Lucene search
K

36 matches found

OSV
OSV
added 2025/05/07 7:11 p.m.5 views

RLSA-2024:2980 Moderate: harfbuzz security update

HarfBuzz is an implementation of the OpenType Layout engine. Security Fixes: harfbuzz: allows attackers to trigger On^2 growth via consecutive marks CVE-2023-25193 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer...

7.5CVSS7.9AI score0.01812EPSS
Exploits0References2
OSV
OSV
added 2025/05/07 7:11 p.m.4 views

RLSA-2024:3056 Moderate: qt5-qtbase security update

Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. Security Fixes: qt: incorrect integer overflow check CVE-2023-51714 qtbase: potential buffer overflow when reading KTX images CVE-2024-25580 For more details...

7.5CVSS8.3AI score0.00986EPSS
Exploits0References3
OSV
OSV
added 2025/05/07 7:11 p.m.6 views

RLSA-2024:2979 Moderate: poppler security update

Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: NULL pointer dereference in FoFiType1C::convertToType1 CVE-2020-36024 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...

5.5CVSS6.8AI score0.00517EPSS
Exploits1References2
OSV
OSV
added 2025/05/07 7:11 p.m.6 views

RLSA-2024:3095 Moderate: vorbis-tools security update

The vorbis-tools packages provide an encoder, a decoder, a playback tool, and a comment editor for Ogg Vorbis. Ogg Vorbis is a fully open, non-proprietary, patent- and royalty-free, general-purpose compressed audio format. Security Fixes: vorbis-tools: Buffer Overflow vulnerability CVE-2023-43361...

7.3CVSS7.8AI score0.00448EPSS
Exploits1References2
Rockylinux
Rockylinux
added 2025/05/07 7:11 p.m.10 views

python36:3.6 bug fix and enhancement update

An update is available for module.python-sqlalchemy, module.python36, module.python-wheel, python-virtualenv, python-PyMySQL, python-wheel, python-distro, python-docutils, module.python-nose, python-docs, python36, module.scipy, scipy, module.python-docutils, python-pymongo, module.python-pygment...

6.8AI score
Exploits0
OSV
OSV
added 2025/05/07 7:11 p.m.5 views

RLSA-2024:3062 Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

5.3CVSS6.8AI score0.02527EPSS
Exploits1References2
OSV
OSV
added 2024/06/14 1:59 p.m.44 views

RLSA-2024:2950 Moderate: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to t...

10CVSS7.9AI score0.07619EPSS
Exploits13References48
OSV
OSV
added 2024/06/14 1:59 p.m.31 views

RLSA-2024:2953 Moderate: pcs security update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack: Denial of Service Vulnerability in Rack Content-Type Parsing CVE-2024-25126 rubygem-rack: Possible DoS Vulnerability with Range Header in Rack CVE-2024-26141...

7.5CVSS6.8AI score0.35376EPSS
Exploits2References4
OSV
OSV
added 2024/06/14 1:59 p.m.21 views

RLSA-2024:2961 Moderate: Image builder components bug fix, enhancement and security update

Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fixes: osbuild-composer: race condition may disable GPG verification for package repositories CVE-2024-2307 For more details about the security issues,...

6.1CVSS6.1AI score0.00188EPSS
Exploits0References2
OSV
OSV
added 2024/06/14 1:59 p.m.33 views

RLSA-2024:2962 Moderate: virt:rhel and virt-devel:rhel security and enhancement update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

7CVSS6.9AI score0.01891EPSS
Exploits0References5
OSV
OSV
added 2024/06/14 1:59 p.m.30 views

RLSA-2024:2994 Moderate: LibRaw security update

LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw: stack buffer overflow in LibRawbufferdatastream::gets in src/librawdatastream.cpp CVE-2021-32142 For more details about the security issues, including the...

7.8CVSS6.6AI score0.00424EPSS
Exploits1References2
OSV
OSV
added 2024/06/14 1:59 p.m.22 views

RLSA-2024:3049 Moderate: perl-Convert-ASN1 security update

Convert::ASN1 encodes and decodes ASN.1 data structures using BER/DER rules. Security Fixes: perl-Convert-ASN1: allows remote attackers to cause an infinite loop via unexpected input CVE-2013-7488 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

7.5CVSS7.3AI score0.04158EPSS
Exploits1References2
OSV
OSV
added 2024/06/14 1:59 p.m.29 views

RLSA-2024:3546 Moderate: ruby:3.1 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: ruby: RCE vulnerability with .rdocoptions in RDoc CVE-2024-27281 ruby: Buffer overread vulnerability in StringIO CVE-2024-27280...

9.8CVSS7.1AI score0.02364EPSS
Exploits0References4
OSV
OSV
added 2024/06/14 1:59 p.m.28 views

RLSA-2024:3066 Moderate: exempi security update

Exempi provides a library for easy parsing of XMP metadata. Security Fixes: exempi: denial of service via opening of crafted audio file with ID3V2 frame CVE-2020-18651 exempi: denial of service via opening of crafted webp file CVE-2020-18652 For more details about the security issues, including t...

6.5CVSS6.5AI score0.00998EPSS
Exploits2References3
OSV
OSV
added 2024/06/14 1:59 p.m.40 views

RLSA-2024:2982 Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing web content may lead to arbitrary code execution CVE-2023-40414 webkitgtk: Processing web content may lead to arbitrary code execution CVE-2023-42852 webkitgtk: Processing...

9.8CVSS8.5AI score0.03208EPSS
Exploits0References11
OSV
OSV
added 2024/06/14 1:59 p.m.29 views

RLSA-2024:2966 Low: ghostscript security update

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fixes: ghostscript: Divide by zero in epsprintpage in gdevepsn.c CVE-2020-21710 For more...

5.5CVSS5.7AI score0.00619EPSS
Exploits1References2
OSV
OSV
added 2024/06/14 1:59 p.m.17 views

RLSA-2024:3005 Moderate: python-pillow security update

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: uncontrolled resource consumption when textlength in an ImageDraw...

7.5CVSS7.6AI score0.01038EPSS
Exploits0References2
OSV
OSV
added 2024/06/14 1:59 p.m.24 views

RLSA-2024:3089 Moderate: gstreamer1-plugins-good security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. Security Fixes: gstreamer-plugins-good: integer overflow leading to hea...

8.8CVSS7.3AI score0.01714EPSS
Exploits0References2
OSV
OSV
added 2024/06/14 1:59 p.m.36 views

RLSA-2024:3102 Moderate: python-jinja2 security update

The python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. Security Fixes: jinja2: HTML attribute injection when passing user input as keys to xmlattr...

6.1CVSS6.7AI score0.00892EPSS
Exploits0References2
OSV
OSV
added 2024/06/14 1:59 p.m.40 views

RLSA-2024:3060 Moderate: gstreamer1-plugins-bad-free security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with...

8.8CVSS7.6AI score0.02009EPSS
Exploits0References4
Rows per page
Query Builder