Dream Security Co.,Ltd Security Vulnerabilities
[3.9.18-3.1] - Security fixes for CVE-2023-6597 and CVE-2024-0450 - Fix tests for XMLPullParser with Expat with fixed CVE Resolves: RHEL-33887,...
7.8CVSS
7.8AI Score
0.0005EPSS
8.4CVSS
8.6AI Score
0.0004EPSS
A vulnerability classified as problematic was found in WEKA INTEREST Security Scanner up to 1.8. Affected by this vulnerability is the Stresstest Configuration Handler. A manipulation leads to a local denial of service. The exploit has been disclosed to the public and may be used. NOTE: This...
5.5CVSS
5.3AI Score
0.0004EPSS
6.7AI Score
0.0004EPSS
5.9CVSS
7.2AI Score
0.002EPSS
[SECURITY] [DSA 5707-1] vlc security update
Debian Security Advisory DSA-5707-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 11, 2024 https://www.debian.org/security/faq Package : vlc CVE ID : not yet available A buffer overflow...
7.3AI Score
5.3CVSS
7.2AI Score
0.001EPSS
A vulnerability has been found in WEKA INTEREST Security Scanner up to 1.8 and classified as problematic. This vulnerability affects unknown code of the component Portscan. The manipulation with an unknown input leads to denial of service. The attack can be initiated remotely. The exploit has been....
7.5CVSS
7.5AI Score
0.008EPSS
IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure calls that could allow an attacker on the network to take control of the server. IBM X-Force ID: ...
9.8CVSS
9AI Score
0.001EPSS
Summary Several vulnerabilities were fixed in the IBM Security Verify Directory Suite. Vulnerability Details ** CVEID: CVE-2022-32753 DESCRIPTION: **IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive...
7.5CVSS
6.3AI Score
0.001EPSS
[2.17-326.0.6.3] - Forward-port Oracle patches to 2.17-326.3 Reviewed-by: Jose E. Marchesi Oracle history: April-28-2023 Cupertino Miranda - 2.17-326.0.6 - OraBug 35338741 Glibc tunable to disable huge pages on pthread_create stacks Reviewed-by: Jose E. Marchesi February-22-2023...
7.7AI Score
0.0005EPSS
8.8CVSS
6.7AI Score
0.0004EPSS
6.6AI Score
0.0004EPSS
8.8CVSS
6.8AI Score
0.001EPSS
7.2AI Score
0.0004EPSS
Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have....
4.7CVSS
5.5AI Score
0.001EPSS
[115.12.0-1.0.1] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [115.12.0-1] - Update to 115.12.0...
6.7AI Score
0.0004EPSS
8.1CVSS
7.2AI Score
0.0004EPSS
An update is available for nghttp2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libnghttp2 is a library implementing the Hypertext Transfer Protocol version....
5.3CVSS
7AI Score
0.0004EPSS
An update is available for glibc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The glibc packages provide the standard C libraries (libc), POSIX thread...
7.8AI Score
0.0005EPSS
An update is available for libtiff. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libtiff packages contain a library of functions for manipulating Tagged.....
6.8CVSS
6.5AI Score
0.0004EPSS
An update is available for webkit2gtk3. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list WebKitGTK is the port of the portable web rendering engine WebKit to the....
9.8CVSS
8.3AI Score
0.017EPSS
An update is available for mutt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mutt is a low resource, highly configurable, text-based MIME e-mail client....
6.5CVSS
6.5AI Score
0.001EPSS
An update is available for glibc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The glibc packages provide the standard C libraries (libc), POSIX thread...
7.5AI Score
0.0004EPSS
[115.12.1-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build [115.12.1-1] - Update to 115.12.1 build1 [115.12.0-2] - Update to 115.12.0 build2 [115.12.0-1] - Update to 115.12.0...
7.1AI Score
0.0004EPSS
5.3CVSS
7.1AI Score
0.0004EPSS
6.4AI Score
0.0004EPSS
6.7AI Score
0.0004EPSS
4.4CVSS
7.2AI Score
0.0004EPSS
5.3CVSS
5.3AI Score
0.001EPSS
4.7CVSS
6.8AI Score
0.0004EPSS
6.8AI Score
0.0004EPSS
[115.12.0-1.0.1] - Add firefox-oracle-default-prefs.js and remove the corresponding OpenELA file [115.12.0-1] - Update to 115.12.0...
7AI Score
0.0004EPSS
[1.12.9-1] - Update to 1.12.9 (CVE-2024-32462) [1.12.8-1] - Rebase to 1.12.8 (RHEL-4220) [1.10.8-3] - Let flatpak own %{_sysconfdir}/flatpak...
8.4CVSS
8.6AI Score
0.0004EPSS
Summary IBM QRadar SIEM on Azure Cloud deployed from Azure Marketplace is vulnerable to a remote code execution issue found within the Microsoft Open Management Infrastructure (OMI). The information below shows how to remove this vulnerable component. Vulnerability Details ** CVEID:...
9.8CVSS
8AI Score
0.001EPSS
5.3CVSS
6.7AI Score
0.002EPSS
7.2AI Score
0.0004EPSS
[SECURITY] [DLA 3825-1] firefox-esr security update
Debian LTS Advisory DLA-3825-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort June 13, 2024 https://wiki.debian.org/LTS Package : firefox-esr Version : 115.12.0esr-1~deb10u1 CVE...
7.5AI Score
0.0004EPSS
[115.12.0-1.0.1] - Remove upstream references [Orabug: 30143292] - Update distribution for Oracle Linux [Orabug: 30143292] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [115.12.0-1] - Update to 115.12.0...
6.8AI Score
0.0004EPSS
[2.28-251.0.2.2] - Forward port of Oracle patches over 2.28-251.2 Reviewed-by: Jose E. Marchesi Oracle history: May-23-2024 Cupertino Miranda - 2.28-251.0.2.1 - Forward port of Oracle patches over 2.28-251.1 Reviewed-by: Jose E. Marchesi May-22-2024 Cupertino Miranda - 2.28-251.0.2 ...
7.2AI Score
0.0004EPSS
Important: git security update
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to...
9CVSS
9.1AI Score
0.002EPSS
virt:kvm_utils1 security update
hivex libguestfs libguestfs-winsupport libiscsi libnbd libvirt [5.7.0-42] - Document CVEs as fixed (Karl Heubaum) {CVE-2023-2700} - Fix off-by-one error in udevListInterfacesByStatus (Martin Kletzander) [Orabug: 36364474] {CVE-2024-1441} - libvirt- : Check caller-provided buffers to be NULL with...
5.5CVSS
7.2AI Score
0.0004EPSS
[3.0.7-162] - Upgrade to Ruby 3.0.7. Resolves: RHEL-35740 - Fix HTTP response splitting in CGI. Resolves: RHEL-35741 - Fix ReDoS vulnerability in URI. Resolves: RHEL-35742 - Fix ReDoS vulnerability in Time. Resolves: RHEL-35743 - Fix buffer overread vulnerability in StringIO. Resolves:...
8.8CVSS
7.6AI Score
EPSS
Security exception in com.github.javaparser.CommentsInserter.insertComments
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67850 Crash type: Security exception Crash state: com.github.javaparser.CommentsInserter.insertComments java.base/java.util.Objects.equals...
7.1AI Score
Security exception in com.github.javaparser.ast.validator.TreeVisitorValidator.accept
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67558 Crash type: Security exception Crash state: com.github.javaparser.ast.validator.TreeVisitorValidator.accept com.github.javaparser.ast.expr.FieldAccessExpr.getMetaModel...
7.1AI Score
8.4CVSS
6.9AI Score
0.0004EPSS
Important: python3.11 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security...
7.8CVSS
7.6AI Score
0.0005EPSS
Moderate: libreswan security update
Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network (VPN).....
7.1AI Score
0.0004EPSS
An update is available for thunderbird. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. This...
8AI Score
0.0004EPSS
An update is available for libreoffice. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list LibreOffice is an open source, community-developed office productivity...
8.8CVSS
7.2AI Score
0.001EPSS