Repo Status -
Overall Status
Page updated: 2024-11-17 04:20
| 2122735 | POST | low | CVE-2021-33456 yasm: NULL pointer dereference in hash() in modules/preprocs/nasm/nasm-pp.c [epel-all] |
| 2122737 | POST | low | CVE-2021-33457 yasm: NULL pointer dereference in expand_mmac_params() in modules/preprocs/nasm/nasm-pp.c [epel-all] |
| 2122739 | POST | low | CVE-2021-33459 yasm: NULL pointer dereference in nasm_parser_directive() in modules/parsers/nasm/nasm-parse.c [epel-all] |
| 2264275 | NEW | unspecified | CVE-2023-46136 python-werkzeug: high resource consumption leading to denial of service [epel-9] |
| 2316315 | NEW | high | CVE-2024-25590 pdns: Crafted responses can lead to a denial of service due to cache inefficiencies in the Recursor [epel-all] |
| 2316316 | NEW | high | CVE-2024-25590 pdns-recursor: Crafted responses can lead to a denial of service due to cache inefficiencies in the Recursor [epel-all] |
| 2317099 | NEW | high | CVE-2024-43363 cacti: Remote code execution via Log Poisoning in Cacti [epel-9] |
| 2317102 | NEW | high | CVE-2024-43362 cacti: Stored Cross-site Scripting (XSS) when creating external links in Cacti [epel-9] |
| 2317106 | NEW | medium | CVE-2024-43364 cacti: Stored Cross-site Scripting (XSS) when creating external links in Cacti [epel-9] |
| 2317110 | NEW | medium | CVE-2024-43365 cacti: Stored Cross-site Scripting (XSS) when creating external links in Cacti [epel-9] |
| 2317490 | NEW | high | CVE-2024-45160 lemonldap-ng: From NVD collector [epel-9] |
| 2317756 | NEW | medium | CVE-2024-48933 lemonldap-ng: XSS/HTML Injection login page when user contains special characters [epel-9] |
| 2318146 | NEW | high | CVE-2024-8376 mosquitto: sending specific sequences of packets may trigger memory leak [epel-all] |
| 2319554 | NEW | medium | CVE-2024-44337 matterbridge: infinite loop via the paragraph function of parser/block.go [epel-all] |
| 2321496 | NEW | high | CVE-2024-3661 dhcpcd: DHCP routing options can manipulate interface-based VPN traffic [epel-all] |
| 2321555 | NEW | medium | CVE-2024-50383 botan2: compiler-induced side channel in lib/utils/donna128.h [epel-9] |
| 2321649 | NEW | medium | CVE-2024-50382 botan2: compiler-induced side channel in lib/utils/ghash/ghash.cpp [epel-9] |
| 2321667 | NEW | high | CVE-2024-48208 pure-ftpd: out of bounds read in the domlsd() function of ls.c [epel-9] |
| 2322188 | NEW | medium | CVE-2024-50614 tinyxml2: reachable assertion in GetCharacterRef() [epel-9] |
| 2322471 | NEW | high | CVE-2024-49769 python-waitress: Waitress has a denial of service leading to high CPU usage/resource exhaustion [epel-9] |
| 2322946 | NEW | high | CVE-2024-10525 mosquitto: heap buffer overflow in my_subscribe_callback [epel-9] |
| 2322981 | NEW | medium | CVE-2024-10573 SDL_sound: Buffer overflow when writin decoded PCM samples [epel-all] |
| 2322982 | NEW | medium | CVE-2024-10573 wine: Buffer overflow when writin decoded PCM samples [epel-all] |
| 2323265 | NEW | high | CVE-2024-44185 obs-studio-plugin-webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash [epel-all] |
| 2323280 | NEW | high | CVE-2024-44244 obs-studio-plugin-webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash [epel-all] |
| 2323293 | NEW | medium | CVE-2024-44296 obs-studio-plugin-webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced [epel-all] |
| 2323593 | NEW | urgent | CVE-2024-51774 qbittorrent: RCE Vulnerability in qBittorrent Due to Improper SSL/TLS Certificate Validation [epel-9] |
| 2325761 | NEW | high | CVE-2024-11110 chromium: Inappropriate implementation in Extensions [epel-all] |
| 2325763 | NEW | medium | CVE-2024-11111 chromium: Inappropriate implementation in Autofill [epel-all] |
| 2325765 | NEW | medium | CVE-2024-11113 chromium: Use after free in Accessibility [epel-all] |
| 2325767 | NEW | medium | CVE-2024-11116 chromium: Inappropriate implementation in Blink [epel-all] |
| 2325769 | NEW | low | CVE-2024-11117 chromium: Inappropriate implementation in FileSystem [epel-all] |
| 2326233 | MODIFIED | medium | CVE-2024-50306 trafficserver: Apache Traffic Server: Server process can fail to drop privilege [epel-9] |
| 2326238 | MODIFIED | high | CVE-2024-50305 trafficserver: Apache Traffic Server: Valid Host field value can cause crashes [epel-9] |
| 2326243 | MODIFIED | high | CVE-2024-38479 trafficserver: Apache Traffic Server: Cache key plugin is vulnerable to cache poisoning attack [epel-9] |
| 2326411 | NEW | medium | CVE-2024-11249 rust-zlib-rs: zlib-rs stack overflow during decompression with malicious input [epel-9] |
| 2326579 | NEW | medium | CVE-2024-52522 rclone: improper permission and ownership handling on symlink targets with --links and --metadata [epel-all] |