Lucene search
K
MageiaMost viewed

6007 matches found

Mageia
Mageia
•added 2014/07/26 12:46 p.m.•32 views

Updated transmission package fixes security vulnerability

Ben Hawkes discovered that Transmission incorrectly handled certain peer messages. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code CVE-2014-4909...

6.8CVSS7.7AI score0.05406EPSS
Exploits1References1
Mageia
Mageia
•added 2014/07/04 5:51 p.m.•32 views

Updated libxfont packages fix security vulnerabilities

Ilja van Sprundel discovered that libXfont incorrectly handled font metadata file parsing. A local attacker could use this issue to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges CVE-2014-0209. Ilja van Sprundel discovered that libXfont incorrectly handled...

7.5CVSS8.1AI score0.04362EPSS
Exploits0References3
Mageia
Mageia
•added 2014/06/18 6:5 p.m.•32 views

Updated wireshark packages fix CVE-2014-4020

Updated wireshark packages fix security vulnerabilities: The frame metadissector could crash CVE-2014-4020...

4.3CVSS6.4AI score0.01413EPSS
Exploits1References4
Mageia
Mageia
•added 2014/05/17 12:38 a.m.•32 views

Updated dovecot packages fix security vulnerability

Updated dovecot packages fix security vulnerability. Dovecot before 2.2.13 is vulnerable to a DoS attack against imap/pop3-login processes. If SSL/TLS handshake was started but wasn't finished, the login process attempted to eventually forcibly disconnect the client, but failed to do it correctly...

5CVSS6.3AI score0.03331EPSS
Exploits0References4
Mageia
Mageia
•added 2014/04/23 4:16 p.m.•32 views

Updated libmms packages fix CVE-2014-2892

Updated libmms packages fix security vulnerability: The libmms library before 0.6.4 is vulnerable to a buffer overflow in getanswer in src/mmsh.c. It may be triggered via an overly long line of a MMSH MMS over HTTP server response, effectively overflowing the buffer which has a static size...

7.5CVSS6.8AI score0.06147EPSS
Exploits1References2
Mageia
Mageia
•added 2014/03/08 9:43 p.m.•32 views

Updated wireshark packages fix multiple vulnerabilies

Updated wireshark packages fix security vulnerabilities: The NFS dissector could crash CVE-2014-2281. The RLC dissector could crash CVE-2014-2283. The MPEG file parser could overflow a buffer CVE-2014-2299...

9.3CVSS6.8AI score0.47422EPSS
Exploits10References6
Mageia
Mageia
•added 2014/01/24 9:2 p.m.•32 views

Updated graphviz packages fix security vulnerabilities

Updated graphviz packages fix security vulnerabilities: Multiple buffer overflow vulnerabilities in graphviz due to an error within the "yyerror" function lib/cgraph/scan.l which can be exploited to cause a stack-based buffer overflow via a specially crafted file CVE-2014-0978 and the acceptance ...

10CVSS7.9AI score0.06082EPSS
Exploits2References3
Mageia
Mageia
•added 2013/12/12 10:22 p.m.•32 views

Updated samba package fixes multiple vulnerabilities

Updated samba packages fix security vulnerabilities: Samba before 3.6.22 incorrectly allows login from authenticated users if the requiremembershipof parameter of pamwinbind specifies only invalid group names CVE-2012-6150. It was discovered that multiple buffer overflows in the processing of...

8.3CVSS4.9AI score0.0379EPSS
Exploits1References4
Mageia
Mageia
•added 2013/09/13 8:7 p.m.•32 views

Updated php-pear-Auth_OpenID package fixes security vulnerability

Auth/Yadis/XML.php in PHP OpenID Library 2.2.2 and earlier allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service CPU and memory consumption via XRDS data containing an external entity declaration in conjunction with an entity...

7.5CVSS4.4AI score0.02997EPSS
Exploits1References2
Mageia
Mageia
•added 2026/05/07 5:6 a.m.•31 views

Updated tcpflow packages fix security vulnerability

tcpflow has TIM Element OOB Write in wifipcap. CVE-2026-25061...

7.5CVSS5.8AI score0.00517EPSS
Exploits1References2
Mageia
Mageia
•added 2025/03/26 3:43 a.m.•31 views

Updated radare2 packages fix security vulnerabilities

Buffer overflow in the HFS parser from grub2. CVE-2024-56737 Out-of-bounds Write in radare2. CVE-2025-1744 Buffer Overflow and Potential Code Execution in Radare2. CVE-2025-1864...

10CVSS8.1AI score0.00721EPSS
Exploits0References2
Mageia
Mageia
•added 2025/03/22 5:53 p.m.•31 views

Updated libxslt packages fix security vulnerabilities

xsltGetInheritedNsList in libxslt has a use-after-free issue related to exclusion of result prefixes CVE-2024-55549. numbers.c in libxslt has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValu...

7.8CVSS6.8AI score0.00324EPSS
Exploits4References2
Mageia
Mageia
•added 2025/03/17 4:33 p.m.•31 views

Updated php packages fix security vulnerabilities

Bugs and security with streams have been fixed...

9.8CVSS7.2AI score0.00821EPSS
Exploits2References7
Mageia
Mageia
•added 2025/01/25 9:32 p.m.•31 views

Updated iperf packages fix security vulnerability

It was discovered that iperf 3.17.1 contains a segmentation violation via the iperfexchangeparameters function...

7.5CVSS6.9AI score0.00908EPSS
Exploits1References2
Mageia
Mageia
•added 2024/11/27 7:59 p.m.•31 views

Updated tomcat packages fix security vulnerabilities

Authentication bypass when using Jakarta Authentication API. CVE-2024-52316 Incorrect JSP tag recycling leads to XSS. CVE-2024-52318...

9.8CVSS7.4AI score0.06287EPSS
Exploits2References3
Mageia
Mageia
•added 2024/11/13 6:48 p.m.•31 views

Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, java-21-openjdk & java-latest-openjdk packages fix security vulnerabilities

giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function. CVE-2023-48161 Array indexing integer overflow. CVE-2024-21210 HTTP client improper handling of maxHeaderSize. CVE-2024-21208 Unbounded allocation leads to out-of-memory error. CVE-2024-21217 Integer conversion error lea...

7.1CVSS7.1AI score0.01157EPSS
Exploits1References5
Mageia
Mageia
•added 2024/11/08 10:9 p.m.•31 views

Updated python-urllib3 packages fix security vulnerability

When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possible to accidentally configure the Proxy-Authorization header even though it...

6.5CVSS7.3AI score0.01141EPSS
Exploits1References1
Mageia
Mageia
•added 2024/10/14 6:46 p.m.•31 views

Updated thunderbird packages fix security vulnerabilities

The current version has reached EOL and several security vulnerabilities were fixed by Mozilla. We are having some issues that are delaying the build for some architectures, so for the moment we are releasing this update just for x8664...

9.8CVSS7.7AI score0.04395EPSS
Exploits1References11
Mageia
Mageia
•added 2024/06/17 5:44 p.m.•31 views

Updated iperf packages fix security vulnerability

iPerf3 before 3.17, when used with OpenSSL before 3.2.0 as a server with RSA authentication, allows a timing side channel in RSA decryption operations. This side channel could be sufficient for an attacker to recover credential plaintext. It requires the attacker to send a large number of message...

5.9CVSS6.7AI score0.01107EPSS
Exploits0References2
Mageia
Mageia
•added 2024/06/07 5:31 p.m.•31 views

Updated plasma-workspace packages fix security vulnerability

KSmserver, KDE's XSMP manager, incorrectly allows connections via ICE based purely on the host, allowing all local connections. This allows another user on the same machine to gain access to the session manager. A well crafted client could use the session restore feature to execute arbitrary code...

7.8CVSS7.5AI score0.00293EPSS
Exploits0References2
Mageia
Mageia
•added 2024/05/09 2:40 a.m.•31 views

Updated exfatprogs packages fix security vulnerability

exfatprogs before 1.2.2 allows out-of-bounds memory access, such as in readfiledentryset. CVE-2023-45897...

5.5CVSS7.3AI score0.00381EPSS
Exploits1References2
Mageia
Mageia
•added 2024/03/14 7:34 p.m.•31 views

Updated fonttools packages fix security vulnerabilities

As of fonttools=4.28.2 the subsetting module has a XML External Entity Injection XXE vulnerability which allows an attacker to resolve arbitrary entities when a candidate font OT-SVG fonts, which contains a SVG table, is parsed. This allows attackers to include arbitrary files from the filesystem...

7.5CVSS7.2AI score0.01228EPSS
Exploits1References3
Mageia
Mageia
•added 2024/02/29 5:41 p.m.•31 views

Updated sympa packages fix security vulnerabilities

Sympa 6.2.72 fixes many bugs, including the security one related in CVE-2021-32850 It is required to manually run sympa upgrade after get this update...

6.1CVSS7.3AI score0.00802EPSS
Exploits1References3
Mageia
Mageia
•added 2023/10/13 10:56 p.m.•31 views

Updated libX11 packages fix security vulnerabilities

A vulnerability was found in libX11 due to a boundary condition within the XkbReadKeySyms function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system. CVE-2023-43785 A vulnerability was found in libX11 due to an infinite loop within...

7.8CVSS7.7AI score0.00633EPSS
Exploits1References2
Mageia
Mageia
•added 2023/07/23 9:59 p.m.•31 views

Updated virtualbox packages fix security vulnerabilities

This update provides the upstream 7.0.10 maintenance release that fixes at least the following security vulnerabilities: Vulnerability in the Oracle VM VirtualBox prior to 7.0.10 contains an easily exploitable vulnerability that allows high privileged attacker with logon to the infrastructure whe...

8.1CVSS6.6AI score0.0102EPSS
Exploits0References3
Mageia
Mageia
•added 2023/03/11 7:0 p.m.•31 views

Updated tmux packages fix security vulnerability

Fixed a null pointer dereference in window.c. CVE-2022-47016...

2.4AI score
Exploits0References4
Mageia
Mageia
•added 2023/02/07 12:6 a.m.•31 views

Updated python-mechanize packages fix security vulnerability

Denial of service via crafted regular expression CVE-2021-32837 Fixed mechanize not found during build...

7.5CVSS3.4AI score0.28661EPSS
Exploits1References2
Mageia
Mageia
•added 2023/01/13 5:37 p.m.•31 views

Updated w3m packages fix security vulnerability

There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. It can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact. CVE-2022-38223...

7.8CVSS2.8AI score0.00441EPSS
Exploits1References2
Mageia
Mageia
•added 2022/12/17 6:48 p.m.•31 views

Updated python-slixmpp packages fix security vulnerability

Fixes missing certificate hostname validation...

7.5CVSS1.6AI score0.00469EPSS
Exploits0References2
Mageia
Mageia
•added 2022/12/17 6:48 p.m.•31 views

Updated libetpan packages fix security vulnerability

Null pointer dereference in mailimapmailboxdatastatusfree in low-level/imap/mailimaptypes.c. CVE-2022-4121...

5.5CVSS2.2AI score0.00542EPSS
Exploits1References2
Mageia
Mageia
•added 2022/11/18 10:50 p.m.•31 views

Updated varnish packages fix security vulnerability

An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before 6.0.11, 7.x before 7.1.2, and 7.2.x before 7.2.1. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce...

7.5CVSS1.3AI score0.00928EPSS
Exploits0References3
Mageia
Mageia
•added 2022/09/16 7:39 p.m.•31 views

Updated ostree packages fix security vulnerability

A memory corruption issue that could be triggered when diffing binary files. CVE-2014-9862...

7.8CVSS8AI score0.06762EPSS
Exploits0References3
Mageia
Mageia
•added 2022/02/18 12:14 a.m.•31 views

Updated zxing-cpp packages fix security vulnerability

Buffer overflow vulnerability in function stbiextendreceive in stbimage.h in stb 2.26 via a crafted JPEG file. CVE-2021-28021 An issue was discovered in stb stbimage.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An...

7.8CVSS2.3AI score0.0136EPSS
Exploits2References2
Mageia
Mageia
•added 2021/08/06 9:33 a.m.•31 views

Updated exiv2 packages fix security vulnerability

Updated exiv2 packages fix security vulnerability: A heap-based buffer overflow vulnerability in jp2image.cpp of Exiv2 0.27.3 allows attackers to cause a denial of service DOS via crafted metadata CVE-2021-31291...

5.2AI score
Exploits0References1
Mageia
Mageia
•added 2021/07/16 8:25 a.m.•31 views

Updated aom packages fix security vulnerabilities

aomimage.c in libaom in AOMedia before 2021-04-07 frees memory that is not located on the heap CVE-2021-30473. aomdsp/graintable.c in libaom in AOMedia before 2021-03-30 has a use-after-free CVE-2021-30474. aomdsp/noisemodel.c in libaom in AOMedia before 2021-03-24 has a buffer overflow...

9.8CVSS3.5AI score0.02216EPSS
Exploits0References2
Mageia
Mageia
•added 2021/06/23 5:11 p.m.•31 views

Updated tunnel packages fix security vulnerability

Updated stunnel package fixes security vulnerability: Client certificate not correctly verified when redirect and verifyChain options are used CVE-2021-20230...

7.5CVSS2.6AI score0.01179EPSS
Exploits0References2
Mageia
Mageia
•added 2021/04/15 7:3 p.m.•31 views

Updated x11-server packages fix security vulnerability

Insufficient checks on the lengths of the XInput extension ChangeFeedbackControl request can lead to out of bounds memory accesses in the X server. These issues can lead to privilege escalation for authorized clients on systems where the X server is running privileged CVE-2021-3472...

7.8CVSS2.9AI score0.0105EPSS
Exploits0References3
Mageia
Mageia
•added 2021/03/04 4:53 p.m.•31 views

Updated jasper packages fix security vulnerability

jp2decode in jp2/jp2dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components CVE-2021-3272. A flaw was found in jasper. An out of bounds read issue was found in jp2decode function...

7.1CVSS1.6AI score0.01197EPSS
Exploits3References3
Mageia
Mageia
•added 2021/02/11 8:36 p.m.•31 views

Updated gssproxy package fixes a security vulnerability

gssproxy aka gss-proxy before 0.8.3 does not unlock condmutex before pthread exit in gpworkermain in gpworkers.c CVE-2020-12658...

9.8CVSS2.5AI score0.01681EPSS
Exploits0References2
Mageia
Mageia
•added 2021/01/17 4:7 p.m.•31 views

Updated resteasy packages fix a security vulnerability

A flaw was found in Resteasy, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed CVE-2020-1695...

7.5CVSS1.3AI score0.02023EPSS
Exploits0References2
Mageia
Mageia
•added 2020/11/10 3:20 p.m.•31 views

Updated lout packages fix security vulnerabilities

Lout 3.40 has a buffer overflow in the StringQuotedWord function in z39.c. CVE-2019-19917 Lout 3.40 has a heap-based buffer overflow in the srcnext function in z02.c. CVE-2019-19918...

7.8CVSS3.8AI score0.01599EPSS
Exploits2References3
Mageia
Mageia
•added 2020/09/27 8:6 p.m.•31 views

Updated cifs-utils packages fix security vulnerability

The mount.cifs utility has a shell injection issue where one can embed shell commands via the username mount option. Those commands will be run via popen in the context of the user calling mount CVE-2020-14342...

7CVSS7.4AI score0.00652EPSS
Exploits1References3
Mageia
Mageia
•added 2020/07/10 3:40 p.m.•31 views

Updated mediawiki packages fix security vulnerability

Updated mediawiki packages fix security vulnerability: In MediaWiki before 1.31.8, private wikis behind a caching server using the imgauth.php image authorization security feature may have had their files cached publicly, so any unauthorized user could view them. This occurs because Cache-Control...

3.1CVSS2.8AI score0.01302EPSS
Exploits0References2
Mageia
Mageia
•added 2020/03/10 7:4 p.m.•31 views

Updated libseccomp packages fix security vulnerability

Updated libseccomp packages fix security vulnerability: Jann Horn discovered that libseccomp did not correctly generate 64-bit syscall argument comparisons with arithmetic operators LT, GT, LE, GE. An attacker could use this to bypass intended access restrictions for argument-filtered system call...

9.8CVSS2.5AI score0.03041EPSS
Exploits0References2
Mageia
Mageia
•added 2020/01/30 6:28 p.m.•31 views

Updated openjpeg2 packages fix security vulnerability

Updated openjpeg2 packages fix security vulnerability: OpenJPEG through 2.3.1 has a heap-based buffer overflow in opjt1clbldecodeprocessor in libopenjp2.so CVE-2020-6851...

7.5CVSS3.7AI score0.04932EPSS
Exploits1References2
Mageia
Mageia
•added 2020/01/28 7:52 a.m.•31 views

Updated libbsd packages fix security vulnerability

It was discovered that libbsd incorrectly handled certain strings, due to an out-of-bounds read during a comparison for a symbol name from the string table strtab in nlist.c. An attacker could possibly use this issue to access sensitive information CVE-2019-20367...

9.1CVSS1.5AI score0.02805EPSS
Exploits1References2
Mageia
Mageia
•added 2020/01/05 3:37 p.m.•31 views

Updated dia packages fix security vulnerability

Updated dia package fixes security vulnerability: An endless loop on filenames with invalid encoding CVE-2019-19451...

5.5CVSS2.9AI score0.0037EPSS
Exploits0References2
Mageia
Mageia
•added 2019/12/13 6:25 p.m.•31 views

Updated kdelibs4 packages fix security vulnerability

kdelibs: malicious desktop files and configuration files lead to code execution with minimal user interaction CVE-2019-14744...

7.8CVSS2.2AI score0.04069EPSS
Exploits1References3
Mageia
Mageia
•added 2019/12/13 6:25 p.m.•31 views

Updated proftpd packages fix security vulnerability

An issue was discovered in tlsverifycrl in ProFTPD through 1.3.6b. A dereference of a NULL pointer may occur. This pointer is returned by the OpenSSL skX509REVOKEDvalue function when encountering an empty CRL installed by a system administrator. The dereference occurs when validating the...

4.9CVSS2.7AI score0.01645EPSS
Exploits0References2
Mageia
Mageia
•added 2019/11/30 1:6 p.m.•31 views

Updated gnupg2 packages fix security vulnerability

gnupg2 is updated to 2.2.18 and fix security vulnerability: Web of Trust forgeries using collisions in SHA-1 signatures CVE-2019-14855 Note that this change removes all SHA-1 based key signature newer than 2019-01-19 from the web-of-trust. This includes all key signature created with dsa1024 keys...

7.5CVSS7.7AI score0.0105EPSS
Exploits1References2
Total number of security vulnerabilities5000