Lucene search

K

404 To 301 – Redirect, Log And Notify 404 Errors Security Vulnerabilities

spring
spring

Spring Tips: Further, Faster with Spring Boot 3.3

Hi, Spring fans! In this installment we look at ways to make your applications go further, faster, with AppCDS, GraalVM, AOT on the JRE, and Project CRaC (coordinate restore at checkpoint) springboot #java #graalvm #programming...

7.2AI Score

2024-06-25 12:00 AM
nessus
nessus

EulerOS 2.0 SP11 : golang (EulerOS-SA-2024-1835)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This...

7.4AI Score

0.0004EPSS

2024-06-25 12:00 AM
3
nessus
nessus

FreeBSD : chromium -- multiple security fixes (2b68c86a-32d5-11ef-8a0f-a8a1599412c6)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 2b68c86a-32d5-11ef-8a0f-a8a1599412c6 advisory. Chrome Releases reports: This update includes 5 security fixes: Tenable has extracted the...

7.1AI Score

0.0004EPSS

2024-06-25 12:00 AM
nessus
nessus

RHEL 8 : [23.0] Security update for the 23.0 (RPMs) (Low) (RHSA-2024:4081)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4081 advisory. The quarkus-mandrel-java and quarkus-mandrel-23 packages provide the GraalVM installation for the quarkus/mandrel-23-rhel8:23.0 container...

3.7CVSS

6.9AI Score

0.0005EPSS

2024-06-25 12:00 AM
nessus
nessus

EulerOS 2.0 SP11 : glusterfs (EulerOS-SA-2024-1833)

According to the versions of the glusterfs packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In Gluster GlusterFS 11.0, there is an xlators/cluster/dht/src/dht-common.c dht_setxattr_mds_cbk use- after-free.(CVE-2022-48340) Tenable...

7.5CVSS

7.8AI Score

0.001EPSS

2024-06-25 12:00 AM
nessus
nessus

EulerOS 2.0 SP11 : curl (EulerOS-SA-2024-1829)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum...

9.8AI Score

0.0004EPSS

2024-06-25 12:00 AM
1
openvas
openvas

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1816)

The remote host is missing an update for the Huawei...

7.8CVSS

7.5AI Score

0.0004EPSS

2024-06-25 12:00 AM
1
openvas
openvas

Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2024-1847)

The remote host is missing an update for the Huawei...

7.1CVSS

7.5AI Score

0.0004EPSS

2024-06-25 12:00 AM
1
nessus
nessus

EulerOS 2.0 SP11 : xorg-x11-server (EulerOS-SA-2024-1849)

According to the versions of the xorg-x11-server package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixmap() function. This issue occurs when...

7.8CVSS

8AI Score

0.0005EPSS

2024-06-25 12:00 AM
1
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2024:2173-1)

The remote host is missing an update for...

7.8CVSS

7.5AI Score

0.005EPSS

2024-06-25 12:00 AM
openvas
openvas

Mageia: Security Advisory (MGASA-2024-0236)

The remote host is missing an update for...

7.5CVSS

7.5AI Score

0.0004EPSS

2024-06-25 12:00 AM
openvas
openvas

Mageia: Security Advisory (MGASA-2024-0233)

The remote host is missing an update for...

8.8CVSS

7.5AI Score

0.001EPSS

2024-06-25 12:00 AM
1
openvas
openvas

Ubuntu: Security Advisory (USN-6845-1)

The remote host is missing an update for...

7.4CVSS

7.8AI Score

0.004EPSS

2024-06-25 12:00 AM
openvas
openvas

Huawei EulerOS: Security Advisory for llvm (EulerOS-SA-2024-1818)

The remote host is missing an update for the Huawei...

7.5AI Score

0.0004EPSS

2024-06-25 12:00 AM
cvelist
cvelist

CVE-2024-37820

A nil pointer dereference in PingCAP TiDB v8.2.0-alpha-216-gfe5858b allows attackers to crash the application via...

EPSS

2024-06-25 12:00 AM
cvelist
cvelist

CVE-2024-36819

MAP-OS 4.45.0 and earlier is vulnerable to Cross-Site Scripting (XSS). This vulnerability allows malicious users to insert a malicious payload into the "Client Name" input. When a service order from this client is created, the malicious payload is displayed on the administrator and employee...

EPSS

2024-06-25 12:00 AM
almalinux
almalinux

Important: python3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security...

7.8CVSS

7.6AI Score

0.0005EPSS

2024-06-25 12:00 AM
openvas
openvas

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2024-1822)

The remote host is missing an update for the Huawei...

7.8CVSS

7.5AI Score

0.0005EPSS

2024-06-25 12:00 AM
openvas
openvas

Huawei EulerOS: Security Advisory for nghttp2 (EulerOS-SA-2024-1820)

The remote host is missing an update for the Huawei...

5.3CVSS

7.5AI Score

0.0004EPSS

2024-06-25 12:00 AM
openvas
openvas

Huawei EulerOS: Security Advisory for glusterfs (EulerOS-SA-2024-1833)

The remote host is missing an update for the Huawei...

7.5CVSS

7.5AI Score

0.001EPSS

2024-06-25 12:00 AM
openvas
openvas

Huawei EulerOS: Security Advisory for libyaml (EulerOS-SA-2024-1817)

The remote host is missing an update for the Huawei...

7.5AI Score

0.0004EPSS

2024-06-25 12:00 AM
openvas
openvas

Huawei EulerOS: Security Advisory for llvm (EulerOS-SA-2024-1839)

The remote host is missing an update for the Huawei...

7.5AI Score

0.0004EPSS

2024-06-25 12:00 AM
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2024:2170-1)

The remote host is missing an update for...

7.5AI Score

0.0004EPSS

2024-06-25 12:00 AM
nessus
nessus

EulerOS 2.0 SP11 : gnutls (EulerOS-SA-2024-1813)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS,...

5.3CVSS

6.1AI Score

0.0005EPSS

2024-06-25 12:00 AM
nessus
nessus

EulerOS 2.0 SP11 : sssd (EulerOS-SA-2024-1826)

According to the versions of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper...

7.1CVSS

7.3AI Score

0.0004EPSS

2024-06-25 12:00 AM
nessus
nessus

EulerOS 2.0 SP11 : xorg-x11-server (EulerOS-SA-2024-1828)

According to the versions of the xorg-x11-server package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixmap() function. This issue occurs when...

7.8CVSS

8AI Score

0.0005EPSS

2024-06-25 12:00 AM
wpvulndb
wpvulndb

WordPress < 6.5.5 - Contributor+ Stored XSS in Template-Part Block

Description WordPress does not properly escape the "tagName" attribute in the "Template Part block" allowing high-privileged users to perform Stored Cross-Site Scripting (XSS) attacks. PoC As a contributor, add a "Template Part" block to a post, click on "Start Blank" and then Create. Go into...

5.8AI Score

2024-06-25 12:00 AM
1
nessus
nessus

EulerOS 2.0 SP11 : glibc (EulerOS-SA-2024-1811)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting...

8.6AI Score

0.0005EPSS

2024-06-25 12:00 AM
arista
arista

Security Advisory 0098

Security Advisory 0098 _._CSAF PDF Date: June 25, 2024 Revision | Date | Changes ---|---|--- 1.0 | June 25, 2024 | Initial release The CVE-ID tracking this issue: CVE-2024-4578 CVSSv3.1 Base Score: 8.4 (CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H) Common Weakness Enumeration: CWE-77 Improper...

7AI Score

EPSS

2024-06-25 12:00 AM
nessus
nessus

PyTorch Detection

A PyTorch Python library is installed on the remote host. Note that Nessus has relied upon on the application's self-reported version...

7.4AI Score

2024-06-25 12:00 AM
1
nessus
nessus

EulerOS 2.0 SP11 : ruby (EulerOS-SA-2024-1825)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do...

6.8AI Score

EPSS

2024-06-25 12:00 AM
nessus
nessus

RHEL 9 : python3.11 (RHSA-2024:4077)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4077 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic...

7.8CVSS

6.9AI Score

0.0004EPSS

2024-06-25 12:00 AM
nessus
nessus

RHEL 7 : kpatch-patch (RHSA-2024:4073)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4073 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security...

7.8CVSS

7.6AI Score

0.011EPSS

2024-06-25 12:00 AM
osv
osv

Important: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security...

7.8CVSS

7.7AI Score

0.0004EPSS

2024-06-25 12:00 AM
oraclelinux
oraclelinux

git security update

[2.43.5-1] - Update to 2.43.5 - Related: RHEL-36402, RHEL-36414 [2.43.4-1] - Update to 2.43.4 - Resolves: RHEL-36402,...

9CVSS

9.4AI Score

0.001EPSS

2024-06-25 12:00 AM
oraclelinux
oraclelinux

git security update

[2.43.5-1] - Update to 2.43.5 - Related: RHEL-36399, RHEL-36411 [2.43.4-1] - Update to 2.43.4 - Resolves: RHEL-36399,...

9CVSS

9.4AI Score

0.001EPSS

2024-06-25 12:00 AM
nessus
nessus

EulerOS 2.0 SP11 : httpd (EulerOS-SA-2024-1836)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a...

7.5CVSS

8AI Score

0.005EPSS

2024-06-25 12:00 AM
nessus
nessus

EulerOS 2.0 SP11 : python-cryptography (EulerOS-SA-2024-1844)

According to the versions of the python-cryptography package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS...

7.5CVSS

6.9AI Score

0.001EPSS

2024-06-25 12:00 AM
nessus
nessus

EulerOS 2.0 SP11 : libyaml (EulerOS-SA-2024-1817)

According to the versions of the libyaml package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in yaml libyaml up to 0.2.5 and classified as critical. Affected by this issue is the function...

7.2AI Score

0.0004EPSS

2024-06-25 12:00 AM
nessus
nessus

EulerOS 2.0 SP11 : mod_http2 (EulerOS-SA-2024-1840)

According to the versions of the mod_http2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a...

7.5CVSS

8AI Score

0.005EPSS

2024-06-25 12:00 AM
nessus
nessus

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-1816)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: IB/ipoib: Fix mcast list locking Releasing the priv-lock while iterating...

7.8CVSS

7.7AI Score

0.0004EPSS

2024-06-25 12:00 AM
3
nessus
nessus

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:2185-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2185-1 advisory. The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: .....

9.8CVSS

8.2AI Score

0.005EPSS

2024-06-25 12:00 AM
nessus
nessus

AlmaLinux 8 : git (ALSA-2024:4084)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:4084 advisory. * git: Recursive clones RCE (CVE-2024-32002) * git: RCE while cloning local repos (CVE-2024-32004) * git: additional local RCE (CVE-2024-32465) * git:...

9CVSS

9.5AI Score

0.001EPSS

2024-06-25 12:00 AM
nessus
nessus

EulerOS 2.0 SP11 : httpd (EulerOS-SA-2024-1815)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a...

7.5CVSS

6.9AI Score

0.005EPSS

2024-06-25 12:00 AM
nessus
nessus

EulerOS 2.0 SP11 : python3 (EulerOS-SA-2024-1822)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and...

7.8CVSS

7.3AI Score

0.0005EPSS

2024-06-25 12:00 AM
nessus
nessus

EulerOS 2.0 SP11 : util-linux (EulerOS-SA-2024-1848)

According to the versions of the util-linux packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals...

6.9AI Score

0.0005EPSS

2024-06-25 12:00 AM
nessus
nessus

SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:2184-1)

The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2184-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following...

7.8CVSS

8.5AI Score

0.001EPSS

2024-06-25 12:00 AM
openvas
openvas

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1837)

The remote host is missing an update for the Huawei...

7.8CVSS

7.5AI Score

0.0004EPSS

2024-06-25 12:00 AM
openvas
openvas

Huawei EulerOS: Security Advisory for emacs (EulerOS-SA-2024-1830)

The remote host is missing an update for the Huawei...

7.5AI Score

0.0005EPSS

2024-06-25 12:00 AM
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2024:2171-1)

The remote host is missing an update for...

7.3CVSS

7.5AI Score

0.003EPSS

2024-06-25 12:00 AM
Total number of security vulnerabilities3377746