137 matches found
Fedora 41 : qbittorrent (2024-1c74fc369b)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-1c74fc369b advisory. - Update to 5.0.2 fix rhbz2326888 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...
dcmtk-3.6.8-5.1 on GA media (moderate)
dcmtk-3.6.8-5.1 on GA media Announcement ID: openSUSE-SU-2024:14514-1 Rating: moderate Cross-References: CVE-2024-27628 CVE-2024-34509 Affected Products: openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. Description: These are all security issues fixed in the...
Fedora 37 : samba (2022-2156b74a6a)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-2156b74a6a advisory. Update to version 4.17.3 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
Fedora 41 : python-cramjam / rust-async-compression / rust-brotli / etc (2024-2096f5d14c)
The remote Fedora 41 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-2096f5d14c advisory. Update rust-brotli-decompressor to 4.0.1, rust-brotli to 7.0.0, and rust-async-compression to 0.4.13. Patch dependent packages as needed to avoid compat...
Fedora 37 : ruby (2022-f0f6c6bec2)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-f0f6c6bec2 advisory. Upgrade to Ruby 3.1.3. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
Fedora 38 : python-django3 (2022-0cba1bd104)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-0cba1bd104 advisory. Automatic update for python-django3-3.2.15-1.fc38. Changelog Tue Oct 4 2022 Michel Alexandre Salim - 3.2.15-1 - Initial python-django3 release Sun O...
GHSA-XJ7W-R753-VJ8V
creationtimestamp| type| source ---|---|--- 2024-11-13 13:40:08+00:00| seen| https://infosec.exchange/users/cve/statuses/113475925311367276...
CVE-2024-50189
In the Linux kernel, the following vulnerability has been resolved: HID: amdsfh: Switch to device-managed dmamalloccoherent Using the device-managed version allows to simplify clean-up in probe error path. Additionally, this device-managed ensures proper cleanup, which helps to resolve memory...
Important: libarchive
Issue Overview: executefilteraudio in archivereadsupportformatrar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst. CVE-2024-48957 executefilterdelta in archivereadsupportformatrar.c in libarchive before 3.7.5 allows out-of-bounds...
Fedora 40 : firefox (2024-dee1ef052e)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-dee1ef052e advisory. - New upstream update 132.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has n...
Fedora 40 : micropython (2024-f9ca680ecd)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-f9ca680ecd advisory. Update to 1.23.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...
CVE-2024-49923
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Pass non-null to dcn20validateapplypipesplitflags WHAT & HOW "dcn20validateapplypipesplitflags" dereferences merge, and thus it cannot be a null pointer. Let's pass a valid pointer to avoid null dereference. This...
CVE-2024-49945
In the Linux kernel, the following vulnerability has been resolved: net/ncsi: Disable the ncsi work before freeing the associated structure The work function can run after the ncsi device is freed, resulting in use-after-free bugs or kernel panic...
CVE-2024-49928
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: avoid reading out of bounds when loading TX power FW elements Because the loop-expression will do one more time before getting false from cond-expression, the original code copied one more entry size beyond valid...
CVE-2024-49995
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2024-47735
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix spinunlockirqrestore called with IRQs enabled Fix missuse of spinlockirq/spinunlockirq when spinlockirqsave/spinlockirqrestore was hold. This was discovered through the lock debugging, and the corresponding log is a...
CVE-2024-47745
In the Linux kernel, the following vulnerability has been resolved: mm: call the securitymmapfile LSM hook in remapfilepages The remapfilepages syscall handler calls dommap directly, which doesn't contain the LSM security check. And if the process has called personalityREADIMPLIESEXEC before and...
CVE-2024-49855
In the Linux kernel, the following vulnerability has been resolved: nbd: fix race between timeout and normal completion If request timetout is handled by nbdrequeuecmd, normal completion has to be stopped for avoiding to complete this requeued request, other use-after-free can be triggered. Fix t...
python3-virtualbox-7.1.4-1.1 on GA media (moderate)
python3-virtualbox-7.1.4-1.1 on GA media Announcement ID: openSUSE-SU-2024:14413-1 Rating: moderate Cross-References: CVE-2024-21248 CVE-2024-21263 CVE-2024-21273 Affected Products: openSUSE Tumbleweed An update that solves 3 vulnerabilities can now be installed. Description: These are all securi...
Updated rootcerts nss firefox firefox-l10n packages fix security vulnerabilities
The current versions have reached EOL and several security vulnerabilities were fixed by Mozilla. We are having some issues that are delaying the build for some architectures, so for the moment we are releasing this update just for x8664...