6.6AI Score
0.0004EPSS
[SECURITY] [DLA 3821-1] libreoffice security update
Debian LTS Advisory DLA-3821-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès May 26, 2024 https://wiki.debian.org/LTS Package : libreoffice Version : 1:6.1.5-3+deb10u12 CVE...
6.5AI Score
0.0004EPSS
6.6AI Score
0.0004EPSS
[2024.3-3] - Backport https://github.com/coreos/rpm-ostree/security/advisories/GHSA-2m76-cwhg-7wv6 Resolves: #RHEL-31852 [2024.3-2] - Backport https://github.com/coreos/rpm-ostree/security/advisories/GHSA-2m76-cwhg-7wv6 Resolves:...
6.2CVSS
7AI Score
0.0004EPSS
[slackware-security] mozilla-firefox
New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-firefox-115.12.0esr-i686-1_slack15.0.txz: Upgraded. This update contains security fixes and improvements. For...
7AI Score
0.0004EPSS
Important: booth security update
The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inputs to local Pacemaker cluster resource managers. It operates as a distributed consensus-based service, presumably on a separate physical network....
7.4CVSS
7.3AI Score
0.001EPSS
Important: booth security update
The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inputs to local Pacemaker cluster resource managers. It operates as a distributed consensus-based service, presumably on a separate physical network....
7.4CVSS
7.3AI Score
0.001EPSS
Important: booth security update
The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inputs to local Pacemaker cluster resource managers. It operates as a distributed consensus-based service, presumably on a separate physical network....
7.4CVSS
7.3AI Score
0.001EPSS
[2.34-100.0.1.2] - Forward-port Oracle patches for ol9-u4 Reviewed by: Jose E....
6.6AI Score
0.0005EPSS
[2.28-251.0.2.2] - Forward port of Oracle patches over 2.28-251.2 Reviewed-by: Jose E. Marchesi Oracle history: May-23-2024 Cupertino Miranda - 2.28-251.0.2.1 - Forward port of Oracle patches over 2.28-251.1 Reviewed-by: Jose E....
6.7AI Score
0.0004EPSS
[9.2.10-16] - Check OrdID is correct before deleting snapshot - fix CVE-2024-1313 - fix...
7.5CVSS
7.3AI Score
0.0005EPSS
[SECURITY] [DLA 3818-1] apache2 security update
Debian LTS Advisory DLA-3818-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès May 24, 2024 https://wiki.debian.org/LTS Package : apache2 Version : 2.4.59-1~deb10u1 CVE ID :...
7.5CVSS
7.9AI Score
0.01EPSS
Security Bulletin: IBM QRadar Suite software is vulnerable to cross-site scripting
Summary IBM QRadar Suite software is vulnerable to cross-site scripting in the Web UI. This has been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version. Vulnerability Details...
5.4CVSS
6.2AI Score
0.0004EPSS
[4.10.0-62.3] - bundled jinja2: fix CVE-2024-34064 Resolves: RHEL-36482 [4.10.0-62.2] - fence_eps: add fence_epsr2 for ePowerSwitch R2 and newer Resolves: RHEL-35273 [4.10.0-62.1] - ha-cloud-support: upgrade bundled pyroute2 libs to fix issue in gcp-vpc-move-route's stop-action Resolves:...
5.4CVSS
7.3AI Score
0.0004EPSS
6.5AI Score
0.945EPSS
[SECURITY] [DSA 5700-1] python-pymysql security update
Debian Security Advisory DSA-5700-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 29, 2024 https://www.debian.org/security/faq Package : python-pymysql CVE ID : CVE-2024-36039 An SQL...
7.2AI Score
0.0004EPSS
datadog/dd-trace is vulnerable to Security Bypass. The vulnerability is due to insufficient constraint on the ddtrace.request_init_hook by the open_basedir INI directive, which allows an attacker to bypass the open_basedir INI...
7AI Score
[SECURITY] [DLA 3820-1] bluez security update
Debian LTS Advisory DLA-3820-1 [email protected] https://www.debian.org/lts/security/ Arturo Borrero Gonzalez May 25, 2024 https://wiki.debian.org/LTS Package : bluez Version : 5.50-1.2~deb10u5 CVE ID :...
7.1CVSS
6.9AI Score
0.001EPSS
[3.6.8-62.0.1] - Add Oracle Linux distribution in platform.py [Orabug: 20812544] [3.6.8-62] - Security fix for CVE-2024-0450 Resolves: RHEL-33683 [3.6.8-61] - Security fix for CVE-2023-6597 Resolves: RHEL-33671 [3.6.8-60] - Fix build with expat with fixed CVE-2023-52425 Related:...
7.8CVSS
7.1AI Score
0.0005EPSS
[1.18.2-27.0.1] - Fixed race condition in krb5_set_password() [Orabug: 33609767] [1.18.2-27] - Fix memory leak in GSSAPI interface Resolves: RHEL-27250 - Fix memory leak in PMAP RPC interface Resolves: RHEL-27244 - Make TCP waiting time configurable Resolves:...
6.5AI Score
0.0004EPSS
[SECURITY] [DLA 3819-1] fossil security update
Debian LTS Advisory DLA-3819-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès May 25, 2024 https://wiki.debian.org/LTS Package : fossil Version : 1:2.8-1+deb10u1 CVE ID :...
6.5AI Score
0.0004EPSS
[2.9.4-3.0.1] - Restore default debug level for sss_cache [Orabug: 32810448] [2.9.4-3] - Resolves: RHEL-27205 - Race condition during authorization leads to GPO policies functioning...
7.1CVSS
6.9AI Score
0.0004EPSS
Moderate: cockpit security update
Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fix(es): cockpit: command injection when deleting a sosreport with a...
7.3CVSS
7.5AI Score
0.0004EPSS
Security Bulletin: IBM Security Verify Governance - Identity Manager has multiple vulnerabilities
Summary Multiple security vulnerabilities have been addressed in updates to IBM Security Verify Governance - Identity Manager software component and IBM Security Verify Governance - Identity Manager virtual appliance component. Vulnerability Details ** CVEID: CVE-2023-26119 DESCRIPTION:...
9.8CVSS
10AI Score
0.164EPSS
[2.28-251.0.2.1] - Forward port of Oracle patches over 2.28-251.1 Reviewed-by: Jose E....
7AI Score
0.0005EPSS
A vulnerability was found in PHPGurukul Online Security Guards Hiring System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file search-request.php. The manipulation of the argument searchdata with the input ">alert(document.domain) leads to cross....
6.1CVSS
5.8AI Score
0.005EPSS
Naom Moshe discovered that Flask-Security incorrectly validated URLs. An attacker could use this issue to redirect users to arbitrary...
6.1CVSS
6.8AI Score
0.001EPSS
When running in prototype mode, the h2 webconsole module (accessible from the Prototype menu) is automatically made available with the ability to directly query the database. It was felt that it is safer to require the developer to explicitly enable this capability. As of 2.0.0-M8, this can now be....
5.3CVSS
5.3AI Score
0.001EPSS
[SECURITY] [DSA 5699-1] redmine security update
Debian Security Advisory DSA-5699-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 24, 2024 https://www.debian.org/security/faq Package : redmine CVE ID : CVE-2023-47258 CVE-2023-47259...
6.1CVSS
6.6AI Score
0.0005EPSS
[SECURITY] [DSA 5697-1] chromium security update
Debian Security Advisory DSA-5697-1 [email protected] https://www.debian.org/security/ Andres Salomon May 24, 2024 https://www.debian.org/security/faq Package : chromium CVE ID : CVE-2024-5274 A security issue...
8.8CVSS
6.7AI Score
0.003EPSS
Security exception in com.github.javaparser.CommentsInserter.insertComments
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69451 Crash type: Security exception Crash state: com.github.javaparser.CommentsInserter.insertComments java.base/java.util.Objects.equals...
7.1AI Score
7.2AI Score
0.0004EPSS
Moderate: cockpit security update
Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fix(es): cockpit: command injection when deleting a sosreport with a...
7.3CVSS
7.4AI Score
0.0004EPSS
6.4AI Score
0.0004EPSS
[SECURITY] [DSA 5702-1] gst-plugins-base1.0 security update
Debian Security Advisory DSA-5702-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 01, 2024 https://www.debian.org/security/faq Package : gst-plugins-base1.0 CVE ID : CVE-2024-4453 An...
7.8CVSS
7.4AI Score
0.0004EPSS
[SECURITY] [DLA 3824-1] gst-plugins-base1.0 security update
Debian LTS Advisory DLA-3824-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk May 30, 2024 https://wiki.debian.org/LTS Package : gst-plugins-base1.0 Version : 1.14.4-2+deb10u3 CVE...
7.8CVSS
6.7AI Score
0.0004EPSS
Moderate: libxml2 security update
The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): libxml2: use-after-free in XMLReader (CVE-2024-25062) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related...
7.5CVSS
8.7AI Score
0.0005EPSS
Moderate: libxml2 security update
The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): libxml2: use-after-free in XMLReader (CVE-2024-25062) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related...
7.5CVSS
7.8AI Score
0.0005EPSS
@workos-inc/authkit-nextjs vulnerable to Session Fixation. This vulnerability is due to the improper handling of expired sessions within session.ts. This allowing an attacker to reuse an expired session by controlling the x-workos-session...
4.8CVSS
6.8AI Score
0.0004EPSS
[SECURITY] [DLA 3822-1] python-pymysql security update
Debian LTS Advisory DLA-3822-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb May 27, 2024 https://wiki.debian.org/LTS Package : python-pymysql Version : 0.9.3-1+deb10u1 CVE...
7.7AI Score
0.0004EPSS
7.1CVSS
6.7AI Score
0.001EPSS
[7.2.0-11.el9] - vfio/migration: Add a note about migration rate limiting (Avihai Horon) [Orabug: 36329758] - vfio/migration: Refactor vfio_save_state() return value (Avihai Horon) [Orabug: 36329758] - migration: Don't serialize devices in qemu_savevm_state_iterate() (Avihai Horon) [Orabug:...
8.2CVSS
7AI Score
0.001EPSS
Security exception in com.github.javaparser.CommentsInserter.insertComments
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69307 Crash type: Security exception Crash state: com.github.javaparser.CommentsInserter.insertComments java.base/java.util.Objects.equals...
7.1AI Score
Security Bulletin: Updating Java in Identity Insight 10.0.0.0 for security update
Summary Identity Insight customers are advised to update OpenJDK 17 to version 17.0.11.0 for the security update in Java. Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section Affected Products and Versions Affected Product(s) | Version(s) ---|--- IBM...
7.5CVSS
6.8AI Score
EPSS
[SECURITY] [DSA 5695-1] webkit2gtk security update
Debian Security Advisory DSA-5695-1 [email protected] https://www.debian.org/security/ Alberto Garcia May 22, 2024 https://www.debian.org/security/faq Package : webkit2gtk CVE ID : CVE-2024-27834 The following...
7.1AI Score
0.0005EPSS
[SECURITY] [DSA 5696-1] chromium security update
Debian Security Advisory DSA-5696-1 [email protected] https://www.debian.org/security/ Andres Salomon May 22, 2024 https://www.debian.org/security/faq Package : chromium CVE ID : CVE-2024-5157 CVE-2024-5158...
7.7AI Score
0.0004EPSS
DedeCMS 5.7 allows remote attackers to discover the full path via a direct request for include/downmix.inc.php or...
7.5CVSS
7.5AI Score
0.024EPSS
Security exception in com.github.javaparser.ast.validator.TreeVisitorValidator.accept
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66357 Crash type: Security exception Crash state: com.github.javaparser.ast.validator.TreeVisitorValidator.accept com.github.javaparser.ast.expr.FieldAccessExpr.getMetaModel...
7.1AI Score
Security exception in com.github.javaparser.CommentsInserter.insertComments
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67850 Crash type: Security exception Crash state: com.github.javaparser.CommentsInserter.insertComments java.base/java.util.Objects.equals...
7.1AI Score
Security exception in com.github.javaparser.ast.validator.TreeVisitorValidator.accept
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67558 Crash type: Security exception Crash state: com.github.javaparser.ast.validator.TreeVisitorValidator.accept com.github.javaparser.ast.expr.FieldAccessExpr.getMetaModel...
7.1AI Score