Lucene search
K

3901 matches found

OSV
OSV
added 2024/12/24 8:21 a.m.5 views

SUSE-SU-2024:4416-1 Security update for vhostmd

This update for vhostmd fixes the following issues: Updated to version 1.2 - Fix actions using the 'free' command - Fix buffer accounting when generating metric XML - Change actions to retrieve vendor and product info - Add a 'unit' attribute to the metrics element - vif-stats.py: convert to...

7.3AI score
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/12/24 12:0 a.m.3 views

PT-2024-41360 · Opensuse +1 · Vhostmd

Name of the Vulnerable Software and Affected Versions: vhostmd versions prior to 1.2 Description: This update for vhostmd addresses issues including fixes for actions using the 'free' command, buffer accounting when generating metric XML, and the 'VirtualizationVendor' action to strip URLs. It al...

7.5AI score
Exploits0References7
Rockylinux
Rockylinux
added 2024/12/19 4:17 a.m.22 views

systemd bug fix update

An update is available for systemd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The systemd packages contain systemd, a system and service manager for Linux,...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/12/18 12:0 a.m.17 views

SUSE SLES15: docker / docker-bash-completion / docker-fish-completion / etc (SUSE-SU-2024:4360-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4360-1 advisory. - Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: -...

9.9CVSS7AI score0.16496EPSS
Exploits0References17
OSV
OSV
added 2024/12/13 8:16 p.m.8 views

SUSE-SU-2024:4319-1 Security update for docker

This update for docker fixes the following issues: - Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: - Add a new toggle file /etc/docker/suse-secrets-enable which allows users to disable the SUSEConnect integration with Docker whic...

9.9CVSS8.8AI score0.16496EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2024/12/11 12:0 a.m.18 views

SUSE SLES12 Security Update : docker-stable (SUSE-SU-2024:4205-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:4205-1 advisory. - Remove DOCKERNETWORKOPTS from docker.service. This was removed from sysconfig a long time ago, and apparently this causes issues with systemd in some...

9.9CVSS7.4AI score0.16496EPSS
Exploits0References9
Oracle linux
Oracle linux
added 2024/12/06 12:0 a.m.260 views

redis:7 security update

7.2.6-1 - rebase to 7.2.6 RHEL-26628 7.0.12-1 - rebase to 7.0.12 2221899 7.0.11-1 - rebase to 7.0.11 for new redis:7 stream 2129826 7.0.11-1 - Upstream 7.0.11 release. 7.0.10-2 - fix modules directory ownership and permissions 2176173 - drop redis-shutdown helper and rely on systemd 2181181...

7CVSS7.2AI score0.04488EPSS
Exploits1
SUSE Linux
SUSE Linux
added 2024/12/05 2:58 p.m.5 views

Security update for docker-stable

This update for docker-stable fixes the following issues: Remove DOCKERNETWORKOPTS from docker.service. This was removed from sysconfig a long time ago, and apparently this causes issues with systemd in some cases. Update --add-runtime to point to correct binary path. Further merge docker and...

9.9CVSS7.2AI score0.16496EPSS
Exploits0References18
Snyk
Snyk
added 2024/12/01 6:28 a.m.2 views

Race Condition

Overview benchexec is a framework for reliable benchmarking and resource measurement. Affected versions of this package are vulnerable to Race Condition via the asynchronous StartTransientUnit method within cgroupsv2.py. An attacker could manipulate the timing of transient unit creation, leading ...

8.3CVSS6.8AI score
Exploits0References3
NVD
NVD
added 2024/11/28 10:15 a.m.23 views

CVE-2024-22037

The uyuni-server-attestation systemd service needs a databasepassword environment variable. This file has 640 permission, and cannot be shown users, but the environment is still exposed by systemd to non-privileged users...

5.7CVSS0.00172EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/28 9:46 a.m.18 views

CVE-2024-22037 Database password leaked by systemd uyuni-server-attestation service

The uyuni-server-attestation systemd service needs a databasepassword environment variable. This file has 640 permission, and cannot be shown users, but the environment is still exposed by systemd to non-privileged users...

5.7CVSS0.00172EPSS
Exploits0References1
CVE
CVE
added 2024/11/28 9:46 a.m.69 views

CVE-2024-22037

CVE-2024-22037 is referenced in SUSE updates for Uyuni tooling. The issue stems from database credentials being exposed via environment in a systemd/Podman context. The connected SUSE advisory notes that CVE-2024-22037 is fixed by switching to podman secrets to store database credentials (uyuni-t...

5.7CVSS5.5AI score0.00172EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/28 9:46 a.m.19 views

CVE-2024-22037 Database password leaked by systemd uyuni-server-attestation service

The uyuni-server-attestation systemd service needs a databasepassword environment variable. This file has 640 permission, and cannot be shown users, but the environment is still exposed by systemd to non-privileged users...

5.7CVSS6.8AI score0.00172EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/28 12:0 a.m.4 views

SUSE Manager 安全漏洞

SUSE Manager is a Linux server management system from SUSE Germany. The system provides automated software management, system configuration and monitoring. A security vulnerability exists in SUSE Manager, which stems from the systemd service requiring the databasepassword environment variable, a...

5.7CVSS8.5AI score0.00172EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/11/19 4:8 a.m.3 views

SUSE CVE-2024-22037

The uyuni-server-attestation systemd service needs a databasepassword environment variable. This file has 640 permission, and cannot be shown users, but the environment is still exposed by systemd to non-privileged users...

5.5CVSS8.7AI score0.00172EPSS
Exploits0References13
SUSE Linux
SUSE Linux
added 2024/11/18 1:25 p.m.7 views

Security update for SUSE Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security fixes on Python 3.11 interpreter: CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes bsc1229873, bsc1230059 CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path...

7.5CVSS7.7AI score0.02303EPSS
Exploits3References66
Positive Technologies
Positive Technologies
added 2024/11/18 12:0 a.m.11 views

PT-2024-19170 · Suse · Suse Manager Server +1

Name of the Vulnerable Software and Affected Versions: SUSE Manager Server affected versions not specified Description: The issue concerns the exposure of sensitive system information due to the uyuni-server-attestation systemd service needing a database password environment variable. Although th...

9.8CVSS6.7AI score0.04094EPSS
Exploits3References101
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.4 views

Fedora 37 : grafana (2022-8f60426b65)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-8f60426b65 advisory. Automatic update for grafana-9.0.2-2.fc37. Changelog Wed Jul 13 2022 Andreas Gerstmayr 9.0.2-2 - use systemd-sysusers to create the Grafana user and group...

5.6AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.10 views

Fedora 37 : systemd (2022-6919a53ea9)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-6919a53ea9 advisory. Bugfix release for CVE-2022-4415. No need to log out or reboot. Tenable has extracted the preceding description block directly from the Fedora security...

5.5CVSS6.7AI score0.00867EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.12 views

Fedora 41 : opendmarc (2024-513cf04db3)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-513cf04db3 advisory. - Fix for CVE-2024-25768 - Closes rhbz2266175 rhbz2266174 - Convert to %autorelease and %autochangelog - Simplify spec - Remove checks on if systemd is prese...

7.5CVSS5.5AI score0.00728EPSS
Exploits1References2
Rows per page
Query Builder