Lucene search
K

36 matches found

OSV
OSV
added 2025/05/07 7:11 p.m.5 views

RLSA-2024:2980 Moderate: harfbuzz security update

HarfBuzz is an implementation of the OpenType Layout engine. Security Fixes: harfbuzz: allows attackers to trigger On^2 growth via consecutive marks CVE-2023-25193 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer...

7.5CVSS7.9AI score0.01812EPSS
Exploits0References2
OSV
OSV
added 2025/05/07 7:11 p.m.4 views

RLSA-2024:3056 Moderate: qt5-qtbase security update

Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. Security Fixes: qt: incorrect integer overflow check CVE-2023-51714 qtbase: potential buffer overflow when reading KTX images CVE-2024-25580 For more details...

7.5CVSS8.3AI score0.00986EPSS
Exploits0References3
OSV
OSV
added 2025/05/07 7:11 p.m.6 views

RLSA-2024:2979 Moderate: poppler security update

Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: NULL pointer dereference in FoFiType1C::convertToType1 CVE-2020-36024 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...

5.5CVSS6.8AI score0.00517EPSS
Exploits1References2
OSV
OSV
added 2025/05/07 7:11 p.m.6 views

RLSA-2024:3095 Moderate: vorbis-tools security update

The vorbis-tools packages provide an encoder, a decoder, a playback tool, and a comment editor for Ogg Vorbis. Ogg Vorbis is a fully open, non-proprietary, patent- and royalty-free, general-purpose compressed audio format. Security Fixes: vorbis-tools: Buffer Overflow vulnerability CVE-2023-43361...

7.3CVSS7.8AI score0.00448EPSS
Exploits1References2
OSV
OSV
added 2025/05/07 7:11 p.m.5 views

RLSA-2024:3062 Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

5.3CVSS6.8AI score0.02527EPSS
Exploits1References2
Rockylinux
Rockylinux
added 2025/05/07 7:11 p.m.10 views

python36:3.6 bug fix and enhancement update

An update is available for module.python-sqlalchemy, module.python36, module.python-wheel, python-virtualenv, python-PyMySQL, python-wheel, python-distro, python-docutils, module.python-nose, python-docs, python36, module.scipy, scipy, module.python-docutils, python-pymongo, module.python-pygment...

6.8AI score
Exploits0
OSV
OSV
added 2024/06/14 1:59 p.m.41 views

RLSA-2024:2950 Moderate: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to t...

10CVSS7.9AI score0.07619EPSS
Exploits13References48
OSV
OSV
added 2024/06/14 1:59 p.m.30 views

RLSA-2024:2953 Moderate: pcs security update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack: Denial of Service Vulnerability in Rack Content-Type Parsing CVE-2024-25126 rubygem-rack: Possible DoS Vulnerability with Range Header in Rack CVE-2024-26141...

7.5CVSS6.8AI score0.35376EPSS
Exploits2References4
OSV
OSV
added 2024/06/14 1:59 p.m.35 views

RLSA-2024:2968 Moderate: fence-agents security and bug fix update

The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fixes: urllib3: Request body not stripped after redirect from 303 status chang...

6.1CVSS6.8AI score0.00892EPSS
Exploits0References4
OSV
OSV
added 2024/06/14 1:59 p.m.21 views

RLSA-2024:2961 Moderate: Image builder components bug fix, enhancement and security update

Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fixes: osbuild-composer: race condition may disable GPG verification for package repositories CVE-2024-2307 For more details about the security issues,...

6.1CVSS6.1AI score0.00188EPSS
Exploits0References2
OSV
OSV
added 2024/06/14 1:59 p.m.21 views

RLSA-2024:3059 Moderate: libtiff security update

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: out-of-bounds read in tiffcp in tools/tiffcp.c CVE-2022-4645 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and othe...

6.8CVSS6.2AI score0.00425EPSS
Exploits1References2
OSV
OSV
added 2024/06/14 1:59 p.m.30 views

RLSA-2024:2994 Moderate: LibRaw security update

LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw: stack buffer overflow in LibRawbufferdatastream::gets in src/librawdatastream.cpp CVE-2021-32142 For more details about the security issues, including the...

7.8CVSS6.6AI score0.00424EPSS
Exploits1References2
OSV
OSV
added 2024/06/14 1:59 p.m.22 views

RLSA-2024:3049 Moderate: perl-Convert-ASN1 security update

Convert::ASN1 encodes and decodes ASN.1 data structures using BER/DER rules. Security Fixes: perl-Convert-ASN1: allows remote attackers to cause an infinite loop via unexpected input CVE-2013-7488 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

7.5CVSS7.3AI score0.04158EPSS
Exploits1References2
OSV
OSV
added 2024/06/14 1:59 p.m.29 views

RLSA-2024:3546 Moderate: ruby:3.1 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: ruby: RCE vulnerability with .rdocoptions in RDoc CVE-2024-27281 ruby: Buffer overread vulnerability in StringIO CVE-2024-27280...

9.8CVSS7.1AI score0.02364EPSS
Exploits0References4
OSV
OSV
added 2024/06/14 1:59 p.m.28 views

RLSA-2024:3066 Moderate: exempi security update

Exempi provides a library for easy parsing of XMP metadata. Security Fixes: exempi: denial of service via opening of crafted audio file with ID3V2 frame CVE-2020-18651 exempi: denial of service via opening of crafted webp file CVE-2020-18652 For more details about the security issues, including t...

6.5CVSS6.5AI score0.00998EPSS
Exploits2References3
OSV
OSV
added 2024/06/14 1:59 p.m.16 views

RLSA-2024:3005 Moderate: python-pillow security update

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: uncontrolled resource consumption when textlength in an ImageDraw...

7.5CVSS7.6AI score0.01038EPSS
Exploits0References2
OSV
OSV
added 2024/06/14 1:59 p.m.19 views

RLSA-2024:3008 Important: pmix security update

The Process Management Interface PMI provides process management functions for MPI implementations. PMI Exascale PMIx provides an extended version of the PMI standard specifically designed to support clusters up to and including exascale sizes. Security Fixes: pmix: race condition allows attacker...

8.1CVSS8AI score0.01121EPSS
Exploits0References2
OSV
OSV
added 2024/06/14 1:59 p.m.25 views

RLSA-2024:3047 Moderate: 389-ds:1.4 security update

389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. Security Fixes: 389-ds-base: a heap overflow leading to denail-of-servce while writing a value...

5.5CVSS5.9AI score0.00304EPSS
Exploits0References2
OSV
OSV
added 2024/06/14 1:59 p.m.27 views

RLSA-2024:2986 Moderate: python3.11-urllib3 security update

The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fixes: python-urllib3: Cookie request header isn't stripped during cross-origin redirects CVE-2023-43804 For more details about the security issues, including the impact, a CVSS...

8.1CVSS7.4AI score0.01207EPSS
Exploits0References2
OSV
OSV
added 2024/06/14 1:59 p.m.40 views

RLSA-2024:2982 Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing web content may lead to arbitrary code execution CVE-2023-40414 webkitgtk: Processing web content may lead to arbitrary code execution CVE-2023-42852 webkitgtk: Processing...

9.8CVSS8.5AI score0.03208EPSS
Exploits0References11
Rows per page
Query Builder