Lucene search
K
MageiaMost viewed

6009 matches found

Mageia
Mageia
•added 2025/05/08 6:51 p.m.•32 views

Updated firefox packages fix security vulnerabilities

A process isolation vulnerability in Firefox stemmed from improper handling of javascript: URIs, which could allow content to execute in the top-level document's process instead of the intended frame, potentially enabling a sandbox escape, CVE-2025-4083. A vulnerability was identified in Firefox...

9.1CVSS8.3AI score0.00419EPSS
Exploits0References3
Mageia
Mageia
•added 2025/05/05 4:57 a.m.•32 views

Updated pam packages fix security vulnerability

libpam vulnerable to leaking hashed passwords. CVE-2024-10041...

4.7CVSS6.9AI score0.00265EPSS
Exploits0References2
Mageia
Mageia
•added 2025/04/17 5:37 p.m.•32 views

Updated rust packages fix security vulnerability

The Rust Security Response WG was notified that the Rust standard library did not properly escape arguments when invoking batch files with the bat and cmd extensions on Windows using the Command API. An attacker able to control the arguments passed to the spawned process could execute arbitrary...

10CVSS7.8AI score0.20342EPSS
Exploits10References9
Mageia
Mageia
•added 2025/03/26 3:43 a.m.•32 views

Updated radare2 packages fix security vulnerabilities

Buffer overflow in the HFS parser from grub2. CVE-2024-56737 Out-of-bounds Write in radare2. CVE-2025-1744 Buffer Overflow and Potential Code Execution in Radare2. CVE-2025-1864...

10CVSS8.1AI score0.00721EPSS
Exploits0References2
Mageia
Mageia
•added 2025/03/22 5:53 p.m.•32 views

Updated libxslt packages fix security vulnerabilities

xsltGetInheritedNsList in libxslt has a use-after-free issue related to exclusion of result prefixes CVE-2024-55549. numbers.c in libxslt has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValu...

7.8CVSS6.8AI score0.00324EPSS
Exploits4References2
Mageia
Mageia
•added 2025/02/25 4:58 p.m.•32 views

Updated emacs packages fix a security vulnerability

A command injection flaw was found which could allow a remote, unauthenticated attacker to execute arbitrary shell commands by tricking users into visiting a specially crafted website or an HTTP URL with a redirect...

8.8CVSS8.7AI score0.02657EPSS
Exploits0References4
Mageia
Mageia
•added 2025/02/13 7:9 p.m.•32 views

Updated ofono packages fix security vulnerabilities

Sms decoder stack-based buffer overflow remote code execution vulnerability within the decodedeliver function. CVE-2023-2794 Sms decoder stack-based buffer overflow remote code execution vulnerability within the decodestatusreport function. CVE-2023-4232 Sms decoder stack-based buffer overflow...

8.1CVSS8.2AI score0.0124EPSS
Exploits4References3
Mageia
Mageia
•added 2025/01/25 9:32 p.m.•32 views

Updated iperf packages fix security vulnerability

It was discovered that iperf 3.17.1 contains a segmentation violation via the iperfexchangeparameters function...

7.5CVSS6.9AI score0.00908EPSS
Exploits1References2
Mageia
Mageia
•added 2024/08/28 5:11 p.m.•32 views

Updated nodejs & yarnpkg packages fix security vulnerabilities

Nodejs 22 is the new active LTS branch and 5 CVE are fixed. CVE-2024-36138 - Bypass incomplete fix of CVE-2024-27980 High CVE-2024-22020 - Bypass network import restriction via data URL Medium CVE-2024-22018 - fs.lstat bypasses permission model Low CVE-2024-36137 - fs.fchown/fchmod bypasses...

8.1CVSS7.1AI score0.01104EPSS
Exploits0References10
Mageia
Mageia
•added 2024/06/25 4:12 p.m.•32 views

Updated python-ansible-core packages fix security vulnerability

ansible-core: possible information leak in tasks that ignore ANSIBLENOLOG configuration CVE-2024-0690...

5.5CVSS7AI score0.00301EPSS
Exploits0References2
Mageia
Mageia
•added 2023/12/04 8:28 a.m.•32 views

Updated virtualbox packages fix security vulnerabilities and other bugs

This update fixes several security issues and other bugs, among them: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 7.0.12. Easily exploitable vulnerability allows high privileged attacker with logon t...

8.2CVSS7.6AI score0.0055EPSS
Exploits1References4
Mageia
Mageia
•added 2023/10/23 10:5 p.m.•32 views

Updated libcue packages fix a security vulnerability

Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment can be exploited by downloading a cue sheet from a malicious webpage. Because the file is saved to /Downloads, it is then automatically scanned by tracker-miners. And because it has a .c...

8.8CVSS7.5AI score0.1657EPSS
Exploits1References2
Mageia
Mageia
•added 2023/10/10 5:21 p.m.•32 views

Updated cups packages fix security vulnerabilities

The updated packages fix security vulnerabilities: It was discovered that CUPS incorrectly authenticated certain remote requests. A remote attacker could possibly use this issue to obtain recently printed documents. CVE-2023-32360 Due to failure in validating the length provided by an...

7CVSS7.2AI score0.00663EPSS
Exploits2References5
Mageia
Mageia
•added 2023/09/30 7:15 p.m.•32 views

Updated indent package fixes security vulnerabilities

GNU indent 2.2.13 has a heap-based buffer overflow in searchbrace in indent.c via a crafted file. CVE-2023-40305 GNU indent 2.2.13 has a heap overread in lexi...

5.5CVSS7.4AI score0.00424EPSS
Exploits1References3
Mageia
Mageia
•added 2023/07/07 5:54 a.m.•32 views

Updated curaengine packages fix security vulnerability

Denial of service due to integer overflow CVE-2022-28041...

6.5CVSS7.2AI score0.02069EPSS
Exploits1References2
Mageia
Mageia
•added 2023/04/06 9:20 p.m.•32 views

Updated peazip packages fix security vulnerability

Denial of service via the End of Archive tag function of the peazip/pea UNPEA feature. CVE-2023-24785...

5.5CVSS5.8AI score0.00311EPSS
Exploits1References2
Mageia
Mageia
•added 2022/12/30 10:39 p.m.•32 views

Updated libksba packages fix security vulnerability

Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser. CVE-2022-47629...

9.8CVSS4.8AI score0.0155EPSS
Exploits2References3
Mageia
Mageia
•added 2022/12/13 10:9 p.m.•32 views

Updated matio packages fix security vulnerability

matio aka MAT File I/O Library 1.5.18 through 1.5.21 has a heap-based buffer overflow in ReadInt32DataDouble called from ReadInt32Data and MatVarRead4. CVE-2020-36428 matio aka MAT File I/O Library 1.5.20 and 1.5.21 has a heap-based buffer overflow in H5MMmemcpy called from H5MMmalloc and...

8.8CVSS3.5AI score0.01503EPSS
Exploits0References2
Mageia
Mageia
•added 2022/11/18 10:50 p.m.•33 views

Updated x11-server packages fix security vulnerability

Buffer overflow in function GetCountedString of the file xkb/xkb.c. CVE-2022-3550 Memory leak in the function ProcXkbGetKbdByName of the file xkb/xkb.c. CVE-2022-3551...

8.8CVSS7.8AI score0.01681EPSS
Exploits0References5
Mageia
Mageia
•added 2022/10/08 8:22 p.m.•32 views

Updated kitty packages fix security vulnerability

In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. The user must display attacker-controlled content in the terminal, then click on a notification popup. CVE-2022-41322...

7.8CVSS2.4AI score0.00499EPSS
Exploits1References4
Mageia
Mageia
•added 2022/01/15 8:9 a.m.•32 views

Updated htmldoc packages fix security vulnerability

Buffer overflow vulnerability in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to imageloadbmp. CVE-2021-40985...

5.5CVSS4AI score0.00871EPSS
Exploits1References2
Mageia
Mageia
•added 2021/12/19 12:26 p.m.•32 views

Updated pjproject packages fix security vulnerability

Updated pjproject packages fix security vulnerability: In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition between callback and destroy, due to the accepted socket having no group lock. Second, the SSL socket parent/ listener may get...

5.9CVSS1.1AI score0.02082EPSS
Exploits0References1
Mageia
Mageia
•added 2021/09/23 4:49 a.m.•32 views

Updated libgd packages fix security vulnerability

readheadertga in gdtga.c in the GD Graphics Library aka LibGD through 2.3.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted TGA file. CVE-2021-38115 gdImageGd2Ptr in gdgd2.c in the GD Graphics Library aka LibGD through 2.3.2 has a double free. CVE-2021-40145...

7.5CVSS6.7AI score0.02051EPSS
Exploits2References2
Mageia
Mageia
•added 2021/09/23 4:49 a.m.•32 views

Updated gpac packages fix security vulnerability

A specially crafted MPEG-4 input when decoding the atom for the "co64" FOURCC can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. CVE-2021-21834 A specially crafted MPEG-4 input using the "ctts" FOURCC code can cause a...

8.8CVSS3.6AI score0.02019EPSS
Exploits24References2
Mageia
Mageia
•added 2021/07/10 8:0 p.m.•32 views

Updated libebml packages fix a security vulnerability

A flaw was found in libebml before 1.4.2. A heap overflow bug exists in the implementation of EbmlString::ReadData and EbmlUnicodeString::ReadData in libebml CVE-2021-3405...

6.5CVSS2AI score0.01737EPSS
Exploits1References3
Mageia
Mageia
•added 2021/07/04 2:13 a.m.•32 views

Updated file-roller packages fix security vulnerability

Updated file-roller package fixes security vulnerability: A path traversal vulnerability was found in file-roller due to an incomplete fix for CVE-2020-11736. It may still be possible to extract files outside of the intended directory in case of malicious archives containing symbolic links. The...

3.9CVSS1.3AI score0.00611EPSS
Exploits1References3
Mageia
Mageia
•added 2021/06/23 5:11 p.m.•32 views

Updated wavpack packages fix a security vulnerability

WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in packutils.c because of an integer overflow in a malloc argument CVE-2020-35738...

6.1CVSS3.8AI score0.01196EPSS
Exploits1References2
Mageia
Mageia
•added 2021/06/13 9:32 p.m.•32 views

Updated djvulibre packages fix security vulnerabilities

Stack overflow in function DJVU::DjVuDocument::getdjvufile via crafted djvu file. CVE-2021-3500. Out of bounds write in function DJVU::filterbv via crafted djvu file. CVE-2021-32490. Integer overflow in function render in tools/ddjvu via crafted djvu file. CVE-2021-32491 Out of bounds read in...

7.8CVSS3AI score0.01001EPSS
Exploits0References4
Mageia
Mageia
•added 2021/06/08 4:46 p.m.•32 views

Updated upx packages fix security vulnerabilities

The updated package fixes security vulnerabilities: A heap buffer overflow read was discovered in upx 4.0.0, because the check in plxelf.cpp is not perfect. CVE-2020-24119 A flaw was found in upx canPack in plxelf.cpp in UPX 3.96. This flaw allows attackers to cause a denial of service SEGV or...

8.3CVSS3.2AI score0.01076EPSS
Exploits2References4
Mageia
Mageia
•added 2021/04/23 10:53 p.m.•32 views

Updated connman packages fix security vulnerabilities

A remote information leak vulnerability and a remote buffer overflow vulnerability were discovered in ConnMan, which could result in denial of service or the execution of arbitrary code CVE-2021-26675, CVE-2021-26676...

8.8CVSS4.8AI score0.01301EPSS
Exploits0References2
Mageia
Mageia
•added 2021/03/04 4:53 p.m.•32 views

Updated jasper packages fix security vulnerability

jp2decode in jp2/jp2dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components CVE-2021-3272. A flaw was found in jasper. An out of bounds read issue was found in jp2decode function...

7.1CVSS1.6AI score0.01197EPSS
Exploits3References3
Mageia
Mageia
•added 2021/03/02 10:33 p.m.•32 views

Updated wpa_supplicant packages fix security vulnerability

A vulnerability was discovered in how p2p/p2ppd.c in wpasupplicant before 2.10 processes P2P Wi-Fi Direct provision discovery requests. It could result in denial of service or other impact potentially execution of arbitrary code, for an attacker within radio range CVE-2021-27803...

7.5CVSS3.7AI score0.01228EPSS
Exploits0References3
Mageia
Mageia
•added 2021/02/19 10:27 a.m.•32 views

Updated privoxy package fixes security vulnerabilities

Fixed a memory leak when decompression fails "unexpectedly". CVE-2021-20216 Prevent an assertion from getting triggered by a crafted CGI request. CVE-2021-20217...

7.8CVSS2.4AI score0.02276EPSS
Exploits0References4
Mageia
Mageia
•added 2020/09/30 10:1 a.m.•32 views

Updated gnutls packages fix security vulnerability

An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a norenegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the...

7.5CVSS7.6AI score0.0373EPSS
Exploits1References3
Mageia
Mageia
•added 2020/09/27 8:6 p.m.•32 views

Updated kio-extras packages fix security vulnerability

fishProtocol::establishConnection in fish/fish.cpp in KDE kio-extras through 20.04.0 makes a cacheAuthentication call even if the user had not set the keepPassword option. This may lead to unintended KWallet storage of the password CVE-2020-12755...

3.3CVSS1.6AI score0.00371EPSS
Exploits0References2
Mageia
Mageia
•added 2020/09/02 8:1 a.m.•32 views

Updated putty package fixes security vulnerability

PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts where no host key for the server has been cached by the client CVE-2020-14002...

5.9CVSS5.2AI score0.03146EPSS
Exploits0References3
Mageia
Mageia
•added 2020/08/16 1:53 p.m.•32 views

Updated znc packages fix security vulnerability

The znc package has been updated to version 1.8.1, containing several bugfixes and enhancements. See the upstream change logs for details...

6.5CVSS3.3AI score0.01845EPSS
Exploits0References4
Mageia
Mageia
•added 2020/07/07 1:47 p.m.•32 views

Updated pdns-recursor packages fix security vulnerability

Updated pdns-recursor package fixes security vulnerability: An issue has been found in PowerDNS Recursor where the ACL applied to the internal web server via webserver-allow-from is not properly enforced, allowing a remote attacker to send HTTP queries to the internal web server, bypassing the...

5.3CVSS2AI score0.01688EPSS
Exploits0References3
Mageia
Mageia
•added 2020/06/16 7:45 a.m.•32 views

Updated mbedtls packages fix security vulnerability

Updated mbedtls packages fix security vulnerability Fix side channel in ECC code that allowed an adversary with access to precise enough timing and memory access information typically an untrusted operating system attacking a secure enclave to fully recover an ECDSA private key. CVE-2020-10932 Fi...

4.7CVSS2.8AI score0.00247EPSS
Exploits0References3
Mageia
Mageia
•added 2020/06/10 10:26 p.m.•32 views

Updated libzypp packages fix security vulnerability

Libzypp from mageia 7 is affected by a security issue. This update fixes this. Incorrect Default Permissions vulnerability in libzypp allowed local attackers to read a cookie store used by libzypp, exposing private cookies...

4CVSS5.6AI score0.00301EPSS
Exploits0References5
Mageia
Mageia
•added 2020/05/27 9:52 a.m.•32 views

Updated transmission packages fix security vulnerability

Updated transmission packages fix security vulnerability: Use-after-free in libtransmission/variant.c in Transmission before 3.00 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted torrent file CVE-2018-10756...

7.8CVSS7.8AI score0.02632EPSS
Exploits2References2
Mageia
Mageia
•added 2020/05/05 12:20 p.m.•32 views

Updated dolphin-emu packages fix security vulnerability

Updated dolphin-emu package fixes security vulnerabilities Dolphin Emulator includes a modified copy of the SoundTouch library at version 1.9.2. That version is subject to the following security issues: - The TDStretch::processSamples function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9....

8.8CVSS4.4AI score0.06151EPSS
Exploits10References5
Mageia
Mageia
•added 2020/05/05 12:20 p.m.•32 views

Updated ruby-json packages fix security vulnerability

Updated ruby-json packages fix security vulnerability: In ruby-json before 2.3.0, there is an unsafe object creation vulnerability. When parsing certain JSON documents, the json gem can be coerced into creating arbitrary objects in the target system CVE-2020-10663...

7.5CVSS3.4AI score0.06811EPSS
Exploits0References3
Mageia
Mageia
•added 2020/04/15 10:12 a.m.•32 views

Updated libvncserver packages fix security vulnerability

Updated libvncserver packages fix security vulnerability: In libvncserver, through libvncclient/cursor.c, there is a possibility of a heap overflow, as reported by Pavel Cheremushkin CVE-2019-15690...

8.8CVSS1.8AI score0.00733EPSS
Exploits0References2
Mageia
Mageia
•added 2020/04/15 10:12 a.m.•32 views

Updated mediawiki packages fix security vulnerability

Updated mediawiki packages fix security vulnerability: In MediaWiki before 1.31.7, users can add various Cascading Style Sheets CSS classes which can affect what content is shown or hidden in the user interface to arbitrary DOM nodes via HTML content within a MediaWiki page. This occurs because...

5.3CVSS1.1AI score0.01123EPSS
Exploits1References2
Mageia
Mageia
•added 2020/03/10 7:4 p.m.•32 views

Updated libseccomp packages fix security vulnerability

Updated libseccomp packages fix security vulnerability: Jann Horn discovered that libseccomp did not correctly generate 64-bit syscall argument comparisons with arithmetic operators LT, GT, LE, GE. An attacker could use this to bypass intended access restrictions for argument-filtered system call...

9.8CVSS2.5AI score0.03041EPSS
Exploits0References2
Mageia
Mageia
•added 2020/03/06 4:13 p.m.•32 views

Updated python-bleach packages fix security vulnerability

The updated packages fix a security vulnerability: Mutation XSS in bleach.clean when noscript and raw tag whitelisted. CVE-2020-6802...

6.1CVSS1.3AI score0.01688EPSS
Exploits1References2
Mageia
Mageia
•added 2020/02/13 10:49 a.m.•32 views

Updated exiv2 packages fix security vulnerability

The updated packages fix a security vulnerability: In Jp2Image::readMetadata in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file...

7.8CVSS4.2AI score0.04296EPSS
Exploits1References2
Mageia
Mageia
•added 2020/01/19 10:11 a.m.•32 views

Updated tigervnc packages fix security vulnerabilities

Updated tigervnc packages fix security vulnerabilities: The tigervnc package has been updated to version 1.10.1 to fix multiple unspecified security issues. These issues affect both the client and server and could theoretically allow an malicious peer to take control over the software on the othe...

7.2CVSS4AI score0.04773EPSS
Exploits5References3
Mageia
Mageia
•added 2019/12/31 4:51 p.m.•32 views

Updated pdfresurrect packages fix security vulnerabilities

Updated pdfresurrect package fixes security vulnerabilities: A vulnerability was found in PDFResurrect 0.15 has a buffer overflow via a crafted PDF file because data associated with startxref and %%EOF is mishandled CVE-2019-14267. An issue was discovered in PDFResurrect before 0.18...

7.8CVSS2.7AI score0.07078EPSS
Exploits5References2
Total number of security vulnerabilities5000