Lucene search
K
MageiaRecent

6009 matches found

Mageia
Mageia
•added 2026/04/06 5:35 p.m.•8 views

Updated vim packages fix security vulnerabilities

Vim modeline bypass via various options affects Vim 9.2.0276. CVE-2026-34982 Path traversal issue with zip.vim in Vim v9.2.0280. CVE-2026-35177...

8.2CVSS6AI score0.0047EPSS
Exploits0References6
Mageia
Mageia
•added 2026/04/06 5:35 p.m.•7 views

Updated xz packages fix security vulnerability

Buffer overflow in lzmaindexappend. CVE-2026-34743...

6.3CVSS5.9AI score0.00351EPSS
Exploits0References3
Mageia
Mageia
•added 2026/04/06 5:35 p.m.•7 views

Updated freerdp packages fix security vulnerabilities

FreeRDP has a heap-buffer-overflow in audinprocessformats. CVE-2026-22852 FreeRDP has a heap-buffer-overflow in driveprocessirpread. CVE-2026-22854 FreeRDP has a heap-buffer-overflow in smartcardunpacksetattribcall. CVE-2026-22855 FreeRDP has a heap-use-after-free in createirpthread. CVE-2026-228...

9.8CVSS5.9AI score0.00756EPSS
Exploits14References5
Mageia
Mageia
•added 2026/04/06 5:35 p.m.•14 views

Updated python-nltk packages fix security vulnerability

nltk Vulnerable to Cross-site Scripting. CVE-2026-33230...

6.1CVSS5.9AI score0.00331EPSS
Exploits1References2
Mageia
Mageia
•added 2026/04/06 5:35 p.m.•6 views

Updated polkit-122 packages fix security vulnerability

Denial of service via unbounded input processing through standard input. CVE-2026-4897...

5.5CVSS5.9AI score0.00131EPSS
Exploits0References2
Mageia
Mageia
•added 2026/04/06 5:35 p.m.•5 views

Updated python-pyasn1 packages fix security vulnerability

pyasn1 Vulnerable to Denial of Service via Unbounded Recursion. CVE-2026-30922...

7.5CVSS6.8AI score0.0058EPSS
Exploits1References4
Mageia
Mageia
•added 2026/04/02 4:48 p.m.•11 views

Updated nss & firefox packages fix security vulnerabilities

Denial-of-service in the XML component. CVE-2025-59375 Race condition, use-after-free in the Graphics: WebRender component. CVE-2026-4684 Incorrect boundary conditions in the Graphics: Canvas2D component. CVE-2026-4685 Incorrect boundary conditions in the Graphics: Canvas2D component. CVE-2026-46...

10CVSS6.5AI score0.01279EPSS
Exploits1References4
Mageia
Mageia
•added 2026/04/02 4:48 p.m.•8 views

Updated thunderbird packages fix security vulnerabilities

Denial-of-service in the XML component. CVE-2025-59375 Spoofing issue in Thunderbird. CVE-2026-3889 Race condition, use-after-free in the Graphics: WebRender component. CVE-2026-4684 Incorrect boundary conditions in the Graphics: Canvas2D component. CVE-2026-4685 Incorrect boundary conditions in...

10CVSS6.5AI score0.01279EPSS
Exploits1References3
Mageia
Mageia
•added 2026/03/31 11:5 p.m.•11 views

Updated ruby-rack packages fix security vulnerabilities

Rack has a Directory Traversal via Rack:Directory. CVE-2026-22860 Rack's Stored XSS in Rack::Directory via javascript: filenames rendered into anchor href. CVE-2026-25500...

7.5CVSS6.7AI score0.00665EPSS
Exploits2References2
Mageia
Mageia
•added 2026/03/31 11:5 p.m.•7 views

Updated python-ply packages fix security vulnerability

Unsafe pickle file handling in Ply. CVE-2025-56005...

9.8CVSS7.3AI score0.16903EPSS
Exploits3References2
Mageia
Mageia
•added 2026/03/31 11:5 p.m.•6 views

Updated python-openssl packages fix security vulnerabilities

pyOpenSSL allows TLS connection bypass via unhandled callback exception in settlsextservernamecallback. CVE-2026-27448 pyOpenSSL DTLS cookie callback buffer overflow. CVE-2026-27459...

9.8CVSS6.1AI score0.00704EPSS
Exploits0References5
Mageia
Mageia
•added 2026/03/31 11:5 p.m.•11 views

Updated zlib packages fix security vulnerability

zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no termination condition. CVE-2026-27171...

5.5CVSS5.8AI score0.00204EPSS
Exploits1References4
Mageia
Mageia
•added 2026/03/31 11:5 p.m.•7 views

Updated vim packages fix security vulnerability

Vim tabpanel modeline escape affects Vim 9.2.0272...

9.2CVSS5.8AI score0.00588EPSS
Exploits0References3
Mageia
Mageia
•added 2026/03/31 11:5 p.m.•7 views

Updated freeipmi packages fix security vulnerability

ipmi-oem in FreeIPMI before 1.16.17 has exploitable buffer overflows on response messages. CVE-2026-33554...

7.5CVSS6AI score0.00403EPSS
Exploits0References2
Mageia
Mageia
•added 2026/03/29 12:55 a.m.•10 views

Updated strongswan packages fix security vulnerability

strongSwan 4.5.0 6.0.5 EAP-TTLS AVP Parsing Integer Underflow. CVE-2026-25075...

8.7CVSS5.8AI score0.01013EPSS
Exploits2References4
Mageia
Mageia
•added 2026/03/29 12:55 a.m.•11 views

Updated python-ujson packages fix security vulnerabilities

CVE-2026-32874 ujson 5.4.0 to 5.11.0 inclusive contains an accumulating memory leak in JSON parsing large outside of the range -2^63, 2^64 - 1 integers. ujson 5.4.0 to 5.11.0 has an integer overflow while handling a large indent which leads to a buffer overflow or infinite loop...

7.5CVSS6.1AI score0.00479EPSS
Exploits1References3
Mageia
Mageia
•added 2026/03/28 7:26 a.m.•7 views

Updated libpng packages fix security vulnerabilities

Use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE. CVE-2026-33416 Out-of-bounds read/write in the palette expansion on ARM Neon. CVE-2026-33636...

7.6CVSS5.9AI score0.01052EPSS
Exploits1References2
Mageia
Mageia
•added 2026/03/28 7:26 a.m.•8 views

Updated nodejs packages fix security vulnerabilities

Incomplete fix for CVE-2026-21637: loadSNI in tlswrap.js lacks try/catch leading to Remote DoS. CVE-2026-21637 Denial of Service via proto header name in req.headersDistinct Uncaught TypeError crashes Node.js process. CVE-2026-21710 Timing side-channel in HMAC verification via memcmp in...

7.5CVSS6.7AI score0.26356EPSS
Exploits0References2
Mageia
Mageia
•added 2026/03/27 10:54 p.m.•8 views

Updated cmake packages fix security vulnerability

cmake cmForEachCommand.cxx ReplayItems assertion. CVE-2025-9301...

4.8CVSS5.8AI score0.00135EPSS
Exploits0References2
Mageia
Mageia
•added 2026/03/25 5:31 p.m.•6 views

Updated xen packages fix security vulnerability

Use after free of paging structures in EPT. CVE-2026-23554...

7.8CVSS5.8AI score0.00128EPSS
Exploits0References2
Mageia
Mageia
•added 2026/03/25 5:31 p.m.•5 views

Updated graphicsmagick packages fix security vulnerabilities

GraphicsMagick has a stack write buffer overflow in MNG encoder. CVE-2026-28690 GraphicsMagick has a Heap Overflow when writing extremely large image profile in the PNG encoder. CVE-2026-30883...

7.8CVSS6AI score0.00123EPSS
Exploits0References2
Mageia
Mageia
•added 2026/03/24 5:53 p.m.•8 views

Updated perl-XML-Parser packages fix security vulnerabilities

XML::Parser versions through 2.47 for Perl could overflow the pre-allocated buffer size causing a heap corruption double free or corruption and crashes. CVE-2006-10002 XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in stserialstack. CVE-2006-10003...

9.8CVSS6AI score0.00604EPSS
Exploits0References3
Mageia
Mageia
•added 2026/03/24 5:53 p.m.•15 views

Updated roundcubemail packages fix security vulnerabilities

Fix pre-auth arbitrary file write via unsafe deserialization in redis/memcache session handler, reported by y0us. Fix bug where a password could get changed without providing the old password, reported by flydragon777. Fix IMAP Injection + CSRF bypass in mail search, reported by Martila Security...

4.7CVSS6AI score0.00629EPSS
Exploits2References2
Mageia
Mageia
•added 2026/03/24 5:53 p.m.•8 views

Updated webkit2 packages fix security vulnerabilities

CVE-2025-43457 Processing maliciously crafted web content may lead to an unexpected Safari crash. A use-after-free issue was addressed with improved memory management. CVE-2026-20608 Processing maliciously crafted web content may lead to an unexpected process crash. This issue was addressed throu...

8.8CVSS5.8AI score0.00608EPSS
Exploits0References3
Mageia
Mageia
•added 2026/03/24 5:53 p.m.•7 views

Updated vim packages fix security vulnerabilities

Command injection via newline in glob affects Vim 9.2.0202. CVE-2026-33412...

7.3CVSS5.8AI score0.00834EPSS
Exploits0References3
Mageia
Mageia
•added 2026/03/24 5:53 p.m.•7 views

Updated trilead-ssh2 packages fix security vulnerabilities

CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity aka Terrapin Attack...

5.9CVSS6.9AI score0.93305EPSS
Exploits4References1
Mageia
Mageia
•added 2026/03/20 9:17 p.m.•12 views

Updated expat packages fix security vulnerabilities

libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content. CVE-2026-32776 libexpat before 2.7.5 allows an infinite loop while parsing DTD content. CVE-2026-32777 libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry...

5.5CVSS5.8AI score0.00216EPSS
Exploits1References2
Mageia
Mageia
•added 2026/03/19 6:4 p.m.•10 views

Updated perl-YAML-Syck packages fix security vulnerabilities

YAML::Syck versions through 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter. CVE-2026-4177...

9.1CVSS6AI score0.00429EPSS
Exploits0References2
Mageia
Mageia
•added 2026/03/19 6:4 p.m.•6 views

Updated graphicsmagick & imagemagick packages fix security vulnerabilities

Division-by-Zero in YUV sampling factor validation leads to crash. CVE-2026-25799...

7.5CVSS5.7AI score0.00385EPSS
Exploits0References3
Mageia
Mageia
•added 2026/03/19 6:4 p.m.•8 views

Updated openssh packages fix security vulnerabilities

ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. CVE-2025-61984...

3.6CVSS6.6AI score0.00211EPSS
Exploits2References2
Mageia
Mageia
•added 2026/03/14 12:33 a.m.•9 views

Updated vim packages fix security vulnerability

NFA regex engine NULL pointer dereference affects Vim 9.2.0137. CVE-2026-32249...

5.5CVSS5.8AI score0.00133EPSS
Exploits0References3
Mageia
Mageia
•added 2026/03/14 12:33 a.m.•8 views

Updated tomcat packages fix security vulnerabilities

Client certificate verification bypass due to virtual host mapping. CVE-2025-66614 Security constraint bypass with HTTP/0.9. CVE-2026-24733 OCSP revocation bypass. CVE-2026-24734...

9.1CVSS7.6AI score0.00498EPSS
Exploits0References2
Mageia
Mageia
•added 2026/03/14 12:33 a.m.•11 views

Updated python-nltk packages fix security vulnerability

Path Traversal in nltk/nltk. CVE-2026-0847...

8.6CVSS7.3AI score0.00924EPSS
Exploits3References2
Mageia
Mageia
•added 2026/03/10 4:47 p.m.•8 views

Updated yt-dlp packages fix security vulnerability

When yt-dlp's --netrc-cmd command-line option or netrccmd Python API parameter is used, an attacker could achieve arbitrary command injection on the user's system with a maliciously crafted URL...

8.8CVSS5.9AI score0.01596EPSS
Exploits2References3
Mageia
Mageia
•added 2026/03/09 7:19 p.m.•15 views

Updated thunderbird packages fix security vulnerabilities

Incorrect boundary conditions in the WebRTC: Audio/Video component. CVE-2026-2757 Use-after-free in the JavaScript: GC component. CVE-2026-2758 Incorrect boundary conditions in the Graphics: ImageLib component. CVE-2026-2759 Sandbox escape due to incorrect boundary conditions in the Graphics:...

10CVSS5.8AI score0.00604EPSS
Exploits0References3
Mageia
Mageia
•added 2026/03/09 5:48 p.m.•15 views

Updated coturn packages fix security vulnerability

IPv4-mapped IPv6 ::ffff:0:0/96 bypasses denied-peer-ip ACL. CVE-2026-27624...

7.2CVSS5.8AI score0.00254EPSS
Exploits1References2
Mageia
Mageia
•added 2026/03/09 5:48 p.m.•10 views

Updated rootcerts, nss & firefox packages fix security vulnerabilities

Incorrect boundary conditions in the WebRTC: Audio/Video component. CVE-2026-2757 Use-after-free in the JavaScript: GC component. CVE-2026-2758 Incorrect boundary conditions in the Graphics: ImageLib component. CVE-2026-2759 Sandbox escape due to incorrect boundary conditions in the Graphics:...

10CVSS5.8AI score0.00604EPSS
Exploits0References4
Mageia
Mageia
•added 2026/03/06 3:1 a.m.•10 views

Updated python-django packages fix security vulnerability

Potential incorrect permissions on newly created file system objects. CVE-2026-25674...

3.7CVSS5.9AI score0.00341EPSS
Exploits0References2
Mageia
Mageia
•added 2026/03/06 3:1 a.m.•7 views

Updated rsync packages fix security vulnerability

Out of bounds array access via negative index. CVE-2025-10158...

4.3CVSS5.9AI score0.00289EPSS
Exploits0References2
Mageia
Mageia
•added 2026/03/06 3:1 a.m.•9 views

Updated vim packages fix security vulnerabilities

OS Command Injection in netrw affects Vim 9.2.0073. CVE-2026-28417 Heap-based Buffer Overflow in Emacs tags parsing affects Vim 9.2.0074. CVE-2026-28418 Heap-based Buffer Underflow in Emacs tags parsing affects Vim 9.2.0075. CVE-2026-28419 Heap-based Buffer Overflow and OOB Read in :terminal...

7.8CVSS5.9AI score0.01162EPSS
Exploits0References7
Mageia
Mageia
•added 2026/02/23 4:45 p.m.•14 views

Updated gegl packages fix security vulnerabilities

ZDI-CAN-28618: New Vulnerability Report at rgbe.c. CVE-2026-2049 ZDI-CAN-28266: New Vulnerability Report at rgbe.c. CVE-2026-2050...

7.8CVSS5.4AI score0.00615EPSS
Exploits0References2
Mageia
Mageia
•added 2026/02/22 12:53 a.m.•14 views

Updated freerdp packages fix security vulnerabilities

FreeRDP has heap-buffer-overflow in planardecompressplanerle. CVE-2026-23530 FreeRDP has heap-buffer-overflow in cleardecompress. CVE-2026-23531 FreeRDP has heap-buffer-overflow in gdiSurfaceToSurface. CVE-2026-23532 FreeRDP has heap-buffer-overflow in cleardecompressresidualdata. CVE-2026-23533...

9.8CVSS5.5AI score0.00628EPSS
Exploits5References6
Mageia
Mageia
•added 2026/02/20 5:27 p.m.•8 views

Updated gnutls packages fix security vulnerability

Denial of service via excessive resource consumption during certificate verification. CVE-2025-14831...

5.3CVSS5.5AI score0.00638EPSS
Exploits1References3
Mageia
Mageia
•added 2026/02/20 5:27 p.m.•8 views

Updated libvpx packages fix security vulnerability

Heap buffer overflow in libvpx. CVE-2026-2447...

8.8CVSS5.8AI score0.006EPSS
Exploits0References3
Mageia
Mageia
•added 2026/02/18 4:17 p.m.•11 views

Updated vim packages fix security vulnerability

Vim has a Netbeans specialKeys Stack Buffer Overflow. CVE-2026-26269...

7.5CVSS5.5AI score0.00284EPSS
Exploits0References2
Mageia
Mageia
•added 2026/02/18 4:17 p.m.•8 views

Updated microcode packages fix security vulnerabilities

The updated package updates AMD CPUs microcodes and fixes security vulnerabilities in Intel CPUs microcodes: Incorrect behavior order in transition between executive monitor and SMI transfer monitor STM in some IntelR Processor may allow a privileged user to potentially enable escalation of...

7.3CVSS5.5AI score0.00232EPSS
Exploits0References2
Mageia
Mageia
•added 2026/02/17 5:47 p.m.•16 views

Updated postgresql15 packages fix security vulnerabilities

PostgreSQL oidvector discloses a few bytes of memory. CVE-2026-2003 PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code. CVE-2026-2004 PostgreSQL pgcrypto heap buffer overflow executes arbitrary code. CVE-2026-2005 PostgreSQL missing validation...

8.8CVSS6.1AI score0.01208EPSS
Exploits3References2
Mageia
Mageia
•added 2026/02/16 4:36 p.m.•8 views

Updated usbmuxd packages fix security vulnerability

Local privilege escalation in usbmuxd from arbitrary local user to usbmux. CVE-2025-66004...

5.7CVSS5.7AI score0.00132EPSS
Exploits1References2
Mageia
Mageia
•added 2026/02/16 4:36 p.m.•13 views

Updated dcmtk packages fix security vulnerabilities

OFFIS DCMTK dcmdata dcbytstr.cc makeDicomByteString memory corruption. CVE-2025-14607 OFFIS DCMTK dcmqrscp dcmqrdbi.cc startMoveRequest null pointer dereference. CVE-2025-14841...

6.5CVSS5.4AI score0.00233EPSS
Exploits0References2
Mageia
Mageia
•added 2026/02/12 5:54 a.m.•10 views

Updated libpng packages fix security vulnerability

Heap buffer overflow in pngsetquantize when called with no histogram and a palette larger than twice the requested maximum number of colors. CVE-2026-25646...

8.3CVSS5.8AI score0.00955EPSS
Exploits1References2
Total number of security vulnerabilities6009