AI Trust Risk and Security Management: Why Tackle Them Now?
Co-authored by Sabeen Malik and Laura Ellis In the evolving world of artificial intelligence (AI), keeping our customers secure and maintaining their trust is our top priority. As AI technologies integrate more deeply into our daily operations and services, they bring a set of unique challenges...
7.6AI Score
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to update pod labels can cause Cilium to apply incorrect network policies. This issue arises due to the fact that on pod update, Cilium incorrectly uses user-provided pod labels.....
7.1AI Score
0.0004EPSS
BIT-cilium-operator-2023-39347
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to update pod labels can cause Cilium to apply incorrect network policies. This issue arises due to the fact that on pod update, Cilium incorrectly uses user-provided pod labels.....
7.1AI Score
0.0004EPSS
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to create or modify CiliumNetworkPolicy objects in a particular namespace is able to affect traffic on an entire Cilium cluster, potentially bypassing policy enforcement in other....
7.1AI Score
0.0004EPSS
BIT-cilium-operator-2023-41333
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to create or modify CiliumNetworkPolicy objects in a particular namespace is able to affect traffic on an entire Cilium cluster, potentially bypassing policy enforcement in other....
7.1AI Score
0.0004EPSS
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1644-1)
The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1644-1 advisory. In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynqmp-gqspi: return -ENOMEM if...
7.6AI Score
EulerOS Virtualization 2.11.1 : shim (EulerOS-SA-2024-1619)
According to the versions of the shim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an...
8.9AI Score
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2024-1612)
The remote host is missing an update for the Huawei...
7.1AI Score
0.962EPSS
Unbreakable Enterprise kernel security update
[5.15.0-206.153.7] - mmc: core: Initialize mmc_blk_ioc_data (Mikko Rapeli) - ahci: asm1064: asm1166: don't limit reported ports (Conrad Kostecki) - mmc: core: Fix switch on gp3 partition (Dominique Martinet) - Drivers: hv: vmbus: Calculate ring buffer size for more efficient use of memory (Michael....
8.3AI Score
EulerOS Virtualization 2.11.0 : libssh (EulerOS-SA-2024-1628)
According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...
7.8AI Score
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:1648-1)
The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1648-1 advisory. In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory ...
7.3AI Score
Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2024-1619)
The remote host is missing an update for the Huawei...
7.5AI Score
0.008EPSS
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1646-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1646-1 advisory. In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory accesses There are two array...
7.4AI Score
K000139618: MySQL vulnerabilities CVE-2024-21054, CVE-2024-21009, CVE-2024-20993, and CVE-2024-21102
Security Advisory Description CVE-2024-21054 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network...
5.7AI Score
0.001EPSS
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6766-2)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6766-2 advisory. In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skb_segment() Once again syzbot is able...
7.5AI Score
7.4CVSS
7.1AI Score
0.0004EPSS
Releases Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages linux-hwe-5.15 - Linux hardware enablement (HWE) kernel linux-raspi - Linux kernel for Raspberry Pi systems Details It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack during recursive action...
7.2AI Score
0.0005EPSS
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1641-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1641-1 advisory. In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynqmp-gqspi: return -ENOMEM if dma_map_single...
7.6AI Score
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2024-1631)
The remote host is missing an update for the Huawei...
7.1AI Score
0.962EPSS
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.8)
The version of AOS installed on the remote host is prior to 6.8. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.8 advisory. Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in...
8.7AI Score
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1639-1 advisory. redis-py before 4.5.3 leaves a connection open after canceling an async Redis command at an...
7.6AI Score
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2024-1628)
The remote host is missing an update for the Huawei...
7.1AI Score
0.962EPSS
EulerOS Virtualization 2.11.0 : shim (EulerOS-SA-2024-1638)
According to the versions of the shim package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an...
8.9AI Score
Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2024-1638)
The remote host is missing an update for the Huawei...
7.5AI Score
0.008EPSS
EulerOS Virtualization 2.11.1 : libssh (EulerOS-SA-2024-1609)
According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...
7.8AI Score
EulerOS Virtualization 2.11.0 : openssh (EulerOS-SA-2024-1631)
According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...
8.3AI Score
Huawei EulerOS: Security Advisory for libssh2 (EulerOS-SA-2024-1629)
The remote host is missing an update for the Huawei...
7.1AI Score
0.962EPSS
EulerOS Virtualization 2.11.1 : python-paramiko (EulerOS-SA-2024-1616)
According to the versions of the python-paramiko package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows...
7.8AI Score
EulerOS Virtualization 2.11.0 : python-paramiko (EulerOS-SA-2024-1635)
According to the versions of the python-paramiko package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows...
7.8AI Score
K000139594: libxml2 vulnerability CVE-2022-40304
Security Advisory Description An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked. (CVE-2022-40304). Impact This vulnerability allows a...
7.6AI Score
0.001EPSS
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2024-1609)
The remote host is missing an update for the Huawei...
7.1AI Score
0.962EPSS
K000139617: MySQL vulnerabilities CVE-2024-21049, CVE-2024-21060, CVE-2024-21061, and CVE-2024-21069
Security Advisory Description CVE-2024-21049 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols...
5.7AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for libssh2 (EulerOS-SA-2024-1610)
The remote host is missing an update for the Huawei...
7.1AI Score
0.962EPSS
Huawei EulerOS: Security Advisory for python-paramiko (EulerOS-SA-2024-1616)
The remote host is missing an update for the Huawei...
7.1AI Score
0.962EPSS
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1643-1)
The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1643-1 advisory. In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory accesses There are two...
7.6AI Score
K000139615: Node.js vulnerability CVE-2024-27982
Security Advisory Description The team has identified a critical vulnerability in the http server of the most recent version of Node, where malformed headers can lead to HTTP request smuggling. Specifically, if a space is placed before a content-length header, it is not interpreted correctly,...
5.8AI Score
0.0004EPSS
K000139616: MySQL vulnerability CVE-2024-21051
Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise...
5.7AI Score
0.0004EPSS
EulerOS Virtualization 2.11.0 : libssh2 (EulerOS-SA-2024-1629)
According to the versions of the libssh2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...
7.8AI Score
EulerOS Virtualization 2.11.1 : libssh2 (EulerOS-SA-2024-1610)
According to the versions of the libssh2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...
7.8AI Score
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-SUSE-RU-2024:1637-1 advisory. sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser...
7.8AI Score
Huawei EulerOS: Security Advisory for python-paramiko (EulerOS-SA-2024-1635)
The remote host is missing an update for the Huawei...
7.1AI Score
0.962EPSS
EulerOS Virtualization 2.11.1 : openssh (EulerOS-SA-2024-1612)
According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...
8.3AI Score
Amazon Linux 2 : java-1.8.0-openjdk (ALAS-2024-2540)
The version of java-1.8.0-openjdk installed on the remote host is prior to 1.8.0.412.b08-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2540 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ...
6.2AI Score
An authenticated sensitive information disclosure vulnerability exists in the CLI service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to read arbitrary files in the underlying operating...
4.9CVSS
6.1AI Score
0.0004EPSS
An unauthenticated Denial-of-Service (DoS) vulnerability exists in the ANSI escape code service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected Access...
5.3CVSS
7.3AI Score
0.0004EPSS
Unauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected...
5.3CVSS
7.3AI Score
0.0004EPSS
Unauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected...
5.3CVSS
6.9AI Score
0.0004EPSS
Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exists in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilites result in the ability to interrupt the normal operation of the affected Access...
5.3CVSS
7.4AI Score
0.0004EPSS
Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating...
7.2CVSS
8.2AI Score
0.0004EPSS
Unauthenticated Denial of Service (DoS) vulnerabilities exist in the Central Communications service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected...
5.3CVSS
7.3AI Score
0.0004EPSS