Lucene search
K
CloudlinuxMost viewed

524 matches found

CloudLinux
CloudLinux
•added 2026/06/04 11:47 a.m.•12 views

perl: Fix of CVE-2026-8376

CVE-2026-8376: fix heap buffer overflow in Sstudychunk when compiling regular expressions with a repeated fixed string on 32-bit builds mincount l overflow...

9.8CVSS5.8AI score0.00398EPSS
Exploits1References1
CloudLinux
CloudLinux
•added 2026/05/29 3:17 p.m.•12 views

vim: Fix of CVE-2026-46483

CVE-2026-46483: fix command injection in the tar plugin's tarVimuntar function by using the correct shellescapetartail, 1 form so that a crafted .tgz filename cannot trigger cmdline-special expansion in the :! command...

7CVSS5.4AI score0.00552EPSS
Exploits0
CloudLinux
CloudLinux
•added 2026/05/21 3:39 p.m.•12 views

dovecot: Fix of 2 CVEs

CVE-2026-42006: lib-imap: fix listcountlimit to actually count open '' instead of close '', preventing an imap-login memory-exhaustion DoS that bypassed the CVE-2026-27857 fix...

7.5CVSS5.8AI score0.00454EPSS
Exploits0
CloudLinux
CloudLinux
•added 2026/05/21 3:37 p.m.•12 views

httpd: Fix of 5 CVEs

CVE-2026-28780: modproxyajp 4-byte heap buffer overflow when contacting a malicious AJP backend off-by-AJPHEADERLEN check in ajpmsgcheckheader - CVE-2026-34059: modproxyajp heap over-read in ajpparsedata on short AJP replies - CVE-2026-33006: modauthdigest used non-constant-time strcmp for...

9.8CVSS6AI score0.01376EPSS
Exploits1
CloudLinux
CloudLinux
•added 2026/05/21 10:40 a.m.•12 views

vim: Fix of CVE-2026-42307

CVE-2026-42307: fix OS command injection in netrw plugin via crafted sftp:// URLs by hardening the tempfile suffix regex and escaping the tempfile argument before passing it to the sftp command...

4.4CVSS5.8AI score0.00774EPSS
Exploits0
CloudLinux
CloudLinux
•added 2026/05/05 11:41 p.m.•12 views

libwebp: Fix of 6 CVEs

CVE-2018-25009: fix out-of-bounds read in GetLE16 by validating VP8X chunk size - CVE-2018-25010: fix heap-based buffer overflow in ApplyFilter by limiting filter radius to image dimensions - CVE-2018-25011: fix heap-based buffer overflow in PutLE16 by rejecting multiple image chunks in ANMF...

9.8CVSS7.5AI score0.02513EPSS
Exploits0
CloudLinux
CloudLinux
•added 2026/05/05 9:14 p.m.•12 views

perl: Fix of CVE-2018-12015

CVE-2018-12015: Archive::Tar path traversal — remove existing block-device or out-of-CWD symlink targets before overwriting during extraction...

7.5CVSS6.7AI score0.07343EPSS
Exploits1
CloudLinux
CloudLinux
•added 2026/04/29 7:9 a.m.•12 views

bash: Fix of CVE-2019-9924

CVE-2019-9924: reject attempts to add pathnames containing slashes to the hash table in restricted shell...

7.8CVSS6.8AI score0.00415EPSS
Exploits0
CloudLinux
CloudLinux
•added 2026/04/21 5:13 p.m.•12 views

rsync: Fix of 3 CVEs

CVE-2017-16548: fix heap overread in receivexattr by enforcing trailing NUL on received xattr names - CVE-2017-17434: sanitize xname in readndxandattrs and check daemon filter against fnamecmp in recvfiles - CVE-2018-5764: prevent client from resetting protectargs during the second parsearguments...

9.8CVSS5.3AI score0.06337EPSS
Exploits0
CloudLinux
CloudLinux
•added 2026/03/14 4:49 p.m.•12 views

java-1.8.0-openjdk: Fix of 5 CVEs

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u482-b08. That fixes following CVEs: - CVE-2025-53057: Security: enforce proper access control in certificate handling to prevent data tampering - CVE-2025-53066: JAXP: restrict data access in Path Factory processing to prevent information...

7.5CVSS6.7AI score0.00864EPSS
Exploits1
CloudLinux
CloudLinux
•added 2026/01/26 1:16 p.m.•12 views

gnupg2: Fix of CVE-2025-68973

CVE-2025-68973: fix possible memory corruption in the armor parser that could lead to out-of-bounds write for crafted input...

7.8CVSS6.8AI score0.00129EPSS
Exploits1
CloudLinux
CloudLinux
•added 2025/07/29 9:15 a.m.•12 views

php: Fix of CVE-2025-1220

CVE-2025-1220: fix null byte termination in hostnames...

5.3CVSS6.3AI score0.00514EPSS
Exploits1
CloudLinux
CloudLinux
•added 2024/12/25 10:29 a.m.•12 views

ntp: Fix of CVE-2020-13817

CVE-2020-13817: randomize transmit timestamp in client requests...

7.4CVSS7.3AI score0.04071EPSS
Exploits0
CloudLinux
CloudLinux
•added 2024/11/06 4:26 p.m.•12 views

Update of nss

update to CKBI 2.69 from NSS 3.103 - updated certificates: - Certificate "OISTE WISeKey Global Root GC CA" - Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - removed certificates: - Certificate "Security Communication Root CA" - Certificate "Camerfirma Chambers of...

7.3AI score
Exploits0
CloudLinux
CloudLinux
•added 2024/11/06 4:23 p.m.•12 views

Update of ca-certificates

update to CKBI 2.69 from NSS 3.103 - updated certificates: - Certificate "GLOBALTRUST 2020" - Certificate "OISTE WISeKey Global Root GC CA" - removed certificates: - Certificate "Security Communication Root CA" - Certificate "Camerfirma Chambers of Commerce Root" - Certificate "Chambers of...

7.3AI score
Exploits0
CloudLinux
CloudLinux
•added 2026/05/30 10:24 a.m.•11 views

polkit: Fix of CVE-2018-1116

CVE-2018-1116: polkit trusts client-supplied UID in CheckAuthorization, allowing a local attacker to spoof or DoS the authentication-agent dialog of unrelated processes...

4.7CVSS5.5AI score0.01196EPSS
Exploits0
CloudLinux
CloudLinux
•added 2026/05/21 3:36 p.m.•11 views

php: Fix of CVE-2026-7262

CVE-2026-7262: fix NULL pointer dereference in SOAP apache map decoder typemap configured...

7.5CVSS5.8AI score0.0078EPSS
Exploits0
CloudLinux
CloudLinux
•added 2026/05/14 7:22 p.m.•11 views

curl: Fix of 2 CVEs

CVE-2018-1000120: fix buffer overflow exists in the FTP URL handling - CVE-2018-1000007: fix leak authentication data to third parties in HTTP requests...

9.8CVSS7AI score0.12058EPSS
Exploits0
CloudLinux
CloudLinux
•added 2026/05/08 11:35 a.m.•11 views

cyrus-sasl: Fix of CVE-2019-19906

CVE-2019-19906: fix off-by-one in sasladdstring lib/common.c that could cause denial of service or information disclosure via crafted input...

7.5CVSS7.1AI score0.08036EPSS
Exploits1
CloudLinux
CloudLinux
•added 2026/05/05 9:19 p.m.•11 views

tar: Fix of CVE-2019-9923

CVE-2019-9923: fix NULL pointer dereference in paxdecodeheader on malformed PAX extended headers...

7.5CVSS6.7AI score0.03028EPSS
Exploits0
CloudLinux
CloudLinux
•added 2026/05/05 9:17 p.m.•11 views

python: Fix of CVE-2017-1000158

CVE-2017-1000158: fix integer overflow in PyStringDecodeEscape that could trigger a heap-based buffer overflow when decoding very large byte strings...

9.8CVSS7AI score0.08228EPSS
Exploits0
CloudLinux
CloudLinux
•added 2026/05/02 1:4 a.m.•11 views

ansible: Fix of CVE-2019-14904

CVE-2019-14904: validate solariszone name to prevent command injection...

7.3CVSS7.1AI score0.00418EPSS
Exploits0
CloudLinux
CloudLinux
•added 2026/05/02 12:55 a.m.•11 views

glusterfs: Fix of 2 CVEs

CVE-2018-10923: posix: disable open/read/write on special files - CVE-2018-14651: server: don't allow '/' in basename...

8.8CVSS7AI score0.03225EPSS
Exploits0
CloudLinux
CloudLinux
•added 2026/05/02 12:55 a.m.•11 views

libxml2: Fix of 2 CVEs

CVE-2018-14404: fix NULL pointer dereference in xmlXPathCompOpEval when AND/OR operator operates on an empty XPath stack - CVE-2019-19956: fix memory leak in xmlParseBalancedChunkMemoryRecover when parsing NULL doc...

7.5CVSS6.8AI score0.05515EPSS
Exploits0
CloudLinux
CloudLinux
•added 2026/04/29 7:7 a.m.•11 views

gdb: Fix of CVE-2019-1010180

CVE-2019-1010180: add warning for corrupt ELF section size larger than file...

7.8CVSS6.7AI score0.02628EPSS
Exploits1
CloudLinux
CloudLinux
•added 2026/04/29 7:5 a.m.•11 views

python: Fix of CVE-2019-9948

CVE-2019-9948: fix urllib localfile:// URL scheme bypass that allowed file reads when localfile handler was defined...

9.1CVSS6.8AI score0.11844EPSS
Exploits1
CloudLinux
CloudLinux
•added 2026/04/25 8:48 a.m.•11 views

mysql: Fix of CVE-2019-2627

CVE-2019-2627: fix crash when mysql.user table has missing password column...

4.9CVSS6.2AI score0.0301EPSS
Exploits0
CloudLinux
CloudLinux
•added 2026/04/21 5:13 p.m.•11 views

glibc: Fix of 3 CVEs

CVE-2018-6485: fix integer overflows in memalign and malloc - CVE-2018-1000001: fix realpath buffer underflow via getcwd - CVE-2018-19591: fix ifnametoindex descriptor leak...

9.8CVSS5.5AI score0.13368EPSS
Exploits10
CloudLinux
CloudLinux
•added 2026/03/27 12:33 p.m.•11 views

vim: Fix of 2 CVEs

CVE-2026-28417: fix OS command injection in netrw plugin when handling specially crafted URLs such as scp:// - CVE-2026-28421: fix heap-buffer-overflow and crash when recovering from a maliciously crafted Vim swap file...

7.8CVSS5.8AI score0.01162EPSS
Exploits0
CloudLinux
CloudLinux
•added 2026/03/04 5:30 p.m.•11 views

python: Fix of CVE-2025-8194

CVE-2025-8194: tarfile now validates archives to ensure member offsets are non-negative...

7.5CVSS7.2AI score0.00611EPSS
Exploits0
CloudLinux
CloudLinux
•added 2026/03/04 5:29 p.m.•11 views

zlib: Fix of CVE-2016-9843

CVE-2016-9843: avoid pre-decrement of pointer in big-endian CRC calculation...

9.8CVSS7.3AI score0.0595EPSS
Exploits0
CloudLinux
CloudLinux
•added 2025/09/29 1:58 p.m.•11 views

libwebp: Fix of 3 CVEs

CVE-2020-36329: fix use-after-free vulnerability by delaying thread termination - CVE-2020-36330: fix out-of-bounds read in ChunkVerifyAndAssign function - CVE-2020-36331: fix out-of-bounds read in ChunkAssignData function...

9.8CVSS9.6AI score0.02319EPSS
Exploits0
CloudLinux
CloudLinux
•added 2025/07/04 7:0 a.m.•11 views

rsync: Fix of CVE-2024-12087

CVE-2024-12087: fix path traversal vulnerability by adding a proper symlink verification and deduplication checks on a per-file-list basis...

7.5CVSS7.6AI score0.02224EPSS
Exploits1
CloudLinux
CloudLinux
•added 2025/03/01 10:12 a.m.•11 views

bind: Fix of CVE-2024-11187

CVE-2024-11187: Limit the additional processing for large RDATA sets...

7.5CVSS7.4AI score0.15344EPSS
Exploits0
CloudLinux
CloudLinux
•added 2026/06/22 6:37 p.m.•10 views

kernel: Fix of 14 CVEs

nfnetlinkosf: validate individual option lengths in fingerprints CVE-2026-23397 - netfilter: nfnetlinkosf: avoid OOB read CVE-2026-23397 - bonding: limit BONDMODE8023AD to Ethernet devices CVE-2026-23099 - netlabel: fix out-of-bounds memory accesses CVE-2019-25160 - ext4: always check block group...

9.3CVSS6.8AI score0.05111EPSS
Exploits2References14
CloudLinux
CloudLinux
•added 2026/06/04 12:0 p.m.•10 views

ImageMagick: Fix of CVE-2026-30883

CVE-2026-30883: fix heap overflow when encoding PNG with oversized profile...

7.8CVSS7.5AI score0.00123EPSS
Exploits0References1
CloudLinux
CloudLinux
•added 2026/05/13 8:59 a.m.•10 views

dovecot: Fix of CVE-2026-27857

CVE-2026-27857: imap-login: limit IMAP parser open lists to prevent excessive memory usage...

7.5CVSS5.8AI score0.00667EPSS
Exploits1
CloudLinux
CloudLinux
•added 2026/05/02 12:56 a.m.•10 views

sssd: Fix of 2 CVEs

CVE-2018-10852: create the sudo responder socket with stricter permissions - CVE-2019-3811: do not return "/" as the home directory when the user has no homedir configured...

7.5CVSS6.5AI score0.01519EPSS
Exploits0
CloudLinux
CloudLinux
•added 2026/04/29 7:8 a.m.•10 views

expat: Fix of 3 CVEs

CVE-2017-9233: Fix external entity infinite loop bug - CVE-2018-20843: Fix extraction of namespace prefix from XML name - CVE-2019-15903: Deny internal entities closing the doctype heap overread...

7.8CVSS6.8AI score0.09051EPSS
Exploits3
CloudLinux
CloudLinux
•added 2026/04/29 7:6 a.m.•10 views

vim: Fix of CVE-2026-33412

CVE-2026-33412: fix command injection via newline character in glob on Unix-like systems by escaping '\n' in SHELLSPECIAL...

7.3CVSS6AI score0.00834EPSS
Exploits0
CloudLinux
CloudLinux
•added 2026/04/25 8:51 a.m.•10 views

busybox: Fix of 4 CVEs

CVE-2018-1000517: fix heap buffer overflow in wget chunked decoding - CVE-2017-16544: reject terminal control sequences in shell tab completion - CVE-2018-20679: reject zero-length DHCP options and validate 4-byte option lengths - CVE-2019-5747: validate DHCPSUBNET option length before decoding...

9.8CVSS6.7AI score0.32919EPSS
Exploits14
CloudLinux
CloudLinux
•added 2026/04/25 8:49 a.m.•10 views

zsh: Fix of 3 CVEs

CVE-2018-1071: check bounds when copying path in hashcmd - CVE-2018-7549: avoid crash copying empty hash table - CVE-2018-13259: fix shebang line truncation in zexecve...

9.8CVSS6.8AI score0.02723EPSS
Exploits0
CloudLinux
CloudLinux
•added 2026/04/25 8:45 a.m.•10 views

sqlite: Fix of CVE-2018-8740

CVE-2018-8740: avoid a NULL pointer dereference when the sqlitemaster schema contains a corrupt CREATE TABLE AS entry...

7.5CVSS6.2AI score0.08186EPSS
Exploits0
CloudLinux
CloudLinux
•added 2026/04/09 2:44 p.m.•10 views

ImageMagick: Fix of 3 CVEs

CVE-2025-66628: fix integer overflow in TIM parser - CVE-2026-28494: fix stack buffer overflow in morphology kernel parsing - CVE-2026-28693: fix integer overflow in DIB coder...

8.1CVSS6AI score0.00456EPSS
Exploits0
CloudLinux
CloudLinux
•added 2026/04/09 1:55 p.m.•10 views

squid34: Fix of 2 CVEs

CVE-2026-33526: fix heap Use-After-Free in ICP traffic handling causing DoS - CVE-2026-32748: fix HttpRequest lifetime in ICP v3 queries preventing Use-After-Free DoS...

9.2CVSS5.8AI score0.08942EPSS
Exploits0
CloudLinux
CloudLinux
•added 2026/03/31 8:47 a.m.•10 views

squid: Fix of 3 CVEs

CVE-2026-33526: fix heap Use-After-Free in ICP traffic handling causing DoS - CVE-2026-33515: fix out-of-bounds read in ICP message handling leaking sensitive information - CVE-2026-32748: fix HttpRequest lifetime in ICP v3 queries preventing Use-After-Free DoS...

9.2CVSS5.9AI score0.08942EPSS
Exploits0
CloudLinux
CloudLinux
•added 2026/03/23 2:52 p.m.•10 views

expat: Fix of CVE-2026-25210

CVE-2026-25210: fix memory corruption via integer overflow in doContent function during tag buffer reallocation...

7.8CVSS6AI score0.00193EPSS
Exploits0
CloudLinux
CloudLinux
•added 2026/02/06 3:45 p.m.•10 views

Update of microcode_ctl

Update Intel CPU microcode to 20251111: - Addition of cpuid:806F8/0x10 SPR-HBM B3 microcode in microcode.dat at revision 0x2c000410; - Addition of cpuid:806F8/0x87 SPR-SP E5/S3 microcode in microcode.dat at revision 0x2b000650; - Addition of cpuid:90672/0x07 ADL-HX/S 8+8 C0 microcode in...

5.4AI score
Exploits0
CloudLinux
CloudLinux
•added 2025/09/26 2:24 p.m.•10 views

glib2: Fix of CVE-2024-52533

CVE-2024-52533: fix off-by-one error and resulting buffer overflow in gsocks4aproxy.c by increasing SOCKS4CONNMSGLEN...

9.8CVSS7.5AI score0.01263EPSS
Exploits1
CloudLinux
CloudLinux
•added 2025/09/26 2:22 p.m.•10 views

dovecot: Fix of CVE-2020-12674

CVE-2020-12674: fix mishandling of zero length in RPA request to prevent auth service crash...

7.5CVSS7AI score0.06187EPSS
Exploits1
Total number of security vulnerabilities524