Ragic, Inc. Security Vulnerabilities
libreoffice security fix update
[6.4.7.2-16.0.1] - Replace colors with Oracle colors [Orabug: 32120093] - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option to configure. [1:6.4.7.2-16] - Fix CVE-2023-6185 escape url passed to gstreamer - Fix CVE-2023-6186 check link target...
8.8CVSS
6.6AI Score
0.001EPSS
9.8CVSS
9.6AI Score
0.013EPSS
Ubuntu 20.04 LTS / 22.04 LTS : matio vulnerability (USN-6829-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6829-1 advisory. It was discovered that matio incorrectly handled certain malformed files. An attacker could possibly use this issue to cause a denial of service. ...
5.5CVSS
5.7AI Score
0.001EPSS
9.8CVSS
9.6AI Score
0.013EPSS
7.5CVSS
7.9AI Score
0.57EPSS
6.5CVSS
7.4AI Score
0.003EPSS
7.5CVSS
7.8AI Score
0.003EPSS
9.8CVSS
9AI Score
0.823EPSS
4.7CVSS
6.3AI Score
0.001EPSS
7.5CVSS
6.6AI Score
0.088EPSS
7.8CVSS
6.7AI Score
0.006EPSS
Dell Client BIOS Incorrect Authorization (DSA-2024-122)
Dell Client Platform contains an incorrect authorization vulnerability. An attacker with physical access to the system could potentially exploit this vulnerability by bypassing BIOS authorization to modify settings in the BIOS. Note that Nessus has not tested for this issue but has instead relied.....
6.8CVSS
6.7AI Score
0.0004EPSS
Debian DSA-4380-1 : golang-1.8 - security update
A vulnerability was discovered in the implementation of the P-521 and P-384 elliptic curves, which could result in denial of service and in some cases key recovery. In addition this update fixes two vulnerabilities in 'go get', which could result in the execution of arbitrary shell...
8.8CVSS
7.8AI Score
0.379EPSS
7.5CVSS
7.7AI Score
0.007EPSS
9.8CVSS
9.8AI Score
0.161EPSS
Debian DSA-4382-1 : rssh - security update
Nick Cleaton discovered two vulnerabilities in rssh, a restricted shell that allows users to perform only scp, sftp, cvs, svnserve (Subversion), rdist and/or rsync operations. Missing validation in the rsync support could result in the bypass of this restriction, allowing the execution of...
9.8CVSS
9.8AI Score
0.019EPSS
Debian DSA-4399-1 : ikiwiki - security update
Joey Hess discovered that the aggregate plugin of the Ikiwiki wiki compiler was susceptible to server-side request forgery, resulting in information disclosure or denial of...
7.5CVSS
7.4AI Score
0.003EPSS
Transient DOS due to reachable assertion in modem while processing sib with incorrect values from...
7.5CVSS
7.4AI Score
0.001EPSS
8.8CVSS
8.5AI Score
0.004EPSS
7.5CVSS
7.7AI Score
0.005EPSS
6.5CVSS
6.9AI Score
0.915EPSS
Ubuntu 18.10 : libsolv vulnerabilities (USN-3916-1)
It was discovered that libsolv incorrectly handled certain malformed input. If a user or automated system were tricked into opening a specially crafted file, applications that rely on libsolv could be made to crash, resulting in a denial of service. Note that Tenable Network Security has extracted....
6.5CVSS
6.9AI Score
0.005EPSS
Debian DLA-1656-1 : agg security update
A stack overflow vulnerability was discovered in AGG, the AntiGrain Geometry graphical toolkit, that may lead to code execution if a malformed file is processed. Since AGG only provides a static library, the desmume and exactimage packages were rebuilt against the latest security update. For...
8.8CVSS
9AI Score
0.003EPSS
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : snapd vulnerability (USN-4728-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 host has packages installed that are affected by a vulnerability as referenced in the USN-4728-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...
9.3CVSS
9.2AI Score
0.0004EPSS
5.9CVSS
7.1AI Score
0.946EPSS
9.1CVSS
8AI Score
0.013EPSS
7.5CVSS
7.7AI Score
0.784EPSS
9.8CVSS
8.8AI Score
0.014EPSS
9.8CVSS
7.2AI Score
0.01EPSS
9.8CVSS
7.2AI Score
0.01EPSS
9.8CVSS
8.5AI Score
0.02EPSS
Debian DSA-4379-1 : golang-1.7 - security update
A vulnerability was discovered in the implementation of the P-521 and P-384 elliptic curves, which could result in denial of service and in some cases key recovery. In addition this update fixes a vulnerability in 'go get', which could result in the execution of arbitrary shell...
8.8CVSS
8.5AI Score
0.379EPSS
9.8CVSS
9AI Score
0.003EPSS
7.5CVSS
6.8AI Score
0.955EPSS
9.8CVSS
9.8AI Score
0.008EPSS
Ubuntu 20.04 LTS : Git vulnerability (USN-6793-2)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6793-2 advisory. USN-6793-1 fixed vulnerabilities in Git. The CVE-2024-32002 was pending further investigation. This update fixes the problem. Original advisory details: It...
9CVSS
9.6AI Score
0.002EPSS
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : Ruby vulnerabilities (USN-6838-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6838-1 advisory. It was discovered that Ruby RDoc incorrectly parsed certain YAML files. If a user or automated system were tricked...
8.1AI Score
EPSS
Android App "TP-Link Tether" and "TP-Link Tapo" provided by TP-LINK GLOBAL INC. are vulnerable to improper server certificate verification (CWE-295). ## Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. ## Solution Update the application Update the....
6.8AI Score
0.0004EPSS
ghostscript-CVE-2023-43115 A small write-up with examples to...
8.8CVSS
6.5AI Score
0.002EPSS
7.8CVSS
6.8AI Score
0.032EPSS
8.8CVSS
8.8AI Score
0.379EPSS
7.8CVSS
6.8AI Score
0.032EPSS
9.8CVSS
8.9AI Score
0.028EPSS
Ubuntu 23.10 : Linux kernel (Azure) vulnerabilities (USN-6573-1)
The remote Ubuntu 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6573-1 advisory. A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num...
8.8CVSS
8.7AI Score
0.024EPSS
GLSA-202406-02 : Flatpak: Sandbox Escape
The remote host is affected by the vulnerability described in GLSA-202406-02 (Flatpak: Sandbox Escape) A vulnerability has been discovered in Flatpak. Please review the CVE identifier referenced below for details. Tenable has extracted the preceding description block directly from the Gentoo...
8.4CVSS
7.1AI Score
0.0004EPSS
Ubuntu 23.10 / 24.04 LTS : Rack vulnerabilities (USN-6837-1)
The remote Ubuntu 23.10 / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6837-1 advisory. It was discovered that Rack incorrectly handled Multipart MIME parsing. A remote attacker could possibly use this issue to cause Rack to...
7.5CVSS
7.7AI Score
0.001EPSS
KrebsOnSecurity Threatened with Defamation Lawsuit Over Fake Radaris CEO
On March 8, 2024, KrebsOnSecurity published a deep dive on the consumer data broker Radaris, showing how the original owners are two men in Massachusetts who operated multiple Russian language dating services and affiliate programs, in addition to a dizzying array of people-search websites. The...
6.8AI Score
Debian DSA-4375-1 : spice - security update
Christophe Fergeau discovered an out-of-bounds read vulnerability in spice, a SPICE protocol client and server library, which might result in denial of service (spice server crash), or possibly, execution of arbitrary...
7.5CVSS
7.8AI Score
0.003EPSS
Debian DSA-4372-1 : ghostscript - security update
Tavis Ormandy discovered a vulnerability in Ghostscript, the GPL PostScript/PDF interpreter, which may result in denial of service or the execution of arbitrary code if a malformed Postscript file is processed (despite the -dSAFER sandbox being...
7.8CVSS
8AI Score
0.017EPSS
9.8CVSS
8.9AI Score
0.028EPSS