Lucene search
K
MageiaMost viewed

6007 matches found

Mageia
Mageia
•added 2013/12/06 10:2 p.m.•28 views

Updated pixman package fixes security vulnerability

Bryan Quigley discovered an integer underflow in pixman. If a user were tricked into opening a specially crafted file, an attacker could cause a denial of service via application crash CVE-2013-6425...

5CVSS3.7AI score0.0288EPSS
Exploits0References4
Mageia
Mageia
•added 2013/11/18 2:41 p.m.•28 views

Updated torque packages fix CVE-2013-4495

Updated torque packages fix security vulnerability: A user could submit executable shell commands on the tail of what is passed with the -M switch for qsub. This was later passed to a pipe, making it possible for these commands to be executed as root on the pbsserver CVE-2013-4495...

10CVSS1.7AI score0.03266EPSS
Exploits0References3
Mageia
Mageia
•added 2013/09/13 8:16 p.m.•28 views

Updated python-OpenSSL package fixes security vulnerability

The string formatting of subjectAltName X509Extension instances in pyOpenSSL before 0.13.1 incorrectly truncated fields of the name when encountering a null byte, possibly allowing man-in-the-middle attacks through certificate spoofing CVE-2013-4314...

4.3CVSS3AI score0.01197EPSS
Exploits0References3
Mageia
Mageia
•added 2013/09/13 8:5 p.m.•28 views

Updated libmodplug packages fixes security vulnerabilities

An integer overflow within the "abcsetparts" function src/loadabc.cpp can be exploited to corrupt heap memory via a specially crafted ABC file CVE-2013-4233. An error within the "abcMIDIdrum" and "abcMIDIgchord" functions src/loadabc.cpp can be exploited to cause a buffer overflow via a specially...

6.8CVSS3.7AI score0.04352EPSS
Exploits2References3
Mageia
Mageia
•added 2026/06/10 5:7 a.m.•27 views

Updated jq packages fix security vulnerabilities

An integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denial of service. CVE-2024-23337 It was discovered that jq did not correctly handle certain string concatenations. An attacker could possibly use this issue to cause a denial of...

8.7CVSS6.9AI score0.00559EPSS
Exploits7References9
Mageia
Mageia
•added 2026/05/19 2:46 a.m.•27 views

Updated postgresql15 packages fix security vulnerabilities

PostgreSQL CREATE TYPE does not check multirange schema CREATE privilege. CVE-2026-6472 PostgreSQL server undersizes allocations, via integer wraparound. CVE-2026-6473 PostgreSQL timeofday can disclose portions of server memory. CVE-2026-6474 PostgreSQL pgbasebackup and pgrewind can overwrite...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References2
Mageia
Mageia
•added 2025/05/27 6:46 p.m.•27 views

Updated thunderbird packages fix security vulnerabilities

Sender Spoofing via Malformed From Header in Thunderbird. CVE-2025-3875 Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links. CVE-2025-3877 JavaScript Execution via Spoofed PDF Attachment and file:/// Link. CVE-2025-3909 Tracking Links in Attachments...

9.8CVSS9AI score0.08917EPSS
Exploits1References5
Mageia
Mageia
•added 2025/05/05 4:57 a.m.•27 views

Updated graphicsmagick packages fix security vulnerabilities

GraphicsMagick before 8e56520 has a heap-based buffer over-read in ReadJXLImage in coders/jxl.c, related to an ImportViewPixelArea call. CVE-2025-32460...

9.1CVSS7.4AI score0.00315EPSS
Exploits1References4
Mageia
Mageia
•added 2025/03/12 7:0 a.m.•27 views

Updated thunderbird, thunderbird-l10n packages fix security vulnerabilities

CVE-2024-43097: Overflow when growing an SkRegion's RunArray CVE-2025-1931: Use-after-free in WebTransportChild CVE-2025-1932: Inconsistent comparator in XSLT sorting led to out-of-bounds access CVE-2025-1933: JIT corruption of WASM i32 return values on 64-bit CPUs CVE-2025-1934: Unexpected GC...

8.1CVSS6.7AI score0.00519EPSS
Exploits1References3
Mageia
Mageia
•added 2025/03/06 5:56 p.m.•27 views

Updated erlang packages fix security vulnerability

SSH SFTP packet size not verified properly in Erlang OTP. CVE-2025-26618...

7CVSS7.3AI score0.0046EPSS
Exploits0References2
Mageia
Mageia
•added 2025/02/14 8:36 p.m.•27 views

Updated golang packages fix security vulnerability

Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec. CVE-2025-22866...

4CVSS7.3AI score0.00284EPSS
Exploits0References2
Mageia
Mageia
•added 2025/01/20 6:21 p.m.•27 views

Updated proftpd packages fix security vulnerability

In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental groups from modsql. CVE-2024-48651...

7.5CVSS6.8AI score0.02204EPSS
Exploits0References2
Mageia
Mageia
•added 2025/01/20 6:21 p.m.•27 views

Updated git packages fix security vulnerabilities

Git does not sanitize URLs when asking for credentials interactively. CVE-2024-50349 Newline confusion in credential helpers can lead to credential exfiltration in git. CVE-2024-52006...

7.5CVSS6.9AI score0.01019EPSS
Exploits0References2
Mageia
Mageia
•added 2024/11/13 6:48 p.m.•27 views

Updated libarchive packages fix security vulnerability

A heap-based out-of-bounds write vulnerability was discovered in libarchive, a multi-format archive and compression library, which may result in the execution of arbitrary code if a specially crafted RAR archive is processed. CVE-2024-20696...

7.3CVSS7.5AI score0.03154EPSS
Exploits0References2
Mageia
Mageia
•added 2024/10/04 5:27 a.m.•27 views

Updated openjpeg2 packages fix security vulnerability

Maliciously constructed pictures can cause the program to enter a large loop and continuously print warning messages on the terminal. CVE-2023-39327...

4.3CVSS7.2AI score0.00528EPSS
Exploits0References2
Mageia
Mageia
•added 2024/09/10 4:40 p.m.•27 views

Updated zziplib packages fix security vulnerability

A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via the zzipfetchdisktrailer function at /zzip/zip.c. CVE-2024-39134...

7.5CVSS6.8AI score0.00604EPSS
Exploits1References2
Mageia
Mageia
•added 2024/09/09 7:0 p.m.•27 views

Updated ntfs-3g packages fix security vulnerability

NTFS-3G before 75dcdc2 has a use-after-free in ntfsuppercasembs in libntfs-3g/unistr.c. CVE-2023-52890...

4.5CVSS7AI score0.00159EPSS
Exploits0References2
Mageia
Mageia
•added 2024/06/06 3:48 p.m.•27 views

Updated amavisd-new packages fix security vulnerability

Amavis before 2.12.3 and 2.13.x before 2.13.1, in part because of its use of MIME-tools, has an Interpretation Conflict relative to some mail user agents when there are multiple boundary parameters in a MIME email message. Consequently, there can be an incorrect check for banned files or malware...

7.4CVSS6.9AI score0.00826EPSS
Exploits0References2
Mageia
Mageia
•added 2024/04/10 4:3 a.m.•27 views

Updated perl-Data-UUID packages fix security vulnerability

Perl module Data::UUID from CPAN version 1.219 is vulnerable to symlink attacks. CVE-2013-4184...

5.5CVSS5.9AI score0.00504EPSS
Exploits0References2
Mageia
Mageia
•added 2023/07/07 5:54 a.m.•27 views

Updated opensc packages fix security vulnerability

Crash or info leak due to heap-based buffer out of bounds read CVE-2023-2977...

7.1CVSS7AI score0.00295EPSS
Exploits0References2
Mageia
Mageia
•added 2023/03/18 10:16 p.m.•27 views

Updated xfig packages fix security vulnerability

A potential buffer overflow exists in the file src/whelp.c at line 55. Specifically, the length of the string returned by getenv"LANG" may become very long and cause a buffer overflow while executing the sprintf function. This vulnerability could potentially allow an attacker to execute arbitrary...

9.8CVSS4.9AI score0.00976EPSS
Exploits1References2
Mageia
Mageia
•added 2022/09/16 7:39 p.m.•27 views

Updated wireshark packages fix security vulnerability

F5 Ethernet Trailer dissector infinite loop wnpa-sec-2022-06...

1.7AI score
Exploits0References7
Mageia
Mageia
•added 2022/07/25 9:41 p.m.•27 views

Updated logrotate packages fix security vulnerability

Improved coredump handing for SUID binaries. bsc1192449...

1.5AI score
Exploits0References3
Mageia
Mageia
•added 2022/03/21 8:18 p.m.•27 views

Updated stunnel packages fix security vulnerability

Update to 5.62 including new features and bugfixes: Security bugfixes - The "redirect" option was fixed to properly handle unauthenticated requests bsc1182529. - Fixed a double free with OpenSSL older than 1.1.0. - Added hardening to systemd service bsc1181400. New features - Added new...

1.9AI score
Exploits0References3
Mageia
Mageia
•added 2021/07/27 8:21 p.m.•27 views

Updated perl-Net-Netmask package fixes a security vulnerability

The Net::Netmask module before 2.0000 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which in some situations allows attackers to bypass access control that is based on IP addresses CVE-2021-29424...

7.5CVSS6AI score0.02001EPSS
Exploits1References2
Mageia
Mageia
•added 2021/07/12 8:26 p.m.•27 views

Updated webmin package fixes security vulnerability

The webmin package has been updated to version 1.979, which has fixes for handling un-trusted inputs in the Network Configuration module. Also, the openvpn module has been updated to version 3.2...

3.2AI score
Exploits0References3
Mageia
Mageia
•added 2021/07/04 2:13 a.m.•27 views

Updated networkmanager packages fix security vulnerability

A flaw was found in NetworkManager in versions before 1.30.0. Setting match.path and activating a profile crashes NetworkManager. The highest threat from this vulnerability is to system availability. CVE-2021-20297...

5.5CVSS2.5AI score0.00254EPSS
Exploits0References1
Mageia
Mageia
•added 2021/02/10 6:41 p.m.•27 views

Updated perl-Email-MIME and perl-Email-MIME-ContentType packages fix security vulnerability

Messages with too many tiny nested MIME parts can lead to memory exhaustion on split, resulting in denial of service rhbz1835353 This update limits the number of nested MIME parts to 10 by default, to avoid a possible memory exhaustion issue with lots of tiny MIME parts...

2.3AI score
Exploits0References3
Mageia
Mageia
•added 2021/01/29 7:5 p.m.•27 views

Updated db53 packages fix a security vulnerability

Vulnerability in the Data Store component of Oracle Berkeley DB. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Data Store executes to compromise Data Store. Successful attacks of this vulnerability can result in...

3.3CVSS5.3AI score0.00604EPSS
Exploits0References3
Mageia
Mageia
•added 2021/01/14 8:10 p.m.•27 views

Updated nvidia-current packages fix security vulnerabilities

NVIDIA GPU Display Driver Linux contains a vulnerability in the kernel mode layer nvidia.ko IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure CVE‑2021‑1052. NVIDIA GPU Display Driver for...

7.8CVSS3.3AI score0.01777EPSS
Exploits0References2
Mageia
Mageia
•added 2020/10/21 1:7 p.m.•27 views

Updated claw-mail packages fix a security vulnerability

In imapscantreerecursive in Claws Mail through 3.17.6, a malicious IMAP server can trigger stack consumption because of unlimited recursion into subdirectories during a rebuild of the folder tree CVE-2020-16094...

7.5CVSS3.1AI score0.01781EPSS
Exploits1References2
Mageia
Mageia
•added 2020/08/29 6:40 a.m.•27 views

Updated ark packages fix security vulnerability

A maliciously crafted TAR archive containing symlink entries would install files anywhere in the user's home directory upon extraction CVE-2020-24654...

4.3CVSS1.3AI score0.01496EPSS
Exploits0References2
Mageia
Mageia
•added 2020/05/24 6:4 p.m.•27 views

Updated viewvc packages fix security vulnerability

Updated viewvc package fixes security vulnerability: ViewVC before versions 1.1.28 has an XSS vulnerability in CVS showsubdirlastmod support. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a CVS repository exposed by an otherwise trusted...

3.5CVSS1.9AI score0.01216EPSS
Exploits1References5
Mageia
Mageia
•added 2019/08/31 1:22 p.m.•27 views

Updated wireshark packages fix security vulnerability

Updated wireshark packages fix security vulnerability: ASN.1 BER and related dissectors crash CVE-2019-13619...

7.5CVSS3AI score0.06079EPSS
Exploits1References4
Mageia
Mageia
•added 2019/02/13 11:8 a.m.•28 views

Updated cinnamon packages fix security vulnerability

A flaw was found in Cinnamon 1.9.2 through 3.8.6. The cinnamon-settings-users.py GUI runs as root and allows configuration of for example other users' icon files in onfacebrowsemenuitemactivated and onfacemenuitemactivated. These icon files are written to the respective user's $HOME/.face locatio...

8.1CVSS4.5AI score0.02201EPSS
Exploits0References3
Mageia
Mageia
•added 2018/12/28 10:16 a.m.•27 views

Updated tcpdump package fixes security vulnerability

Fixed a stack-based buffer over-read in the printprefix function CVE-2018-19519...

5.5CVSS2.1AI score0.02364EPSS
Exploits1References2
Mageia
Mageia
•added 2018/12/03 10:13 p.m.•27 views

Updated messagelib packages fix security vulnerability

Some HTML emails can trick messagelib into opening a new browser window when displaying said email as HTML. This happens even if the option to allow the HTML emails to access remote servers is disabled in KMail settings. This means that the owners of the servers referred in the email can see in...

5.3CVSS2.1AI score0.01104EPSS
Exploits0References2
Mageia
Mageia
•added 2018/11/20 11:11 a.m.•27 views

Updated soundtouch packages fix security vulnerabilities

Assertion failure in BPMDetect class in BPMDetect.cpp CVE-2018-17096. Out-of-bounds heap write in WavOutFile::write CVE-2018-17097. Heap corruption in WavFileBase class in WavFile.cpp CVE-2018-17098...

8.8CVSS1.2AI score0.02838EPSS
Exploits3References4
Mageia
Mageia
•added 2018/07/01 5:17 p.m.•27 views

Updated taglib packages fix security vulnerability

The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure heap-based buffer over-read via a crafted audio file. CVE-2018-11439...

6.5CVSS5.4AI score0.02847EPSS
Exploits1References2
Mageia
Mageia
•added 2018/05/19 8:56 p.m.•27 views

Updated librelp packages fix security vulnerability

librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. This attack appear to be exploitable a remote attacker that can connect to rsyslog and trigger a stack buffer overflow by sending ...

9.8CVSS7.1AI score0.09662EPSS
Exploits1References3
Mageia
Mageia
•added 2018/04/22 7:59 p.m.•27 views

Updated freeplane packages fix security vulnerability

Wojciech Regula discovered an XML External Entity vulnerability in the XML Parser of the mindmap loader in freeplane, a Java program for working with mind maps, resulting in potential information disclosure if a malicious mind map file is opened CVE-2018-1000069...

5.5CVSS3.3AI score0.02297EPSS
Exploits1References2
Mageia
Mageia
•added 2018/04/22 7:59 p.m.•27 views

Updated libcdio packages fix security vulnerabilities

A heap corruption bug was found in the way libcdio handled processing of ISO files. An attacker could potentially use this flaw to crash applications using libcdio by tricking them into processing crafted ISO files, thus resulting in local DoS CVE-2017-18198. A NULL pointer dereference flaw was...

9.8CVSS1.1AI score0.03427EPSS
Exploits1References2
Mageia
Mageia
•added 2018/01/03 10:32 a.m.•27 views

Updated libplist packages fix security vulnerability

The base64decode function in libplist allowed attackers to obtain sensitive information from process memory or cause a denial of service buffer over-read via split encoded Apple Property List data CVE-2017-5209. The main function in plistutil.c in libimobiledevice libplist allowed attackers to...

9.1CVSS4.7AI score0.03768EPSS
Exploits6References3
Mageia
Mageia
•added 2017/12/31 3:14 p.m.•27 views

Updated heimdal packages fix security vulnerability

Michael Eder and Thomas Kittel discovered that Heimdal did not correctly handle ASN.1 data. This would allow an unauthenticated remote attacker to cause a denial of service crash of the KDC daemon by sending maliciously crafted packets CVE-2017-17439...

7.5CVSS2.9AI score0.03427EPSS
Exploits0References2
Mageia
Mageia
•added 2017/12/16 11:20 p.m.•27 views

Updated evince packages fix security vulnerability

It was discovered that Evince incorrectly handled printing certain DVI files. If a user were tricked into opening and printing a specially-named DVI file, an attacker could use this issue to execute arbitrary code CVE-2017-1000159...

7.8CVSS2.8AI score0.01406EPSS
Exploits0References3
Mageia
Mageia
•added 2017/10/09 9:51 a.m.•27 views

Updated flightgear packages fix security vulnerability

In FlightGear before version 2017.3.1, Main/logger.cxx in the FGLogger subsystem allows one to overwrite any file via a resource that affects the contents of the global Property Tree. Mageia provides 2017.3.1 version as a security and bugfix update, allowing to connect to latest multiplayer serve...

7.5CVSS4AI score0.01058EPSS
Exploits1References4
Mageia
Mageia
•added 2017/09/10 12:36 p.m.•27 views

Updated libgcrypt packages fix security vulnerability

It was discovered that libgcrypt is prone to a local side-channel attack against the ECDH encryption with Curve25519, allowing recovery of the private key...

7.5CVSS3.1AI score0.0351EPSS
Exploits0References2
Mageia
Mageia
•added 2017/08/07 10:16 p.m.•27 views

Updated gdm packages fix security vulnerability

It was found that gdm could crash due to a signal handler dispatched to an invalid conversation. An attacker could crash gdm by holding the escape key when the screen is locked, possibly bypassing the locked screen CVE-2015-7496...

7.2CVSS6.3AI score0.00406EPSS
Exploits0References2
Mageia
Mageia
•added 2017/07/13 9:10 a.m.•27 views

Updated sudo packages fix security vulnerability

A flaw was found in the way sudo parsed tty information from the process status file in the proc filesystem. A local user with privileges to execute commands via sudo could use this flaw to escalate their privileges to root. CVE-2017-1000367...

6.9CVSS4.2AI score0.08018EPSS
Exploits8References2
Mageia
Mageia
•added 2017/06/29 9:40 p.m.•27 views

Updated libsndfile packages fix security vulnerability

In libsndfile, an error in the "aiffreadchanmap" function aiff.c can be exploited to cause an out-of-bounds read memory access via a specially crafted AIFF file CVE-2017-6892...

8.8CVSS4.2AI score0.02485EPSS
Exploits1References2
Total number of security vulnerabilities5000