Lucene search
K
MageiaRecent

6009 matches found

Mageia
Mageia
•added 2026/02/11 5:56 p.m.•13 views

Updated golang packages fix security vulnerabilities

net/http: memory exhaustion in Request.ParseForm. CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives. CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level. CVE-2025-61730 cmd/go: bypass of flag sanitization can lead to...

10CVSS6.5AI score0.01945EPSS
Exploits2References7
Mageia
Mageia
•added 2026/02/11 5:56 p.m.•15 views

Updated thunderbird packages fix security vulnerability

CSS-based exfiltration of the content from partially encrypted emails when allowing remote content. CVE-2026-0818...

4.3CVSS5.5AI score0.00159EPSS
Exploits0References3
Mageia
Mageia
•added 2026/02/11 5:56 p.m.•13 views

Updated xrdp packages fix security vulnerability

xrdp improperly checks bounds of domain string length, which leads to Stack-based Buffer Overflow. CVE-2025-68670...

9.8CVSS5.5AI score0.01318EPSS
Exploits0References2
Mageia
Mageia
•added 2026/02/09 7:56 p.m.•7 views

Updated fontforge packages fix security vulnerabilities

FontForge SFD File Parsing Use-After-Free Remote Code Execution Vulnerability. CVE-2025-15269 FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability. CVE-2025-15270 FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability...

8.8CVSS5.7AI score0.00581EPSS
Exploits0References3
Mageia
Mageia
•added 2026/02/09 7:56 p.m.•11 views

Updated nginx packages fix security vulnerability

MitM injection. CVE-2026-1642...

8.2CVSS5.5AI score0.00339EPSS
Exploits0References2
Mageia
Mageia
•added 2026/02/06 5:11 a.m.•32 views

Updated python-django packages fix security vulnerabilities

Username enumeration through timing difference in modwsgi authentication handler. CVE-2025-13473 Potential denial-of-service vulnerability via repeated headers when using ASGI. CVE-2025-14550 Potential SQL injection via raster lookups on PostGIS. CVE-2026-1207 Potential denial-of-service...

8.5CVSS5.6AI score0.09436EPSS
Exploits2References2
Mageia
Mageia
•added 2026/02/04 6:9 p.m.•10 views

Updated expat packages fix security vulnerabilities

In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data. CVE-2026-24515 In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...

7.8CVSS5.5AI score0.00193EPSS
Exploits0References2
Mageia
Mageia
•added 2026/02/02 7:16 p.m.•14 views

Updated docker-containerd packages fix security vulnerabilities

It was discovered that containerd incorrectly set certain directory path permissions. An attacker could possibly use this issue to achieve unauthorised access to the files. CVE-2024-25621 It was discovered that containerd did not properly handle the execution of the goroutine of container attach...

7.8CVSS7.6AI score0.00162EPSS
Exploits1References2
Mageia
Mageia
•added 2026/01/30 12:39 a.m.•9 views

Updated gpsd packages fix security vulnerabilities

gpsd before commit dc966aa contains a heap-based out-of-bounds write vulnerability in the drivers/drivernmea2000.c file. The hnd129540 function, which handles NMEA2000 PGN 129540 GNSS Satellites in View packets, fails to validate the user-supplied satellite count against the size of the skyview...

9.8CVSS6.1AI score0.00674EPSS
Exploits3References2
Mageia
Mageia
•added 2026/01/30 12:39 a.m.•11 views

Updated xen packages fix security vulnerabilities

x86: buffer overrun with shadow paging + tracing. CVE-2025-58150 x86: incomplete IBPB for vCPU isolation. CVE-2026-23553...

8.8CVSS6AI score0.00129EPSS
Exploits0References3
Mageia
Mageia
•added 2026/01/30 12:39 a.m.•15 views

Updated libxml2 packages fix security vulnerabilities

xmlcatalog xmlParseSGMLCatalog recursion. CVE-2025-8732 Unbounded relaxng include recursion leading to stack overflow. CVE-2026-0989 Denial of service via uncontrolled recursion in xml catalog processing. CVE-2026-0990 Denial of service via crafted xml catalogs. CVE-2026-0992...

5.9CVSS5.9AI score0.00755EPSS
Exploits4References2
Mageia
Mageia
•added 2026/01/30 12:39 a.m.•12 views

Updated openssl packages fix security vulnerabilities

Stack buffer overflow in CMS AuthEnvelopedData parsing. CVE-2025-15467 Heap out-of-bounds write in BIOflinebuffer on short writes. CVE-2025-68160 Unauthenticated/unencrypted trailing bytes with low-level OCB function calls. CVE-2025-69418 Out of bounds write in PKCS12getfriendlyname UTF-8...

9.8CVSS6.1AI score0.47621EPSS
Exploits7References4
Mageia
Mageia
•added 2026/01/29 7:22 p.m.•17 views

Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, and java-latest-openjdk packages fix security vulnerabilities

LIBPNG is vulnerable to a buffer overflow in pngimagereadcomposite via incorrect palette premultiplication. CVE-2025-64720 LIBPNG is vulnerable to a heap buffer overflow in pngcombinerow triggered via pngimagefinishread. CVE-2025-65018 Improve JMX connections. CVE-2026-21925 Improve HttpServer...

7.5CVSS6.1AI score0.00864EPSS
Exploits6References4
Mageia
Mageia
•added 2026/01/29 7:22 p.m.•8 views

Updated ceph packages fix security vulnerability

Updated ceph packages fix a security issue allowing an attacker to make Ceph accept any certificate...

5.9AI score0.00029EPSS
Exploits0References2
Mageia
Mageia
•added 2026/01/28 10:42 p.m.•57 views

Updated glib2.0 packages fix security vulnerabilities

Glib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid iso 8601 timestamp with gdatetimenewfromiso8601. CVE-2025-3360 Buffer under-read on glib through glib/gfileutils.c via gettmpfile. CVE-2025-7039 Integer overflow in gescapeuristring...

9.8CVSS7AI score0.00754EPSS
Exploits1References2
Mageia
Mageia
•added 2026/01/27 6:20 p.m.•10 views

Updated haproxy packages fix bugs

Haproxy has two major, a few medium and a few minor bugs fixed in the last upstream version 2.8.18 of branch 2.8. Fixed major bugs list: - quic: use ncbmbuf for CRYPTO handling - stream: Force channel analysis on successful synchronous send Fixed medium bugs list: - dns: bind the nameserver...

5.9AI score
Exploits0References2
Mageia
Mageia
•added 2026/01/27 6:20 p.m.•6 views

Updated python-pyasn1 packages fix security vulnerability

pyasn1 has a DoS vulnerability in decoder. CVE-2026-23490...

7.5CVSS5.9AI score0.00679EPSS
Exploits0References2
Mageia
Mageia
•added 2026/01/27 6:20 p.m.•10 views

Updated glibc packages fix security vulnerabilities

Integer overflow in memalign leads to heap corruption. CVE-2026-0861 getnetbyaddr and getnetbyaddrr leak stack contents to DNS resovler. CVE-2026-0915 wordexp with WRDEREUSE and WRDEAPPEND may return uninitialized memory. CVE-2025-15281...

8.4CVSS5.8AI score0.00564EPSS
Exploits1References4
Mageia
Mageia
•added 2026/01/27 6:20 p.m.•5 views

Updated iperf packages fix security vulnerabilities

In iperf before 3.19.1, iperfauth.c has an off-by-one error and resultant heap-based buffer overflow. CVE-2025-54349 In iperf before 3.19.1, iperfauth.c has a Base64Decode assertion failure and application exit upon a malformed authentication attempt. CVE-2025-54350...

10CVSS6.1AI score0.00398EPSS
Exploits0References2
Mageia
Mageia
•added 2026/01/26 8:3 p.m.•13 views

Updated kernel-linus packages fix security vulnerabilities

Vanilla upstream kernel version 6.6.120 fixes bugs and vulnerabilities. For information about the vulnerabilities see the links...

7.8CVSS6.1AI score0.00517EPSS
Exploits3References5
Mageia
Mageia
•added 2026/01/24 8:25 p.m.•9 views

Updated kernel, kmod-virtualbox & kmod-xtables-addons packages fix security vulnerabilities

Upstream kernel version 6.6.120 fixes bugs and vulnerabilities. The kmod-virtualbox & kmod-xtables-addons packages have been updated to work with this new kernel...

7.8CVSS5.5AI score0.00517EPSS
Exploits3References5
Mageia
Mageia
•added 2026/01/23 12:11 a.m.•8 views

Updated avahi packages fix security vulnerabilities

Avahi has a reachable assertion in avahiwideareascancache. CVE-2025-68276 Avahi has a reachable assertion in lookupmulticastcallback. CVE-2025-68468 Avahi has a reachable assertion in lookupstart. CVE-2025-68471...

6.5CVSS5.4AI score0.00353EPSS
Exploits1References3
Mageia
Mageia
•added 2026/01/23 12:11 a.m.•8 views

Updated harfbuzz packages fix security vulnerability

Null Pointer Dereference in SubtableUnicodesCache::create leading to DoS. CVE-2026-22693...

5.3CVSS5.5AI score0.00377EPSS
Exploits1References3
Mageia
Mageia
•added 2026/01/20 3:25 a.m.•8 views

Updated nss & firefox packages fix security vulnerabilities

Mitigation bypass in the DOM: Security component. CVE-2026-0877 Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. CVE-2026-0878 Sandbox escape due to incorrect boundary conditions in the Graphics component. CVE-2026-0879 Sandbox escape due to integer...

9.8CVSS5.6AI score0.0057EPSS
Exploits0References4
Mageia
Mageia
•added 2026/01/20 3:25 a.m.•9 views

Updated thunderbird packages fix security vulnerabilities

Mitigation bypass in the DOM: Security component. CVE-2026-0877 Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. CVE-2026-0878 Sandbox escape due to incorrect boundary conditions in the Graphics component. CVE-2026-0879 Sandbox escape due to integer...

9.8CVSS5.6AI score0.0057EPSS
Exploits0References3
Mageia
Mageia
•added 2026/01/17 2:48 a.m.•11 views

Updated python-urllib3 packages fix security vulnerabilities

urllib3 allows an unbounded number of links in the decompression chain. CVE-2025-66418 urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects streaming API. CVE-2026-21441...

8.9CVSS7AI score0.02667EPSS
Exploits0References3
Mageia
Mageia
•added 2026/01/17 2:48 a.m.•14 views

Updated libpng packages fix security vulnerabilities

LIBPNG has a heap buffer over-read in pngimagereaddirectscaled regression from CVE-2025-65018 fix. CVE-2026-22695 LIBPNG has an integer truncation causing heap buffer over-read in pngimagewrite. CVE-2026-22801...

7.8CVSS7.3AI score0.00172EPSS
Exploits1References2
Mageia
Mageia
•added 2026/01/17 2:48 a.m.•11 views

Updated nodejs packages fix security vulnerabilities

Node.js HTTP/2 server crashes with unhandled error when receiving malformed HEADERS frame. CVE-2025-59465 Uncatchable "Maximum call stack size exceeded" error on Node.js via asynchooks leads to process crashes bypassing error handlers. CVE-2025-59466 Bypass File System Permissions using crafted...

9.1CVSS6.9AI score0.03782EPSS
Exploits2References3
Mageia
Mageia
•added 2026/01/17 2:48 a.m.•14 views

Updated gimp packages fix security vulnerabilities

XWD File Parsing Integer Overflow Remote Code Execution Vulnerability. CVE-2025-2760 FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. CVE-2025-2761 Multiple heap buffer overflows in tga parser. CVE-2025-48797 Multiple use after free in xcf parser. CVE-2025-48798 XWD File...

7.8CVSS8.1AI score0.0715EPSS
Exploits1References5
Mageia
Mageia
•added 2026/01/14 5:31 p.m.•7 views

Updated net-snmp packages fix security vulnerability

Net-SNMP snmptrapd crash. CVE-2025-68615...

9.8CVSS7AI score0.4269EPSS
Exploits2References2
Mageia
Mageia
•added 2026/01/12 6:42 p.m.•12 views

Updated libtasn1 packages fix security vulnerability

Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1expendoctetstring. CVE-2025-13151...

7.5CVSS7.5AI score0.01109EPSS
Exploits0References2
Mageia
Mageia
•added 2026/01/11 1:7 a.m.•13 views

Updated zlib packages fix security vulnerability

zlib = 1.3.1.2 untgz Global Buffer Overflow in TGZfname. CVE-2026-22184...

8.6CVSS6.8AI score0.0035EPSS
Exploits0References2
Mageia
Mageia
•added 2026/01/10 5:7 a.m.•10 views

Updated wget2 packages fix security vulnerability

Arbitrary File Write via Metalink Path Traversal in GNU Wget2. CVE-2025-69194...

9.8CVSS7.1AI score0.00707EPSS
Exploits1References2
Mageia
Mageia
•added 2026/01/10 5:7 a.m.•8 views

Updated libpcap packages fix security vulnerability

OOBR and OOBW in pcapetheraton in libpcap. CVE-2025-11961...

1.9CVSS7AI score0.00098EPSS
Exploits0References2
Mageia
Mageia
•added 2026/01/10 5:7 a.m.•9 views

Updated curl packages fix security vulnerabilities

curl is susceptible to a number of low severity security vulnerabilities: CVE-2025-14524: bearer token leak on cross-protocol redirect CVE-2025-14819: OpenSSL partial chain store policy bypass CVE-2025-15079: libssh knownhosts file vulnerability CVE-2025-15224: libssh key passphrase bypass...

6.3CVSS6.8AI score0.00679EPSS
Exploits3References2
Mageia
Mageia
•added 2026/01/10 5:7 a.m.•7 views

Updated sodium packages fix security vulnerability

Libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to cryptocoreed25519isvalidpoint, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group. CVE-2025-69277...

4.5CVSS7AI score0.00166EPSS
Exploits0References2
Mageia
Mageia
•added 2026/01/02 9:20 p.m.•8 views

Updated cups packages fix bug & security vulnerabilities

cups has Authentication bypass with AuthType Negotiate. CVE-2025-58060 cups: Remote DoS via null dereference. CVE-2025-58364...

8CVSS7.1AI score0.01063EPSS
Exploits2References3
Mageia
Mageia
•added 2025/12/29 8:41 p.m.•8 views

Updated ceph packages fix security vulnerability

RGW DoS attack with empty HTTP header in S3 object copy. CVE-2024-47866...

7.5CVSS6.7AI score0.00399EPSS
Exploits1References3
Mageia
Mageia
•added 2025/12/29 8:41 p.m.•20 views

Updated ruby-rack packages fix security vulnerabilities

Unbounded-Parameter DoS in Rack::QueryParser. CVE-2025-46727 ReDoS Vulnerability in Rack::Multipart handlemimehead. CVE-2025-49007 Rack QueryParser has an unsafe default allowing paramslimit bypass via semicolon-separated parameters. CVE-2025-59830 Rack's unbounded multipart preamble buffering...

8.7CVSS6.9AI score0.00911EPSS
Exploits0References2
Mageia
Mageia
•added 2025/12/22 11:57 p.m.•8 views

Updated roundcubemail packages fix security vulnerabilities

Fix Cross-Site-Scripting vulnerability via SVG's animate tag reported by Valentin T., CrowdStrike. Fix Information Disclosure vulnerability in the HTML style sanitizer reported by somerandomdev...

7.5CVSS6.5AI score0.19769EPSS
Exploits1References2
Mageia
Mageia
•added 2025/12/21 4:11 a.m.•12 views

Updated php packages fix security vulnerabilities

Opcache: - Reset global pointers to prevent use-after-free in zendjitstatus. PDO: - Fixed PDO quoting result null deref. Standard: - Fixed Null byte termination in dnsgetrecord - Heap buffer overflow in arraymerge - Information Leak of Memory in getimagesize...

8.2CVSS7.5AI score0.00573EPSS
Exploits4References2
Mageia
Mageia
•added 2025/12/21 4:11 a.m.•7 views

Updated webkit2 packages fix security vulnerabilities

CVE-2025-43501 Processing maliciously crafted web content may lead to an unexpected process crash. Description: A buffer overflow issue was addressed with improved memory handling. VE-2025-43531Processing maliciously crafted web content may lead to an unexpected process crash. Description: A race...

4.3CVSS7.1AI score0.0077EPSS
Exploits0References3
Mageia
Mageia
•added 2025/12/15 8:6 p.m.•10 views

Updated ffmpeg packages fix security vulnerabilities

Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed...

7.9AI score
Exploits0References2
Mageia
Mageia
•added 2025/12/15 8:6 p.m.•9 views

Updated nspr, nss & firefox packages fix security vulnerabilities

Use-after-free in the WebRTC: Signaling component. CVE-2025-14321 Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. CVE-2025-14322 Privilege escalation in the DOM: Notifications component. CVE-2025-14323 JIT miscompilation in the JavaScript Engine: JIT...

9.8CVSS7.8AI score0.00517EPSS
Exploits2References9
Mageia
Mageia
•added 2025/12/15 8:6 p.m.•7 views

Updated thunderbird packages fix security vulnerabilities

Use-after-free in the WebRTC: Signaling component. CVE-2025-14321 Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. CVE-2025-14322 Privilege escalation in the DOM: Notifications component. CVE-2025-14323 IT miscompilation in the JavaScript Engine: JIT...

9.8CVSS7.8AI score0.00517EPSS
Exploits2References3
Mageia
Mageia
•added 2025/12/13 4:45 a.m.•7 views

Updated golang packages fix security vulnerabilities

Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509. CVE-2025-61727 Excessive resource consumption when printing error string for host certificate validation in crypto/x509. CVE-2025-61729...

7.5CVSS7AI score0.00459EPSS
Exploits2References2
Mageia
Mageia
•added 2025/12/09 7:12 p.m.•8 views

Updated python3 packages fix security vulnerabilities

Excessive read buffering DoS in http.client. CVE-2025-13836 Out-of-memory when loading Plist. CVE-2025-13837 Quadratic complexity in node ID cache clearing. CVE-2025-12084...

7.5CVSS6.8AI score0.01525EPSS
Exploits0References2
Mageia
Mageia
•added 2025/12/09 7:12 p.m.•9 views

Updated webkit2 packages fix security vulnerabilities

A website may be able to exfiltrate sensitive system information. Description: The issue was addressed through improved state checks - CVE-2025-13947. Processing maliciously crafted web content may lead to an unexpected process crash. Description: Multiple issues were addressed by disabling array...

8.8CVSS6.8AI score0.0059EPSS
Exploits0References3
Mageia
Mageia
•added 2025/12/08 6:36 p.m.•19 views

Updated apache packages fix security vulnerabilities

Apache HTTP Server: modmd ACME, unintended retry intervals. CVE-2025-55753 Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. CVE-2025-58098 Apache HTTP Server: CGI environment...

8.3CVSS7AI score0.01527EPSS
Exploits0References5
Mageia
Mageia
•added 2025/12/08 6:36 p.m.•8 views

Updated libpng packages fix security vulnerability

LIBPNG has an out-of-bounds read in pngimagereadcomposite. CVE-2025-66293...

7.1CVSS7AI score0.00299EPSS
Exploits2References2
Total number of security vulnerabilities6009