⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Drafts

Create draft to convert the suggestion into a draft security issue that can be edited before publishing.

Dismiss to remove a suggestion from the queue.

CVE-2024-8443
2.9 LOW
  • CVSS version: 3.1
  • Attack vector (AV): PHYSICAL
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
updated 8 months, 2 weeks ago by @LeSuisse Activity log
  • Created automatic suggestion 8 months, 2 weeks ago
  • @LeSuisse accepted as draft 8 months, 2 weeks ago
Libopensc: heap buffer overflow in openpgp driver when generating key

A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the `pkcs15-init` tool may lead to out-of-bound rights, possibly resulting in arbitrary code execution.

opensc
<0.26.0

pkgs.opensc

Set of libraries and utilities to access smart cards
Package maintainers: 1
CVE-2024-48896
4.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
updated 8 months, 2 weeks ago by @LeSuisse Activity log
  • Created automatic suggestion 8 months, 2 weeks ago
  • @LeSuisse accepted as draft 8 months, 2 weeks ago
Moodle: users' names returned in messaging error message

A vulnerability was found in Moodle. It is possible for users with the "send message" capability to view other users' names that they may not otherwise have access to via an error message in Messaging. Note: The name returned follows the full name format configured on the site.

moodle
<4.1.14
<4.2.11
<4.4.4
<4.1.0
<4.3.8

pkgs.moodle

Free and open-source learning management system (LMS) written in PHP
Package maintainers: 1
CVE-2024-48898
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): HIGH
  • Availability impact (A): NONE
updated 8 months, 2 weeks ago by @fricklerhandwerk Activity log
  • Created automatic suggestion 8 months, 2 weeks ago
  • @fricklerhandwerk accepted as draft 8 months, 2 weeks ago
Moodle: some users can delete audiences of other reports

A vulnerability was found in Moodle. Users with access to delete audiences from reports could delete audiences from other reports that they do not have permission to delete from.

moodle
<4.1.14
<4.2.11
<4.4.4
<4.1.0
<4.3.8

pkgs.moodle

Free and open-source learning management system (LMS) written in PHP
Package maintainers: 1
CVE-2024-48900
4.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
updated 8 months, 2 weeks ago by @fricklerhandwerk Activity log
  • Created automatic suggestion 8 months, 2 weeks ago
  • @fricklerhandwerk accepted as draft 8 months, 2 weeks ago
Moodle: idor when accessing list of badge recipients

A vulnerability was found in Moodle. Additional checks are required to ensure users with permission to view badge recipients can only access lists of those they are intended to have access to.

moodle
<4.4.4

pkgs.moodle

Free and open-source learning management system (LMS) written in PHP
Package maintainers: 1
CVE-2024-48901
4.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
updated 8 months, 2 weeks ago by @fricklerhandwerk Activity log
  • Created automatic suggestion 8 months, 2 weeks ago
  • @fricklerhandwerk accepted as draft 8 months, 2 weeks ago
Moodle: idor when fetching report schedules

A vulnerability was found in Moodle. Additional checks are required to ensure users can only access the schedule of a report if they have permission to edit that report.

moodle
<4.1.14
<4.2.11
<4.4.4
<4.1.0
<4.3.8

pkgs.moodle

Free and open-source learning management system (LMS) written in PHP
Package maintainers: 1
CVE-2024-52616
5.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
updated 8 months, 2 weeks ago by @fricklerhandwerk Activity log
  • Created automatic suggestion 8 months, 2 weeks ago
  • @Erethon accepted as draft 8 months, 2 weeks ago
  • @Erethon dismissed 8 months, 2 weeks ago
  • @fricklerhandwerk accepted as draft 8 months, 2 weeks ago
Avahi: avahi wide-area dns predictable transaction ids

A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs.

avahi
*
<0.9
rhcos
CVE-2024-8612
3.8 LOW
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
updated 8 months, 2 weeks ago by @fricklerhandwerk Activity log
  • Created automatic suggestion 8 months, 2 weeks ago
  • @fricklerhandwerk accepted as draft 8 months, 2 weeks ago
Qemu-kvm: information leak in virtio devices

A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueue_push as set in virtio_scsi_complete_req / virtio_blk_req_complete / virito_crypto_req_complete could be larger than the true size of the data which has been sent to guest. Once virtqueue_push() finally calls dma_memory_unmap to ummap the in_iov, it may call the address_space_write function to write back the data. Some uninitialized data may exist in the bounce.buffer, leading to an information leak.

qemu
*
qemu-kvm
qemu-kvm-ma
virt:av/qemu-kvm
virt:rhel/qemu-kvm

pkgs.qemu

Generic and open source machine emulator and virtualizer

pkgs.qemu_kvm

Generic and open source machine emulator and virtualizer

pkgs.qemu_xen

Generic and open source machine emulator and virtualizer

pkgs.qemu-user

QEMU User space emulator - launch executables compiled for one CPU on another CPU

pkgs.qemu_full

Generic and open source machine emulator and virtualizer

pkgs.qemu_test

Generic and open source machine emulator and virtualizer

pkgs.qemu-utils

Generic and open source machine emulator and virtualizer

pkgs.armTrustedFirmwareQemu

Reference implementation of secure world software for ARMv8-A
Package maintainers: 5
CVE-2024-48899
4.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
updated 8 months, 2 weeks ago by @fricklerhandwerk Activity log
  • Created automatic suggestion 8 months, 2 weeks ago
  • @fricklerhandwerk accepted as draft 8 months, 2 weeks ago
Moodle: idor when accessing list of course badges

A vulnerability was found in Moodle. Additional checks are required to ensure users can only fetch the list of course badges for courses that they are intended to have access to.

moodle
<4.4.4

pkgs.moodle

Free and open-source learning management system (LMS) written in PHP
Package maintainers: 1
CVE-2024-10492
updated 8 months, 2 weeks ago by @ANONYMOUS Activity log
  • Created automatic suggestion 8 months, 2 weeks ago
  • @ANONYMOUS dismissed 8 months, 2 weeks ago
  • @ANONYMOUS marked as untriaged 8 months, 2 weeks ago
  • @ANONYMOUS accepted as draft 8 months, 2 weeks ago
Keycloak-quarkus-server: keycloak path trasversal

A vulnerability was found in Keycloak. A user with high privileges could read sensitive information from a Vault file that is not within the expected context. This attacker must have previous high access to the Keycloak server in order to perform resource creation, for example, an LDAP provider configuration and set up a Vault read file, which will only inform whether that file exists or not.

keycloak
<26.0.6
rhbk/keycloak-rhel9
*
rhbk/keycloak-rhel9-operator
*
rhbk/keycloak-operator-bundle
*
org.keycloak/keycloak-quarkus-server
CVE-2024-9632
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
updated 8 months, 2 weeks ago by @Erethon Activity log
  • Created automatic suggestion 8 months, 2 weeks ago
  • @Erethon accepted as draft 8 months, 2 weeks ago
Xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability

A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges.

tigervnc
*
xorg-server
<21.1.14
xorg-x11-server
*
xorg-x11-server-Xwayland
*