: Fixed a DoS issue due to the ma...
GameOver(lay): Two Severe Linux Vulnerabilities Impact 40% of Ubuntu Users
Cybersecurity researchers have disclosed two high-severity security flaws in the Ubuntu kernel that could pave the way for local privilege escalation attacks. Cloud security firm Wiz, in a report shared with The Hacker News, said the easy-to-exploit shortcomings have the potential to impact 40% o...
CLSA-2023-1688676697 mysql: Fix of 21 CVEs
Update to MySQL 8.0.33 - CVEs fixed: CVE-2023-21980 CVE-2023-21947 CVE-2023-21940 CVE-2023-21976 CVE-2023-21933 CVE-2023-21911 CVE-2023-21945 CVE-2023-21966 CVE-2023-21982 CVE-2023-21946 CVE-2023-21963 CVE-2023-21913 CVE-2023-21955 CVE-2023-21962 CVE-2023-21977 CVE-2023-21953 CVE-2023-21972...
SUSE-SU-2023:2598-1 Security update for golang-github-prometheus-prometheus
This update for golang-github-prometheus-prometheus fixes the following issues: golang-github-prometheus-prometheus: - Security issues fixed in this version update to 2.37.6: CVE-2022-46146: Fix basic authentication bypass vulnerability bsc1208049, jscPED-3576 CVE-2022-41715: Update our regexp...
SUSE: Security Advisory (SUSE-SU-2023:1908-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Vulnerabilities fixed in PHP
Vulnerabilities have been fixed in PHP. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to system data PHP developers have released updates to...
SUSE-SU-2022:2866-2 Security update for systemd-presets-common-SUSE
This update for systemd-presets-common-SUSE fixes the following issues: - CVE-2022-1706: Fixed accessible configs from unprivileged containers in VMs running on VMware products bsc1199524. The following non-security bugs were fixed: - Modify branding-preset-states to fix systemd-presets-common-SU...
Vulnerabilities fixed in Oracle Supply Chain products
Oracle has fixed vulnerabilities in several products belonging to the Oracle Supply Chain Suite: Agile Engineering Data Management Agile PLM Agile Product Lifecycle Management for Process Autovue for Agile Product Lifecycle Management Product Lifecycle Analytics Transportation Management A...
GHSA-8FJ9-PJ4P-4VQ7 MoinMoin Multiple cross-site scripting (XSS) vulnerabilities
Multiple cross-site scripting XSS vulnerabilities in MoinMoin 1.5.8 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 certain input processed by formatter/textgedit.py aka the gui editor formatter; 2 a page name, which triggers an injection in PageEditor.py when the...
SUSE-SU-2022:14941-1 Security update for dnsmasq
This update for dnsmasq fixes the following issues: - CVE-2021-3448: Fixed a potential DNS cache poisoning issue due to a constant outgoing port being used when for certain use cases of the --server option bsc1183709. - CVE-2022-0934: Fixed an invalid memory access that could lead to remote denia...
SUSE-SU-2022:1050-1 Security update for SUSE Manager 4.2.5.1 Release Notes
This update for SUSE Manager 4.2.5.1 Release Notes provides the following additions: Release notes for SUSE Manager: - Update to 4.2.5.1 CVEs fixed CVE-2022-22934, CVE-2022-22935, CVE-2022-22936, CVE-2022-22941 Bugs mentioned bsc1197417...
OPENSUSE-SU-2021:3805-1 Security update for netcdf
This update for netcdf fixes the following issues: - Fixed multiple vulnerabilities in ezXML: CVE-2019-20007, CVE-2019-20006, CVE-2019-20201, CVE-2019-20202, CVE-2019-20199, CVE-2019-20200, CVE-2019-20198, CVE-2021-26221, CVE-2021-26222, CVE-2021-30485, CVE-2021-31229, CVE-2021-31347,...
Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities (CVE-2021-20377, CVE-2020-4690)
Summary IBM Security Guardium has fixed these vulnerabilities Vulnerability Details CVEID: CVE-2021-20377 DESCRIPTION: IBM Security Guardium could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be...
Security Bulletin: Security vulnerabilities have been fixed in IBM Security Identity Manager (CVE-2021-29687, CVE-2021-29688)
Summary Security vulnerability has been fixed in IBM Security Identity Manager 6.0.2 Vulnerability Details CVEID: CVE-2021-29687 DESCRIPTION: IBM Security Identity Manager could allow a remote user to enumerate usernames due to a difference of responses from valid and invalid login attempts. CVSS...
MGASA-2021-0286 Updated graphicsmagick packages fix security vulnerabilities
Updated graphicsmagick packages fix security vulnerabilities: The graphicsmagick package has been updated to version 1.3.36, fixing several security issues and other bugs. See the upstream NEWS file for details...
SUSE: Security Advisory (SUSE-SU-2018:3961-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2021:1498-1 Security update for samba
This update for samba fixes the following issues: - CVE-2021-20277: Fixed an out of bounds read in ldbhandlerfold bsc1183574. - CVE-2021-20254: Fixed a buffer overrun in sidstounixids bsc1184677. - CVE-2020-27840: Fixed an unauthenticated remote heap corruption via bad DNs bsc1183572. - Avoid...
Vulnerabilities fixed in Ubuntu kernel
Vulnerabilities have been fixed in the Ubuntu kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data Access to system data Increased user...
SUSE-SU-2020:3748-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP2 kernel was updated to 3.12.31 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-15436: Fixed a use after free vulnerability in fs/blockdev.c which could have allowed local users to gain privileges or cause a denial of...
USN-4665-2: curl vulnerabilities
USN-4665-1 fixed several vulnerabilities in curl. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Varnavas Papaioannou discovered that curl incorrectly handled FTP PASV responses. An attacker could possibly use this issue to tric...