Lucene search
K
MageiaRecent

6009 matches found

Mageia
Mageia
•added 2026/06/10 5:7 a.m.•12 views

Updated tor packages fix security issues

This update provides lots of security issues fixed by upstream since our current version. Please see the links for details...

9.1CVSS5.4AI score0.0045EPSS
Exploits0References3
Mageia
Mageia
•added 2026/06/10 5:7 a.m.•27 views

Updated jq packages fix security vulnerabilities

An integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denial of service. CVE-2024-23337 It was discovered that jq did not correctly handle certain string concatenations. An attacker could possibly use this issue to cause a denial of...

8.7CVSS6.9AI score0.00559EPSS
Exploits7References9
Mageia
Mageia
•added 2026/06/10 12:39 a.m.•13 views

Updated freeciv packages fix security vulnerabilities

CVE-2026-33250, freeciv crash with a stack overflow when receiving specially-crafted packets. A remote attacker can use this to take down any public server. A malicious server can use this to crash the game on the player's machine...

7.5CVSS5.6AI score0.00821EPSS
Exploits0References2
Mageia
Mageia
•added 2026/06/10 12:39 a.m.•12 views

Updated wireshark packages fix security vulnerabilities

Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer, which could result in denial of service or the execution of arbitrary code. This update fixes the reported issue...

7.8CVSS7.1AI score0.00306EPSS
Exploits17References6
Mageia
Mageia
•added 2026/06/10 12:39 a.m.•14 views

Updated minetest packages fix security vulnerabilities

Mod security sandbox escape. CVE-2026-40959 HTTP API and insecure environment access control bypass. CVE-2026-40960...

9.3CVSS5.4AI score0.00182EPSS
Exploits0References5
Mageia
Mageia
•added 2026/06/09 7:38 p.m.•15 views

Updated ruby-net-ssh packages fix security vulnerabilities

This update fixes CVE-2023-48795: Prefix Truncation Attacks in SSH Specification Terrapin Attack , for ruby-net-ssh...

5.9CVSS6.9AI score0.9378EPSS
Exploits4References6
Mageia
Mageia
•added 2026/06/09 5:29 a.m.•15 views

Updated packagekit packages fix security vulnerability

PackageKit vulnerable to TOCTOU Race on Transaction Flags leads to arbitrary package installation as root. CVE-2026-41651...

8.8CVSS7.7AI score0.0046EPSS
Exploits10References6
Mageia
Mageia
•added 2026/06/09 5:29 a.m.•17 views

Updated suricata packages fix security vulnerabilities

Various security, performance, accuracy, and stability issues have been fixed, plus we have moved to a supported version...

7.5CVSS6.5AI score0.00984EPSS
Exploits1References7
Mageia
Mageia
•added 2026/06/07 5:10 a.m.•14 views

Updated xdg-dbus-proxy packages fix security vulnerability

A policy parser vulnerability allows bypassing eavesdrop restrictions. The proxy checks for eavesdrop=true in policy rules but fails to handle eavesdrop ='true' with a space before the equals sign and similar cases...

6.8CVSS5.5AI score0.00175EPSS
Exploits0References3
Mageia
Mageia
•added 2026/06/07 5:10 a.m.•24 views

Updated golang-x-crypto & golang-x-sys-devel packages fix security vulnerability

fixes a protocol weakness in the golang.org/x/crypto/ssh package that allowed a MITM attacker to compromise the integrity of the secure channel before it was established, allowing them to prevent transmission of a number of messages immediately after the secure channel was established without...

5.9CVSS5.9AI score0.9378EPSS
Exploits4References4
Mageia
Mageia
•added 2026/06/06 5:36 a.m.•22 views

Updated perl-DBIx-Class-EncodedColumn and new perl-Crypt-URandom-Token packages fix security vulnerabilities

The updated perl-DBIx-Class-EncodedColumn and new perl-Crypt-URandom-Token packages fix security issues: DBIx::Class::EncodedColumn until 0.00032 for Perl uses insecure rand function for salting password hashes in Digest.pm CVE-2025-27551 DBIx::Class::EncodedColumn until 0.00032 for Perl uses...

4CVSS5.4AI score0.0011EPSS
Exploits0References3
Mageia
Mageia
•added 2026/06/06 5:36 a.m.•23 views

Updated kernel-linus packages fix security vulnerabilities

Vanilla upstream kernel version 6.6.141 fixes vulnerabilities. For information about the vulnerabilities see the links...

9.8CVSS5.9AI score0.03663EPSS
Exploits26References4
Mageia
Mageia
•added 2026/06/05 5:37 p.m.•14 views

Updated xmlrpc-c packages fix security vulnerabilities

This update fixes the vulnerabilities by no longer building with the vulnerable bundled libexpat version...

9.8CVSS6.6AI score0.34174EPSS
Exploits2References1
Mageia
Mageia
•added 2026/06/05 5:37 p.m.•19 views

Updated cockpit packages fix security vulnerabilities

CVE-2026-4631, Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects...

9.8CVSS7AI score0.142EPSS
Exploits3References27
Mageia
Mageia
•added 2026/06/05 5:37 p.m.•19 views

Updated kernel, kmod-virtualbox & kmod-xtables-addons packages fix security vulnerabilities

Upstream kernel version 6.6.141 fixes vulnerabilities. The kmod-virtualbox & kmod-xtables-addons packages have been updated to work with this new kernel...

9.8CVSS5.8AI score0.03663EPSS
Exploits26References4
Mageia
Mageia
•added 2026/06/04 5:19 a.m.•11 views

Updated lxc packages fix security vulnerability

CVE-2026-39402, lxc lxc-user-nic insufficient ownership validation allows cross-tenant OVS port deletion...

6.5CVSS5.8AI score0.00162EPSS
Exploits1References3
Mageia
Mageia
•added 2026/06/02 5:23 a.m.•15 views

Updated libcaca packages fix security vulnerability

Heap OOB write in canvas import functions caused by int overflow. CVE-2026-42046...

7.8CVSS5.9AI score0.00223EPSS
Exploits0References4
Mageia
Mageia
•added 2026/06/02 5:23 a.m.•18 views

Updated assimp packages fix security vulnerabilities

CVE-2025-2750,- A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. The manipulation leads to...

9.8CVSS5.9AI score0.00618EPSS
Exploits6References3
Mageia
Mageia
•added 2026/06/02 5:23 a.m.•13 views

Updated tar packages fix security vulnerability

A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fully attacker-controlled content. This bypasses pre-extraction inspection mechanisms, potentially allowing an attacker to introduce malicious files...

5.5CVSS5.7AI score0.0043EPSS
Exploits1References4
Mageia
Mageia
•added 2026/06/02 5:23 a.m.•14 views

Updated sdl2_sound packages fix security vulnerability

Updated packages fix CVE-2025-14369 in bundled drflac...

5.5CVSS6AI score0.00147EPSS
Exploits0References1
Mageia
Mageia
•added 2026/05/30 5:7 a.m.•22 views

Updated vim packages fix security vulnerabilities

Heap Buffer Overflow in spell file loading affects Vim 9.2.0450. CVE-2026-45130 Vimscript Code Injection in netrw NetrwMarkFile via crafted filename affects Vim 9.2.0480. CVE-2026-43961 Command Injection in tar.vim affects Vim 9.2.0479. CVE-2026-46483 Vimscript Code Injection in netrw...

7CVSS5.8AI score0.00552EPSS
Exploits1References11
Mageia
Mageia
•added 2026/05/30 5:7 a.m.•24 views

Updated perl-Template-Toolkit packages fix security vulnerability

Template::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected. CVE-2026-5090...

6.1CVSS5.8AI score0.00282EPSS
Exploits0References2
Mageia
Mageia
•added 2026/05/29 5:12 a.m.•25 views

Updated graphicsmagick packages fix a security vulnerability

The updated packages fix a security vulnerability: Stack buffer overflow in XTileImage. CVE-2026-42050...

5.5CVSS6AI score0.0013EPSS
Exploits0References2
Mageia
Mageia
•added 2026/05/29 5:12 a.m.•17 views

Updated thunderbird(-l10n) packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Incorrect boundary conditions in the Audio/Video: Web Codecs component. CVE-2026-8946 Incorrect boundary conditions in the JavaScript Engine: JIT component. CVE-2026-8388 Use-after-free in the DOM: Bindings WebIDL component. CVE-2026-8947 Other...

9.8CVSS5.9AI score0.00605EPSS
Exploits0References3
Mageia
Mageia
•added 2026/05/29 5:12 a.m.•19 views

Updated perl-HTTP-Daemon package fixes a security vulnerability

The updated package fixes a security vulnerability: HTTP::Daemon versions before 6.17 for Perl allow OS command injection via sendfile. CVE-2026-8450...

9.1CVSS5.8AI score0.01231EPSS
Exploits0References3
Mageia
Mageia
•added 2026/05/29 5:12 a.m.•16 views

Updated microcode package fixes security vulnerability

The updated package fixes a security vulnerability: A potential security vulnerability in some Intel® Processors may allow information disclosure. Intel is releasing microcode updates to mitigate this potential vulnerability. CVE-2025-35979...

6.8CVSS5.8AI score0.00096EPSS
Exploits0References3
Mageia
Mageia
•added 2026/05/29 5:12 a.m.•24 views

Updated bind packages fix security vulnerabilities

Updated bind package fixes security vulnerabilities: BIND 9 server memory exhaustion during GSS-API TKEY negotiation CVE-2026-3039 Amplification vulnerabilities via self-pointed glue records CVE-2026-3592 Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation CVE-2026-3593...

9.8CVSS5.8AI score0.01844EPSS
Exploits1References2
Mageia
Mageia
•added 2026/05/29 5:12 a.m.•23 views

Updated nspr, nss and firefox(-l10n) packages fix security issues

The updated packages fix security vulnerabilities: Incorrect boundary conditions in the Audio/Video: Web Codecs component. CVE-2026-8946 Incorrect boundary conditions in the JavaScript Engine: JIT component. CVE-2026-8388 Use-after-free in the DOM: Bindings WebIDL component. CVE-2026-8947 Other...

9.8CVSS5.9AI score0.00605EPSS
Exploits0References5
Mageia
Mageia
•added 2026/05/29 5:12 a.m.•18 views

Updated nginx package fixes a security vulnerability

The updated package fixes a security vulnerability: NGINX ngxhttprewritemodule vulnerability. CVE-2026-9256...

9.2CVSS5.8AI score0.04261EPSS
Exploits3References2
Mageia
Mageia
•added 2026/05/29 5:12 a.m.•15 views

Updated perl-IO-Compress package fixes security vulnerabilities

The updated package fixes security vulnerabilities: IO::Uncompress::Unzip versions before 2.215 for Perl propagate uncaught exception when parsing zip header with malformed DOS date. CVE-2025-15649 IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in...

7.8CVSS6.2AI score0.00373EPSS
Exploits3References5
Mageia
Mageia
•added 2026/05/29 5:12 a.m.•18 views

Updated perl-Catalyst-Plugin-Authentication package fixes a security vulnerability

The updated package fixes a security vulnerability: Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks. CVE-2026-5091...

5.1CVSS5.8AI score0.00196EPSS
Exploits0References3
Mageia
Mageia
•added 2026/05/26 1:55 a.m.•18 views

Updated perl-Imager packages fix security vulnerabilities

Imager versions through 1.030 for Perl allow a heap out of bounds OOB write on crafted multi-frame GIF files. CVE-2026-8669...

6.5CVSS5.8AI score0.00321EPSS
Exploits0References2
Mageia
Mageia
•added 2026/05/26 1:55 a.m.•21 views

Updated nginx packages fix security vulnerabilities

NGINX ngxquicmodule vulnerability. CVE-2026-40460 NGINX ngxhttpsslmodule vulnerability. CVE-2026-40701 NGINX ngxhttpproxyv2module vulnerability. CVE-2026-42926 NGINX ngxhttpcharsetmodule vulnerability. CVE-2026-42934 NGINX ngxhttprewritemodule vulnerability. CVE-2026-42945 NGINX ngxhttpscgimodule...

9.2CVSS6AI score0.61469EPSS
Exploits41References2
Mageia
Mageia
•added 2026/05/26 1:55 a.m.•19 views

Updated ffmpeg packages fix security vulnerabilities

An out-of-bounds read in the readglobalparam function libavcodec/av1dec.c of FFmpeg v8.0.1 allows attackers to cause a Denial of Service DoS via a crafted input. CVE-2026-30997 FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC Common Encryption subsample data to...

9.8CVSS5.9AI score0.00337EPSS
Exploits1References3
Mageia
Mageia
•added 2026/05/26 1:55 a.m.•14 views

Updated x11-server, x11-server-xwayland & tigervnc packages fix security vulnerabilities

XKB Integer Underflow in XkbSetCompatMap. CVE-2026-33999 XKB Out-of-bounds Read in CheckSetGeom. CVE-2026-34000 XSYNC Use-after-free in miSyncTriggerFence. CVE-2026-34001 XKB Out-of-bounds read in CheckModifierMap. CVE-2026-34002 XKB Buffer overflow in CheckKeyTypes. CVE-2026-34003...

9.1CVSS5.9AI score0.00489EPSS
Exploits0References4
Mageia
Mageia
•added 2026/05/19 5:1 p.m.•13 views

Updated bind packages fix security vulnerabilities

It was discovered that bind contained a vulnerability where a Malformed BRID/HHIT record can cause named to terminate unexpectedly CVE-2025-13878. If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-on...

7.5CVSS7.5AI score0.08219EPSS
Exploits0References5
Mageia
Mageia
•added 2026/05/19 2:46 a.m.•12 views

Updated perl-libwww-perl & perl-HTTP-Message packages fix security vulnerabilities

LWP::UserAgent versions before 6.83 for Perl leak Authorization and Proxy-Authorization headers on cross-origin redirects...

6.5CVSS5.8AI score0.00266EPSS
Exploits0References2
Mageia
Mageia
•added 2026/05/19 2:46 a.m.•27 views

Updated postgresql15 packages fix security vulnerabilities

PostgreSQL CREATE TYPE does not check multirange schema CREATE privilege. CVE-2026-6472 PostgreSQL server undersizes allocations, via integer wraparound. CVE-2026-6473 PostgreSQL timeofday can disclose portions of server memory. CVE-2026-6474 PostgreSQL pgbasebackup and pgrewind can overwrite...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References2
Mageia
Mageia
•added 2026/05/18 7:12 p.m.•14 views

Updated perl-WWW-Mechanize-Cached, perl-File-XDG & perl-Path-Tiny packages fix security vulnerabilities

WWW::Mechanize::Cached versions before 2.00 for Perl deserialize cached HTTP responses from a world-writable on-disk cache, enabling local response forgery and code execution...

5.3CVSS5.9AI score0.00127EPSS
Exploits0References3
Mageia
Mageia
•added 2026/05/18 7:12 p.m.•12 views

Updated perl-YAML-Syck package fixes security vulnerability

YAML::Syck versions before 1.38 for Perl have an out-of-bounds read...

7.3CVSS5.8AI score0.00333EPSS
Exploits0References3
Mageia
Mageia
•added 2026/05/18 7:12 p.m.•21 views

Updated rclone packages fix security vulnerabilities

This update bring new features, bugs and vulnerabilities fixed in rclone and golang components used to build it...

10CVSS7.1AI score0.9378EPSS
Exploits16References34
Mageia
Mageia
•added 2026/05/16 11:54 p.m.•20 views

Updated haproxy packages fix security vulnerability

The HTTP/3 parser does not check that the received body length matches a previously announced content-length when the stream is closed via a frame with an empty payload. This can cause desynchronization issues with the backend server and could be used for request smuggling. CVE-2026-33555...

5.8CVSS5.8AI score0.00297EPSS
Exploits1References2
Mageia
Mageia
•added 2026/05/16 5:45 p.m.•15 views

Updated firefox & thunderbird packages fix security vulnerabilities

LZ4 compression library issue. CVE-2025-62813 libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content. CVE-2026-32776 libexpat before 2.7.5 allows an infinite loop while parsing DTD content. CVE-2026-32777 libexpat before 2.7.5 allows a NULL pointer...

9.8CVSS7.1AI score0.00446EPSS
Exploits1References5
Mageia
Mageia
•added 2026/05/16 6:17 a.m.•16 views

Updated dpkg packages fix security vulnerabilities

It was discovered that dpkg-deb a component of dpkg, the Debian package management system does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service infinite loop spinning the CPU...

7.5CVSS5.8AI score0.00418EPSS
Exploits0References2
Mageia
Mageia
•added 2026/05/16 6:17 a.m.•14 views

Updated golang packages fix security vulnerabilities

We are moving to a supported branch as ver. 1.24 reaches EOL. This update comes with the security vulnerabilities fixed in the 1.25 branch. Please see the links for details...

9.8CVSS7.4AI score0.00728EPSS
Exploits0References2
Mageia
Mageia
•added 2026/05/16 12:52 a.m.•15 views

Updated samba packages fix security vulnerabilities

An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store. CVE-2018-14628 Command injection in wins server hook...

10CVSS6.8AI score0.40121EPSS
Exploits3References2
Mageia
Mageia
•added 2026/05/15 6:17 a.m.•12 views

Updated awstats packages fix security vulnerability

AWStats is vulnerable to Command Injection via the open function. CVE-2025-63261...

7.8CVSS5.8AI score0.01046EPSS
Exploits1References2
Mageia
Mageia
•added 2026/05/15 6:17 a.m.•10 views

Updated perl-HTTP-Tiny packages fix security vulnerability

HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. CVE-2026-7010...

6.5CVSS5.8AI score0.00227EPSS
Exploits0References3
Mageia
Mageia
•added 2026/05/15 6:17 a.m.•9 views

Updated libreoffice packages fix security vulnerability

Heap Buffer Overflow in AgileEngine. CVE-2026-4430...

7.8CVSS5.8AI score0.00078EPSS
Exploits0References3
Mageia
Mageia
•added 2026/05/15 6:17 a.m.•17 views

Updated tomcat packages fix security vulnerability

Unbounded read in WebDAV LOCK and PROPFIND handling. CVE-2026-41284 HTTP/2 request headers not validated. CVE-2026-41293 WebSocket authentication header exposure. CVE-2026-42498 Digest authenticator will authenticate any unknown user. CVE-2026-43512 LockOutRealm treats user names as case-sensitiv...

9.8CVSS5.8AI score0.01339EPSS
Exploits2References9
Total number of security vulnerabilities6009