Lucene search
K

4 matches found

OSV
OSV
added 2023/07/19 7:53 p.m.10 views

MGASA-2023-0237 Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.120 and fixes atleast the following security issues: A flaw null pointer dereference in the Linux kernel DECnet networking protocol was found. A remote user could use this flaw to crash the system. This is fixed by removing DECnet support CVE-2023-3338...

7.8CVSS7.2AI score0.08091EPSS
Exploits5References6
OSV
OSV
added 2021/02/28 11:16 p.m.6 views

MGASA-2021-0092 Updated nodejs packages fix security vulnerabilities

Two vulnerabilities were discovered in Node.js, which could result in denial of service or DNS rebinding attacks. Upgrade from Mageia 7 to 8 problem fixed...

7.8CVSS7.9AI score0.77385EPSS
Exploits1References6
OSV
OSV
added 2017/11/29 6:52 p.m.11 views

MGASA-2017-0429 Updated mediawiki packages fix security vulnerabilities

XSS when $wgShowExceptionDetails = false and browser sends non-standard url escaping CVE-2017-8808. Reflected File Download from api.php CVE-2017-8809. On private wikis, login form shouldn't distinguish between login failure due to bad username and bad password CVE-2017-8810. It's possible to...

9.8CVSS7.6AI score0.99999EPSS
Exploits19References3
OSV
OSV
added 2015/07/28 9:1 p.m.9 views

MGASA-2015-0294 Updated springframework package fixes security vulnerability

In Spring Framework before 3.2.14, if DTD is not entirely disabled, inline DTD declarations can be used to perform denial of service attacks known as XML bombs. Such declarations are both well-formed and valid according to XML schema rules but when parsed can cause out of memory errors. To protec...

5.5CVSS6.3AI score0.02555EPSS
Exploits0References4
Rows per page
Query Builder