Lucene search
K

42 matches found

OSV
OSV
added 2023/01/16 10:0 p.m.5 views

CLSA-2023-1673906443 rpm: Fix of CVE-2021-35938

CVE-2021-35938: drop the patch and following descriptor leak fix because these patches breaks non-root source package installation and can't be relied on without backporting a lot of the surrounding upstream code...

6.7CVSS6.8AI score0.00491EPSS
Exploits1References1
OSV
OSV
added 2022/11/24 4:58 p.m.4 views

CLSA-2022-1669309108 Fix CVE(s): CVE-2022-21628, CVE-2022-21626, CVE-2022-21624, CVE-2022-21619

Backport upstream releases 8u352 to 16.04 LTS Security fixes in 8u352: - JDK-8282252: Improve BigInteger/Decimal validation - JDK-8285662: Better permission resolution - JDK-8286511: Improve macro allocation - JDK-8286519: Better memory handling - JDK-8286526, CVE-2022-21619: Improve NTLM support...

5.3CVSS6.4AI score0.02376EPSS
Exploits0References1
OSV
OSV
added 2022/08/04 8:13 p.m.6 views

CLSA-2022-1659643989 Fixed CVEs in java-1.8.0-openjdk: CVE-2022-21541, CVE-2022-21540, CVE-2022-34169

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u342-b07. That fixes following CVEs: - CVE-2022-34169: Integer truncation issue in Xalan-J - CVE-2022-21540: Class compilation issue - CVE-2022-21541: Improper restriction of MethodHandle.invokeBasic - Update tzdata requirement to 2022a to match...

7.5CVSS6.8AI score0.17673EPSS
Exploits2References1
OSV
OSV
added 2022/06/02 12:56 p.m.4 views

CLSA-2022-1654174568 Fixed CVEs in java-1.8.0-openjdk: CVE-2022-21496, CVE-2022-21443, CVE-2022-21476, CVE-2022-21426, CVE-2022-21434

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u332-b09. That fixes following CVEs: - CVE-2022-21476: Defective secure validation in Apache Santuario - CVE-2022-21496: URI parsing inconsistencies - CVE-2022-21434: Improper object-to-string conversion in AnnotationInvocationHandler -...

7.5CVSS6.9AI score0.04046EPSS
Exploits0References1
OSV
OSV
added 2022/05/25 7:31 p.m.12 views

CLSA-2022-1653507078 Fixed of 5 CVEs in java-1.8.0-openjdk

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u332-b09. That fixes following CVEs: - CVE-2022-21476: Defective secure validation in Apache Santuario - CVE-2022-21496: URI parsing inconsistencies - CVE-2022-21434: Improper object-to-string conversion in AnnotationInvocationHandler -...

7.5CVSS6.9AI score0.04046EPSS
Exploits0References1
OSV
OSV
added 2022/01/08 12:22 a.m.17 views

GHSA-GF8Q-JRPM-JVXQ URL parsing in node-forge could lead to undesired behavior.

Impact The regex used for the forge.util.parseUrl API would not properly parse certain inputs resulting in a parsed data structure that could lead to undesired behavior. Patches forge.util.parseUrl and other very old related URL APIs were removed in 1.0.0 in favor of letting applications use the...

6.1CVSS6.4AI score0.00832EPSS
Exploits1References4
Oracle linux
Oracle linux
added 2021/04/21 12:0 a.m.192 views

java-1.8.0-openjdk security update

1:1.8.0.292.b10-0 - Update to aarch64-shenandoah-jdk8u292-b10 GA - Update release notes for 8u292-b10. - Update tarball generation script to use PR3822 which handles JDK-8233228 & JDK-8035166 changes - Remove RH1868759 patch as this is now resolved upstream by JDK-8258833. - Re-organise S/390...

5.3CVSS0.03566EPSS
Exploits0
Oracle linux
Oracle linux
added 2020/12/22 12:0 a.m.76 views

go-toolset:ol8 security update

delve 1.4.1-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.4.1-1 - Rebase to 1.4.1 - Resolves: rhbz1821281 - Related: rhbz1820596 1.4.0-2 - Change i686 to a better macro - Related: rhbz1820596 1.4.0-1 - Rebase to 1.4.0 - Remove Patch1781 - Related: rhbz1820596 1.3.2-3 -...

7.5CVSS1.2AI score0.03813EPSS
Exploits2
Oracle linux
Oracle linux
added 2020/06/11 12:0 a.m.37 views

.NET Core 3.1 on Red Hat Enterprise Linux 8 security update

3.1.105-2.0.1.el82 - Update patch to support 8.2 [email protected] - support OL release scheme [email protected] 3.1.105-2 - Remove incorrectly installed files - Resolves: RHBZ1844515 3.1.105-1 - Update to .NET Core Runtime 3.1.5 and SDK 3.1.105 - Resolves: RHBZ1844515...

7.5CVSS0.9AI score0.11684EPSS
Exploits0
OSV
OSV
added 2017/07/07 9:23 a.m.13 views

SUSE-SU-2017:1815-1 Recommended update for ncurses

This update for ncurses fixes the following issues: Security issues fixed: - CVE-2017-10684: Possible RCE via stack-based buffer overflow in the fmtentry function. bsc1046858 - CVE-2017-10685: Possible RCE with format string vulnerability in the fmtentry function. bsc1046853 Bugfixes: - Drop patc...

9.8CVSS9.8AI score0.04876EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2016/06/01 12:0 a.m.25 views

openSUSE Security Update : docker (openSUSE-2016-643)

This update for docker fixes the following issues : Security issues fixed : - CVE-2016-3697: Potential privilege escalation via confusion of usernames and UIDs boo976777 Bugs fixed : - devicemapper: fix zero-sized field access - remove docker-netns-aarch64.patch: This patch was adding We'll fix...

7.8CVSS7.2AI score0.00388EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2014/07/20 12:0 a.m.53 views

java-1.6.0-openjdk security update

1:1.6.0.1-6.1.13.3 - updated to icedtea 1.13.3 - updated to openjdk-6-src-b31-15apr2014 - renmoved upstreamed patch7, 1.13fixes.patch - renmoved upstreamed patch9, 1051245.patch - Resolves: rhbz1099563...

10CVSS2.4AI score0.07571EPSS
Exploits0
Oracle linux
Oracle linux
added 2013/10/21 12:0 a.m.67 views

java-1.7.0-openjdk security update

1.7.0.45-2.4.3.1.0.1.el510 - Add oracle-enterprise.patch - Fix DISTRONAME to 'Enterprise Linux' 1.7.0.45-2.4.3.1.el5 - Updated to icedtea 2.4.3 - Resolves: rhbz1017623 1.7.0.45-2.4.3.0.el5 - fixed and updated tapset - removed bootstrap - source 11 redeclared to 1111 - added source12:...

10CVSS1.9AI score0.24738EPSS
Exploits0
Oracle linux
Oracle linux
added 2013/07/30 12:0 a.m.32 views

sos security update

1.7-9.62.0.1.el59.1 - add patch to remove all sysrq echo commands from sysreport.legacy John Sobecki orabug 11061754 - comment out rh-upload-core and README.rh-upload-core in specfile 1.7-9.62.el59.1 - Remove anaconda-ks.cfg collection from general plug-in Resolves: bz965807 1.7-9.62.el59 - Elide...

4.3CVSS6.5AI score0.01429EPSS
Exploits0
Oracle linux
Oracle linux
added 2013/02/20 12:0 a.m.46 views

java-1.6.0-openjdk security update

1:1.6.0.0-1.35.1.11.8.0.1.el59 - Add oracle-enterprise.patch 1:1.6.0.0-1.35.1.11.8 - Rebuild with updated source tarball - Resolves: rhbz911522 1:1.6.0.0-1.34.1.11.8 - Updated to icedtea6 1.11.8 - Removed patch9 7201064.patch - Removed patch10 8005615.patch - Removed not-applied patch 6664509.pat...

10CVSS2.4AI score0.35584EPSS
Exploits1
Oracle linux
Oracle linux
added 2013/02/08 12:0 a.m.58 views

java-1.6.0-openjdk security update

1:1.6.0.0-1.54.1.11.6 - removed patch8 revertTwoWrongSecurityPatches2013-02-06.patch - added patch8: 7201064.patch to be reverted - added patch9: 8005615.patch to fix the 6664509.patch - Resolves: rhbz906707 1:1.6.0.0-1.53.1.11.6 - added patch8 revertTwoWrongSecurityPatches2013-02-06.patch to...

10CVSS3.1AI score0.08087EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2012/06/18 12:0 a.m.36 views

Fedora 16 : java-1.6.0-openjdk-1.6.0.0-67.1.11.3.fc16 (2012-9545)

Security fixes S7079902, CVE-2012-1711: Refine CORBA data models S7110720: Issue with vm config file loadingIssue with vm config file loading S7143606, CVE-2012-1717: File.createTempFile should be improved for temporary files created by the platform. S7143614, CVE-2012-1716: SynthLookAndFeel...

10CVSS8AI score0.93688EPSS
Exploits9References1
Oracle linux
Oracle linux
added 2012/02/15 12:0 a.m.56 views

java-1.6.0-openjdk security update

1:1.6.0.0-1.43.1.10.6 - Updated to IcedTea6 1.10.6 - Resolves: rhbz787144 - Security fixes - S7082299: Fix in AtomicReferenceArray - S7088367: Fix issues in java sound - S7110683: Issues with some KeyboardFocusManager method - S7110687: Issues with TimeZone class - S7110700: Enhance exception...

10CVSS0.2AI score0.98113EPSS
Exploits19
Tenable Nessus
Tenable Nessus
added 2011/01/10 12:0 a.m.28 views

Fedora 14 : evince-2.32.0-3.fc14 (2011-0208)

Thu Jan 6 2011 Marek Kasik - 2.32.0-3 - Fixes CVE-2010-2640, CVE-2010-2641, CVE-2010-2642 and CVE-2010-2643 - Resolves: 667573 - Mon Nov 22 2010 Marek Kasik - 2.32.0-2 - Fix crash in clearjobselection - Remove unused patch - Resolves: 647689 Note that Tenable Network Security has extracted the...

7.6CVSS5.3AI score0.1427EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2008/06/26 12:0 a.m.29 views

Fedora 9 : ruby-1.8.6.230-1.fc9 (2008-5664)

Tue Jun 24 2008 Akira TAGOH - 1.8.6.230-1 - New upstream release. - Security fixes. 452294. - CVE-2008-1891: WEBrick CGI source disclosure. - CVE-2008-2662: Integer overflow in rbstrbufappend. - CVE-2008-2663: Integer overflow in rbarystore. - CVE-2008-2664: Unsafe use of alloca in rbstrformat. -...

10CVSS7.2AI score0.04456EPSS
Exploits2References14
Rows per page
Query Builder