Lucene search

K

BD Pyxis™ MedStation™ ES Security Vulnerabilities

rocky
rocky

glibc security update

An update is available for glibc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The glibc packages provide the standard C libraries (libc), POSIX thread...

7.5AI Score

0.0004EPSS

2024-06-14 01:59 PM
3
rocky
rocky

gdk-pixbuf2 security update

An update is available for gdk-pixbuf2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gdk-pixbuf2 packages provide an image loading library that can be...

7.8CVSS

7.1AI Score

0.001EPSS

2024-06-14 01:59 PM
1
osv
osv

Moderate: squashfs-tools security update

SquashFS is a highly compressed read-only file system for Linux. These packages contain the utilities for manipulating squashfs file systems. Security Fix(es): squashfs-tools: unvalidated filepaths allow writing outside of destination (CVE-2021-40153) squashfs-tools: possible Directory...

8.1CVSS

6.7AI Score

0.009EPSS

2024-06-14 01:59 PM
rocky
rocky

libssh security update

An update is available for libssh. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libssh is a library which implements the SSH protocol. It can be used to...

5.3CVSS

7.2AI Score

0.001EPSS

2024-06-14 01:59 PM
osv
osv

Moderate: kernel update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240) kernel: Information disclosure in vhost/vhost.c:vhost_new_msg() (CVE-2024-0340) kernel:...

7.8CVSS

7.7AI Score

0.001EPSS

2024-06-14 01:59 PM
3
rocky
rocky

traceroute security update

An update is available for traceroute. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The traceroute utility displays the route used by IP packets on their way....

5.5CVSS

6.6AI Score

0.0004EPSS

2024-06-14 01:59 PM
2
rocky
rocky

bind and dhcp security update

An update is available for dhcp, bind. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Berkeley Internet Name Domain (BIND) is an implementation of the...

7.5CVSS

7.8AI Score

0.05EPSS

2024-06-14 01:59 PM
2
rocky
rocky

gcc bug fix update

An update is available for gcc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and...

7.3AI Score

2024-06-14 01:59 PM
1
rocky
rocky

krb5 security update

An update is available for krb5. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kerberos is a network authentication system, which can improve the security of.....

7AI Score

0.0004EPSS

2024-06-14 01:59 PM
1
osv
osv

Moderate: sssd security update

The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end...

7.1CVSS

7.1AI Score

0.0004EPSS

2024-06-14 01:59 PM
1
rocky
rocky

sssd security update

An update is available for sssd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The System Security Services Daemon (SSSD) service provides a set of daemons to....

7.1CVSS

7.2AI Score

0.0004EPSS

2024-06-14 01:59 PM
1
rocky
rocky

grub2 security update

An update is available for grub2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB),.....

7.8CVSS

7AI Score

0.001EPSS

2024-06-14 01:59 PM
1
redhatcve
redhatcve

CVE-2024-36968

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() l2cap_le_flowctl_init() can cause both div-by-zero and an integer overflow since hdev->le_mtu may not fall in the valid range. Move MTU from hci_dev to hci_conn to...

7AI Score

0.0004EPSS

2024-06-14 04:12 AM
1
nessus
nessus

AlmaLinux 9 : libreoffice (ALSA-2024:3835)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:3835 advisory. * libreoffice: Improper Input Validation leading to arbitrary gstreamer plugin execution (CVE-2023-6185) * libreoffice: Insufficient macro permission...

8.8CVSS

9.2AI Score

0.001EPSS

2024-06-14 12:00 AM
2
nessus
nessus

Rocky Linux 8 : kernel (RLSA-2024:3138)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3138 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): For more details about the security issue(s),...

9.8CVSS

8AI Score

EPSS

2024-06-14 12:00 AM
5
nessus
nessus

Rocky Linux 9 : libreoffice (RLSA-2024:3835)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3835 advisory. * libreoffice: Improper Input Validation leading to arbitrary gstreamer plugin execution (CVE-2023-6185) * libreoffice: Insufficient macro permission...

8.8CVSS

9.2AI Score

0.001EPSS

2024-06-14 12:00 AM
1
nessus
nessus

Rocky Linux 8 : kernel-rt (RLSA-2024:2950)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2950 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. ...

9.8CVSS

8.2AI Score

EPSS

2024-06-14 12:00 AM
4
nessus
nessus

Rocky Linux 8 : glibc (RLSA-2024:3344)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3344 advisory. * glibc: stack-based buffer overflow in netgroup cache (CVE-2024-33599) * glibc: null pointer dereferences after failed netgroup cache insertion ...

7.5AI Score

0.0004EPSS

2024-06-14 12:00 AM
1
nessus
nessus

Rocky Linux 8 : tomcat (RLSA-2024:3666)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3666 advisory. * Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549) * Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672) Bug...

7.1AI Score

0.0004EPSS

2024-06-14 12:00 AM
2
nessus
nessus

Rocky Linux 9 : glibc (RLSA-2024:3339)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3339 advisory. * glibc: Out of bounds write in iconv conversion to ISO-2022-CN-EXT (CVE-2024-2961) * glibc: stack-based buffer overflow in netgroup cache...

7.7AI Score

0.0005EPSS

2024-06-14 12:00 AM
2
nessus
nessus

Rocky Linux 8 : kernel-rt (RLSA-2024:3627)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3627 advisory. * kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240) * kernel: Information disclosure in...

7.8CVSS

9.3AI Score

0.001EPSS

2024-06-14 12:00 AM
4
nessus
nessus

Rocky Linux 9 : tomcat (RLSA-2024:3307)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3307 advisory. * Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549) * Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672) Bug...

7.1AI Score

0.0004EPSS

2024-06-14 12:00 AM
2
nessus
nessus

RHEL 9 : nghttp2 (RHSA-2024:3875)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3875 advisory. libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 (HTTP/2) protocol in C. Security Fix(es): * nghttp2: CONTINUATION...

5.3CVSS

5.5AI Score

0.0004EPSS

2024-06-13 12:00 AM
3
nessus
nessus

RHEL 8 : dnsmasq (RHSA-2024:3929)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3929 advisory. The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol)...

7.5CVSS

8.4AI Score

0.05EPSS

2024-06-13 12:00 AM
2
nessus
nessus

RHEL 8 : dnsmasq (RHSA-2024:3877)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3877 advisory. The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol)...

7.5CVSS

8.2AI Score

0.05EPSS

2024-06-13 12:00 AM
3
nessus
nessus

RHEL 9 : expat (RHSA-2024:3926)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3926 advisory. Expat is a C library for parsing XML documents. Security Fix(es): * expat: parsing large tokens can trigger a denial of service...

7.5CVSS

10AI Score

0.001EPSS

2024-06-13 12:00 AM
1
nessus
nessus

Debian dla-3825 : firefox-esr - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3825 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3825-1 [email protected] ...

7.6AI Score

0.0004EPSS

2024-06-13 12:00 AM
nessus
nessus

RHEL 8 / 9 : OpenShift Container Platform 4.14.29 (RHSA-2024:3700)

The remote Redhat Enterprise Linux 8 / 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3700 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private...

8.1CVSS

7.3AI Score

0.0004EPSS

2024-06-13 12:00 AM
1
redhatcve
redhatcve

CVE-2024-36972

In the Linux kernel, the following vulnerability has been resolved: af_unix: Update unix_sk(sk)->oob_skb under sk_receive_queue lock. Billy Jheng Bing-Jhong reported a race between __unix_gc() and queue_oob(). __unix_gc() tries to garbage-collect close()d inflight sockets, and then if the socket...

6.6AI Score

0.0004EPSS

2024-06-12 12:47 AM
1
redhatcve
redhatcve

CVE-2023-52745

In the Linux kernel, the following vulnerability has been resolved: IB/IPoIB: Fix legacy IPoIB due to wrong number of queues The cited commit creates child PKEY interfaces over netlink will multiple tx and rx queues, but some devices doesn't support more than 1 tx and 1 rx queues. This causes to a....

6.7AI Score

0.0004EPSS

2024-06-12 12:27 AM
redhatcve
redhatcve

CVE-2023-52743

In the Linux kernel, the following vulnerability has been resolved: ice: Do not use WQ_MEM_RECLAIM flag for workqueue When both ice and the irdma driver are loaded, a warning in check_flush_dependency is being triggered. This is due to ice driver workqueue being allocated with the WQ_MEM_RECLAIM...

6.7AI Score

0.0004EPSS

2024-06-12 12:27 AM
nessus
nessus

RHEL 9 : gdk-pixbuf2 (RHSA-2024:3834)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3834 advisory. The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits...

7.8CVSS

7.9AI Score

0.001EPSS

2024-06-12 12:00 AM
nessus
nessus

RHEL 8 / 9 : OpenShift Container Platform 4.12.59 (RHSA-2024:3715)

The remote Redhat Enterprise Linux 8 / 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3715 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private...

6.7AI Score

0.0004EPSS

2024-06-12 12:00 AM
1
nessus
nessus

RHEL 9 : 389-ds-base (RHSA-2024:3837)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3837 advisory. 389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol...

7.5CVSS

7.9AI Score

0.0004EPSS

2024-06-12 12:00 AM
1
nessus
nessus

RHEL 9 : libreoffice (RHSA-2024:3835)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3835 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word...

8.8CVSS

9.3AI Score

0.001EPSS

2024-06-12 12:00 AM
1
nessus
nessus

RHEL 9 : buildah (RHSA-2024:3827)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3827 advisory. The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a...

4.9CVSS

6AI Score

0.0005EPSS

2024-06-12 12:00 AM
2
nessus
nessus

RHEL 9 : rpm-ostree (RHSA-2024:3823)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3823 advisory. The rpm-ostree tool binds together the RPM packaging model with the OSTree model of bootable file system trees. It provides commands that can be...

6.2CVSS

6.5AI Score

0.0004EPSS

2024-06-12 12:00 AM
2
nessus
nessus

Debian dsa-5709 : firefox-esr - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5709 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5709-1 [email protected] ...

7.2AI Score

0.0004EPSS

2024-06-12 12:00 AM
2
nessus
nessus

RHEL 8 : kernel (RHSA-2024:3810)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3810 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: use-after-free in...

7.8CVSS

7.6AI Score

EPSS

2024-06-12 12:00 AM
3
nessus
nessus

RHEL 9 : containernetworking-plugins (RHSA-2024:3831)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3831 advisory. The Container Network Interface (CNI) project consists of a specification and libraries for writing plug- ins for configuring network interfaces...

5.6AI Score

0.0004EPSS

2024-06-12 12:00 AM
nessus
nessus

RHEL 9 : cockpit (RHSA-2024:3843)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3843 advisory. Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports,...

7.3CVSS

7.4AI Score

0.0004EPSS

2024-06-12 12:00 AM
1
oraclelinux
oraclelinux

libreoffice security update

[7.1.8.1-12.0.1] - Replace colors with Oracle colors [Orabug: 32120093] - Added the --with-hamcrest option to configure. [7.1.8.1] - Remove Red Hat branding - Change vendor to RESF [1:7.1.8.1-12] - Fix CVE-2023-6185 escape url passed to gstreamer - Fix CVE-2023-6186 check link target protocols...

8.8CVSS

7AI Score

0.001EPSS

2024-06-12 12:00 AM
3
nessus
nessus

Oracle Linux 9 : libreoffice (ELSA-2024-3835)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3835 advisory. - Fix CVE-2023-6185 escape url passed to gstreamer - Fix CVE-2023-6186 check link target protocols - Resolves: rhbz#2210193 CVE-2023-0950 Array Index...

8.8CVSS

7.4AI Score

0.001EPSS

2024-06-12 12:00 AM
2
nessus
nessus

RHEL 9 : gvisor-tap-vsock (RHSA-2024:3830)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3830 advisory. A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor and is used to provide networking for...

5.5AI Score

0.0004EPSS

2024-06-12 12:00 AM
nessus
nessus

RHEL 8 : tomcat (RHSA-2024:3814)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3814 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. Security Fix(es): * Apache Tomcat:...

8AI Score

0.0004EPSS

2024-06-12 12:00 AM
2
nessus
nessus

RHEL 9 : ruby (RHSA-2024:3838)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3838 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

8.8CVSS

8.1AI Score

EPSS

2024-06-12 12:00 AM
1
nessus
nessus

RHEL 8 : kernel (RHSA-2024:3859)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3859 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: KVM: SEV-ES / SEV-SNP...

5.6CVSS

8.1AI Score

0.001EPSS

2024-06-12 12:00 AM
2
nessus
nessus

RHEL 9 : kernel-rt (RHSA-2024:3854)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3854 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...

7.8CVSS

7.9AI Score

0.001EPSS

2024-06-12 12:00 AM
1
nessus
nessus

RHEL 9 : python-idna (RHSA-2024:3846)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3846 advisory. The hsakmt packages include a thunk library for AMD's Heterogeneous System Architecture (HSA) Linux kernel driver (amdkfd). Security Fix(es): *...

7.5AI Score

EPSS

2024-06-12 12:00 AM
1
nessus
nessus

RHEL 9 : fence-agents (RHSA-2024:3820)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3820 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or...

5.4CVSS

5.8AI Score

0.0004EPSS

2024-06-12 12:00 AM
2
Total number of security vulnerabilities52918