Lucene search

K

Armoury Crate & Aura Creator Installer (ROG Live Service) Security Vulnerabilities

openvas
openvas

Ubuntu: Security Advisory (USN-6818-2)

The remote host is missing an update for...

7.8CVSS

8.8AI Score

0.001EPSS

2024-06-11 12:00 AM
4
cvelist
cvelist

CVE-2024-34406

Improper exception handling in McAfee Security: Antivirus VPN for Android before 8.3.0 could allow an attacker to cause a denial of service through the use of a malformed deep...

0.0004EPSS

2024-06-11 12:00 AM
openvas
openvas

Unbound DNS <= 1.19.3 DoS Amplification Vulnerability (DNSBomb)

Unbound DNS is prone to a denial of service (DoS) amplification vulnerability (aka...

7.2AI Score

0.0004EPSS

2024-06-11 12:00 AM
openvas
openvas

Ubuntu: Security Advisory (USN-6821-2)

The remote host is missing an update for...

8CVSS

8AI Score

0.0004EPSS

2024-06-11 12:00 AM
2
nessus
nessus

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-idna (SUSE-SU-2024:1939-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:1939-1 advisory. - CVE-2024-3651: Fixed a denial of service via resource consumption through specially crafted...

7.5AI Score

EPSS

2024-06-11 12:00 AM
nessus
nessus

SUSE SLES15 / openSUSE 15 Security Update : frr (SUSE-SU-2024:1971-1)

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1971-1 advisory. - CVE-2024-34088: Fixed null pointer via get_edge() function can trigger a denial of service (bsc#1223786). -...

8.2AI Score

0.0004EPSS

2024-06-11 12:00 AM
vulnrichment
vulnrichment

CVE-2024-34406

Improper exception handling in McAfee Security: Antivirus VPN for Android before 8.3.0 could allow an attacker to cause a denial of service through the use of a malformed deep...

6.8AI Score

0.0004EPSS

2024-06-11 12:00 AM
nessus
nessus

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : LibTIFF vulnerability (USN-6827-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6827-1 advisory. It was discovered that LibTIFF incorrectly handled memory when performing certain cropping...

5.5CVSS

8.6AI Score

0.0004EPSS

2024-06-11 12:00 AM
nessus
nessus

Debian dsa-5708 : cyrus-admin - security update

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5708 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5708-1 [email protected] ...

6.5CVSS

6.7AI Score

0.0005EPSS

2024-06-11 12:00 AM
nessus
nessus

Ubuntu 22.04 LTS : Linux kernel (NVIDIA) vulnerabilities (USN-6820-2)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6820-2 advisory. It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability....

8CVSS

10AI Score

0.0004EPSS

2024-06-11 12:00 AM
nessus
nessus

KB5039213: Windows 11 version 21H2 Security Update (June 2024)

The remote Windows host is missing security update 5039213. It is, therefore, affected by multiple vulnerabilities Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability (CVE-2024-30097) Windows Remote Access Connection Manager Information Disclosure...

9.8CVSS

8.7AI Score

0.003EPSS

2024-06-11 12:00 AM
4
nessus
nessus

KB5039227: Windows 2022 / Azure Stack HCI 22H2 Security Update (June 2024)

The remote Windows host is missing security update 5039227. It is, therefore, affected by multiple vulnerabilities Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability (CVE-2024-30097) Windows Remote Access Connection Manager Information Disclosure...

9.8CVSS

7.5AI Score

0.003EPSS

2024-06-11 12:00 AM
1
nessus
nessus

KB5039214: Windows 10 Version 1607 / Windows Server 2016 Security Update (June 2024)

The remote Windows host is missing security update 5039214. It is, therefore, affected by multiple vulnerabilities Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability (CVE-2024-30097) Windows Remote Access Connection Manager Information Disclosure...

9.8CVSS

7.8AI Score

0.003EPSS

2024-06-11 12:00 AM
2
nessus
nessus

KB5039260: Windows Server 2012 Security Update (June 2024)

The remote Windows host is missing security update 5039260. It is, therefore, affected by multiple vulnerabilities Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability (CVE-2024-30080) DHCP Server Service Denial of Service Vulnerability (CVE-2024-30070) Windows OLE Remote...

9.8CVSS

8AI Score

0.003EPSS

2024-06-11 12:00 AM
4
nessus
nessus

SUSE SLES15 / openSUSE 15 Security Update : squid (SUSE-SU-2024:1961-1)

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:1961-1 advisory. - CVE-2024-33427: Fixed possible buffer overread that could have led to a denial-of-service (bsc#1225417). Tenable has...

7.1AI Score

EPSS

2024-06-11 12:00 AM
nessus
nessus

CentOS 9 : openssl-3.2.2-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the openssl-3.2.2-1.el9 build changelog. Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact...

7.4AI Score

EPSS

2024-06-11 12:00 AM
nessus
nessus

Ubuntu 20.04 LTS : Linux kernel (Intel IoTG) vulnerabilities (USN-6828-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6828-1 advisory. Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use-...

8CVSS

8.9AI Score

EPSS

2024-06-11 12:00 AM
nessus
nessus

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel (AWS) vulnerabilities (USN-6821-3)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6821-3 advisory. It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free...

8CVSS

8.6AI Score

0.0004EPSS

2024-06-11 12:00 AM
kaspersky
kaspersky

KLA68914 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: A denial of service vulnerability in DNS...

9.8CVSS

10AI Score

0.003EPSS

2024-06-11 12:00 AM
11
kaspersky
kaspersky

KLA68915 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: An elevation of privilege vulnerability in...

9.8CVSS

10AI Score

0.003EPSS

2024-06-11 12:00 AM
9
packetstorm

6.6CVSS

7AI Score

0.001EPSS

2024-06-11 12:00 AM
54
androidsecurity
androidsecurity

Pixel Watch Security Bulletin—June 2024

The Pixel Watch Security Bulletin contains details of security vulnerabilities affecting Pixel Watch devices (Google Devices). For Google devices, security patch levels of 2024-06-05 or later address all applicable issues in the June 2024 Android Security Bulletin and all issues in this bulletin......

8.4AI Score

2024-06-11 12:00 AM
8
ibm
ibm

Security Bulletin: Updating Java in Identity Insight 9.0.0.1 for security update

Summary Identity Insight customers are advised to update OpenJDK 8 to version 8.0.412 for the security update in Java. Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section Affected Products and Versions Affected Product(s) | Version(s) ---|--- IBM...

7.5CVSS

6.8AI Score

EPSS

2024-06-10 10:53 PM
15
ibm
ibm

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Liberty Profile affect IBM Robotic Process Automation.

Summary Multiple vulnerabilities in IBM MQ affect IBM Robotic Process Automation. IBM MQ is used by IBM Robotic Process Automation as part of UMS and as an application server for container deployments. This bulletin identifies the security fixes to apply to address the vulnerability. ...

7.5CVSS

8.2AI Score

0.732EPSS

2024-06-10 10:49 PM
3
ibm
ibm

Security Bulletin: Multiple vulnerabilities in IBM MQ affect IBM Robotic Process Automation.

Summary Multiple vulnerabilities in IBM MQ affect IBM Robotic Process Automation. IBM MQ is used by IBM Robotic Process Automation for message queueing. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details ** CVEID: CVE-2023-26159 DESCRIPTION:...

7.5CVSS

9.4AI Score

0.732EPSS

2024-06-10 10:47 PM
5
ibm
ibm

Security Bulletin: Multiple vulnerabilities in IBM MQ affect IBM Robotic Process Automation.

Summary Multiple vulnerabilities in IBM MQ affect IBM Robotic Process Automation. IBM MQ is used by IBM Robotic Process Automation for message queueing. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details ** CVEID: CVE-2023-5072 DESCRIPTION:...

7.5CVSS

7.5AI Score

0.001EPSS

2024-06-10 10:46 PM
2
cve
cve

CVE-2024-37289

An improper access control vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

7.8CVSS

7.2AI Score

0.0005EPSS

2024-06-10 10:15 PM
22
cve
cve

CVE-2024-36473

Trend Micro VPN Proxy One Pro, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite or create attack but is limited to local Denial of Service (DoS) and under specific conditions can lead to elevation of...

5.3CVSS

6.9AI Score

0.0005EPSS

2024-06-10 10:15 PM
24
nvd
nvd

CVE-2024-36307

A security agent link following vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information about the agent on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the...

4.7CVSS

0.0005EPSS

2024-06-10 10:15 PM
4
nvd
nvd

CVE-2024-36473

Trend Micro VPN Proxy One Pro, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite or create attack but is limited to local Denial of Service (DoS) and under specific conditions can lead to elevation of...

5.3CVSS

0.0005EPSS

2024-06-10 10:15 PM
4
cve
cve

CVE-2024-36307

A security agent link following vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information about the agent on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the...

4.7CVSS

6.5AI Score

0.0005EPSS

2024-06-10 10:15 PM
24
nvd
nvd

CVE-2024-36304

A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order...

7.8CVSS

0.0005EPSS

2024-06-10 10:15 PM
6
cve
cve

CVE-2024-36303

An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

7.8CVSS

7.2AI Score

0.0005EPSS

2024-06-10 10:15 PM
23
cve
cve

CVE-2024-36306

A link following vulnerability in the Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine could allow a local attacker to create a denial-of-service condition on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the...

6.1CVSS

7AI Score

0.0005EPSS

2024-06-10 10:15 PM
25
cve
cve

CVE-2024-36304

A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order...

7.8CVSS

7.2AI Score

0.0005EPSS

2024-06-10 10:15 PM
22
nvd
nvd

CVE-2024-36306

A link following vulnerability in the Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine could allow a local attacker to create a denial-of-service condition on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the...

6.1CVSS

0.0005EPSS

2024-06-10 10:15 PM
5
cve
cve

CVE-2024-36302

An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

7.8CVSS

7.2AI Score

0.0005EPSS

2024-06-10 10:15 PM
22
cve
cve

CVE-2024-36305

A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

7.8CVSS

7.2AI Score

0.0005EPSS

2024-06-10 10:15 PM
22
cvelist
cvelist

CVE-2024-36473

Trend Micro VPN Proxy One Pro, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite or create attack but is limited to local Denial of Service (DoS) and under specific conditions can lead to elevation of...

5.3CVSS

0.0005EPSS

2024-06-10 09:22 PM
2
vulnrichment
vulnrichment

CVE-2024-36473

Trend Micro VPN Proxy One Pro, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite or create attack but is limited to local Denial of Service (DoS) and under specific conditions can lead to elevation of...

5.3CVSS

7.1AI Score

0.0005EPSS

2024-06-10 09:22 PM
vulnrichment
vulnrichment

CVE-2024-36307

A security agent link following vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information about the agent on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the...

4.7CVSS

6.5AI Score

0.0005EPSS

2024-06-10 09:21 PM
cvelist
cvelist

CVE-2024-36307

A security agent link following vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information about the agent on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the...

4.7CVSS

0.0005EPSS

2024-06-10 09:21 PM
2
vulnrichment
vulnrichment

CVE-2024-36306

A link following vulnerability in the Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine could allow a local attacker to create a denial-of-service condition on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the...

6.1CVSS

7AI Score

0.0005EPSS

2024-06-10 09:21 PM
cvelist
cvelist

CVE-2024-36306

A link following vulnerability in the Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine could allow a local attacker to create a denial-of-service condition on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the...

6.1CVSS

0.0005EPSS

2024-06-10 09:21 PM
2
cvelist
cvelist

CVE-2024-36304

A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order...

7.8CVSS

0.0005EPSS

2024-06-10 09:21 PM
6
vulnrichment
vulnrichment

CVE-2024-36304

A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order...

7.8CVSS

7.4AI Score

0.0005EPSS

2024-06-10 09:21 PM
ibm
ibm

Security Bulletin: Vulnerable netty classes from couchdb affecting IBM Knowledge Catalog for IBM Cloud Pak for Data

Summary There are vulnerabilities in netty classes from couchdb clouseau jar file included in IBM Knowledge Catalog. Vulnerability Details ** CVEID: CVE-2019-20444 DESCRIPTION: **Netty is vulnerable to HTTP request smuggling, caused by a flaw in the HttpObjectDecoder.java. By sending a...

9.1CVSS

9.2AI Score

0.012EPSS

2024-06-10 09:17 PM
3
nvd
nvd

CVE-2024-27812

The issue was addressed with improvements to the file handling protocol. This issue is fixed in visionOS 1.2. Processing web content may lead to a...

0.0004EPSS

2024-06-10 09:15 PM
5
cve
cve

CVE-2024-27812

The issue was addressed with improvements to the file handling protocol. This issue is fixed in visionOS 1.2. Processing web content may lead to a...

6.4AI Score

0.0004EPSS

2024-06-10 09:15 PM
24
nvd
nvd

CVE-2024-27800

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing a maliciously crafted message may lead to a...

0.0005EPSS

2024-06-10 09:15 PM
1
Total number of security vulnerabilities481401