Lucene search
K

1000 matches found

Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.8 views

Alibaba Cloud Linux 3 : 0144: osbuild-composer bug fix, enhancement and (ALINUX3-SA-2024:0144)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0144 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-2307: A flaw was found in osbuild-composer...

6.1CVSS6.2AI score0.00188EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/05/13 8:36 a.m.8 views

grub2: command/gpg: Use-after-free due to hooks not being removed on module unload

A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If...

6.4CVSS5.9AI score0.00262EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.3 views

Ensure That GPG Verification Is Configured for the Yum Repositories

Software packages may be tampered with by attackers during network transmission or local storage. If the integrity verification is not performed on the software packages, software tampered with by attackers may be installed. As a result, the server or even the entire network cluster is attacked. ...

6.7AI score
Exploits0References3
Oracle linux
Oracle linux
added 2025/03/26 12:0 a.m.91 views

container-tools:ol8 security update

aardvark-dns buildah cockpit-podman conmon containernetworking-plugins containers-common 1-82.0.1 - Updated removed references Orabug: 33473101 Alex Burmashev - Adjust registries.conf Nikita Gerasimov - remove references to RedHat registry Nikita Gerasimov 2:1-82 - update vendored components -...

7.5CVSS7.2AI score0.00868EPSS
Exploits0
OSV
OSV
added 2025/03/06 1:49 p.m.11 views

SUSE-RU-2025:0800-1 Recommended update for python3-M2Crypto

This update for python3-M2Crypto fixes the following issues: - Fix spelling of BSD-2-Clause license. - Update to 0.44.0: - The real license is BSD 2-Clause, not MIT. - Remove python-M2Crypto.keyring, because PyPI broke GPG support - Build for modern python stack on SLE/Leap - require setuptools -...

5.9CVSS7.2AI score0.01727EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/02/19 9:13 a.m.2 views

SUSE CVE-2025-0622

A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If...

6.4CVSS7.1AI score0.00262EPSS
Exploits0References13
SUSE Linux
SUSE Linux
added 2025/02/19 7:29 a.m.6 views

Security update for grub2

This update for grub2 fixes the following issues: CVE-2024-45781: Fixed strcpy overflow in ufs. bsc1233617 CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. bsc1234958 CVE-2024-45782: Fixed strcpy overflow in hfs. bsc1233615 CVE-2024-45780: Fixed an overflow in tar/cpio. bsc1233614...

8.9CVSS7.3AI score0.01373EPSS
Exploits1References94
NVD
NVD
added 2025/02/18 8:15 p.m.10 views

CVE-2025-0622

A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If...

6.4CVSS0.00262EPSS
Exploits0References5
OSV
OSV
added 2025/02/18 8:15 p.m.7 views

CVE-2025-0622

A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If...

6.4CVSS7.5AI score0.00262EPSS
Exploits0References4
OSV
OSV
added 2025/02/18 8:15 p.m.2 views

DEBIAN-CVE-2025-0622

A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If...

6.4CVSS6.7AI score0.00262EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/18 7:26 p.m.6 views

CVE-2025-0622

A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If...

6.4CVSS6.9AI score0.00262EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/02/14 12:0 a.m.19 views

Oracle Linux 8 : container-tools:ol8 (ELSA-2025-1372)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-1372 advisory. aardvark-dns buildah 2:1.33.12-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.33...

8.6CVSS7.3AI score0.00358EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2025/02/13 12:0 a.m.90 views

container-tools:ol8 security update

aardvark-dns buildah 2:1.33.12-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 https://github.com/containers/buildah/commit/58af1cd - Resolves: RHEL-67612 cockpit-podman conmon containernetworking-plugins containers-common 1-82.0.1 - Updated removed...

8.6CVSS7.2AI score0.00358EPSS
Exploits0
Veeam
Veeam
added 2025/02/12 12:0 a.m.16 views

How to upgrade Veeam Backup for Salesforce to version 2.1.1.

Challenge Customers who installed Veeam Backup for Salesforce 2.x on the following distros before April 2024 won't see the upgrade notification in the product due to the expiration of GPG keys and must perform the upgrade manually. CentOS 7 Red Hat Enterprise Linux 7 Oracle Linux 7 Solution...

7AI score
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/05 8:14 p.m.8 views

CVE-2022-4563

A vulnerability was found in Freedom of the Press SecureDrop. It has been rated as critical. Affected by this issue is some unknown functionality of the file gpg-agent.conf. The manipulation leads to symlink following. Local access is required to approach this attack. The name of the patch is...

7.8CVSS6.9AI score0.00297EPSS
Exploits0References1
OSV
OSV
added 2025/01/31 5:34 p.m.23 views

GHSA-88M4-H43F-WX84 PMD Designer's release key passphrase (GPG) available on Maven Central in cleartext

Summary While rebuilding PMD Designer for Reproducible Builds and digging into issues, I found out that passphrase for gpg.keyname=0xD0BF1D737C9A1C22 is included in jar published to Maven Central. Details See...

9.3CVSS6.3AI score0.00315EPSS
Exploits0References8
OSV
OSV
added 2024/11/18 1:19 p.m.18 views

SUSE-SU-2024:4006-1 Security update for SUSE Manager Server 4.3

This update fixes the following issues: cobbler: - Security issues fixed: CVE-2024-47533: Prevent privilege escalation from none to admin bsc1231332 - Other bugs fixed: Increase start timeout for cobblerd unit bsc1219450 Provide syncsinglesystem for DHCP modules to improve performance bsc1219450...

9.8CVSS8.2AI score0.03948EPSS
Exploits6References57
Veeam
Veeam
added 2024/11/08 12:0 a.m.19 views

Veeam Backup for Salesforce Built-In Updater Not Finding Updates

Challenge In Veeam Backup for Salesforce v1, the Updater displays no updates available despite the fact that newer versions are available. Cause The updater fails to identify new updates as being available because of an expired or incorrect GPG key used to verify package integrity. Without the...

6.9AI score
Exploits0Affected Software1
Oracle linux
Oracle linux
added 2024/10/23 12:0 a.m.60 views

virt:kvm_utils1 security update

hivex 1.3.18-21 - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501 1.3.18 - Resolves: bz1810193 Upgrade components in virt:rhel module:stream for RHEL-8.3 release 1.3.18 - Resolves: bz1810193 Upgrade components in virt:rhel module:stream for RHEL-8.3 release 1.3.15...

6CVSS8.1AI score0.93838EPSS
Exploits54
SUSE Linux
SUSE Linux
added 2024/10/10 4:15 a.m.2 views

Security update for libreoffice

This update for libreoffice fixes the following issues: libreoffice was updated to version 24.8.1.2 jscPED-10362: Release notes: https://wiki.documentfoundation.org/Releases/24.8.0/RC1 and https://wiki.documentfoundation.org/Releases/24.8.0/RC2 and...

8.1CVSS7.5AI score0.00428EPSS
Exploits0References12
Rows per page
Query Builder