Moderate: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240) kernel: Information disclosure in...
7.8CVSS
6.6AI Score
0.001EPSS
Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition, Version 8 that is used by IBM InfoSphere Information Server. These issues were disclosed as part of the IBM Java SDK updates in April 2024. Vulnerability Details ** CVEID: CVE-2024-21085 DESCRIPTION: **An...
5.9CVSS
6.2AI Score
0.001EPSS
Summary A vulnerabilitiy in IBM® SDK Java™ Technology Edition that is shipped as part of multiple IBM Tivoli Monitoring (ITM) components. CVE-2024-3933 Vulnerability Details ** CVEID: CVE-2024-3933 DESCRIPTION: **Eclipse Openj9 could allow a local authenticated attacker to bypass security...
5.3CVSS
6.7AI Score
0.0004EPSS
(RHSA-2024:3583) Moderate: Red Hat JBoss Enterprise Application Platform 8.0.2 Security update
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.1, and includes bug fixes.....
6.1AI Score
0.001EPSS
(RHSA-2024:3581) Moderate: Red Hat JBoss Enterprise Application Platform 8.0.2 Security update
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.1, and includes bug fixes.....
6.1AI Score
0.001EPSS
(RHSA-2024:3580) Moderate: Red Hat JBoss Enterprise Application Platform 8.0.2 Security update
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.1, and includes bug fixes.....
6.1AI Score
0.001EPSS
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3581 advisory. Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This...
7.5CVSS
7.2AI Score
0.001EPSS
6.5AI Score
0.0004EPSS
RHEL 7 : 389-ds-base (RHSA-2024:3591)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3591 advisory. 389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol...
7.5CVSS
7AI Score
0.0004EPSS
RHEL 7 : glibc (RHSA-2024:3588)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3588 advisory. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the...
8.9AI Score
0.0005EPSS
Email Subscribers by Icegram Express < 5.7.21 - Unauthenticated SQL Injection via hash
Description The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to SQL Injection via the ‘hash’ parameter in all versions up to, and including, 5.7.20 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query....
9.8CVSS
9.6AI Score
0.001EPSS
Email Subscribers by Icegram Express < 5.7.21 - Unauthenticated SQL Injection via hash
Description The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to SQL Injection via the ‘hash’ parameter in all versions up to, and including, 5.7.20 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query....
9.8CVSS
9.7AI Score
0.001EPSS
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3580 advisory. Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This...
7.5CVSS
7.2AI Score
0.001EPSS
(RHSA-2024:3576) Low: Red Hat build of Keycloak 24.0.5 Images enhancement and security update
Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat build of Keycloak for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also...
6.6AI Score
0.0005EPSS
(RHSA-2024:3575) Low: Red Hat build of Keycloak 24.0.5 enhancement and security update
Red Hat build of Keycloak 24.0.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. Security Fix(es): * exposure of sensitive information in Pushed Authorization Requests (PAR)...
6.2AI Score
0.0004EPSS
(RHSA-2024:3574) Low: Red Hat build of Keycloak 22.0.11 enhancement and security update
Red Hat build of Keycloak 22.0.11 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat build of Keycloak 22.0.11 serves as a replacement for Red Hat Single...
6.2AI Score
0.0004EPSS
(RHSA-2024:3573) Low: Red Hat build of Keycloak 22.0.11 Images enhancement and security update
Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat build of Keycloak for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also...
6.7AI Score
0.001EPSS
(RHSA-2024:3572) Low: Red Hat Single Sign-On 7.6.9 security update
<< AUTOMATICALLY GENERATED, EDIT PLEASE >> Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.6.9 serves ...
6.3AI Score
0.0004EPSS
(RHSA-2024:3570) Low: Red Hat Single Sign-On 7.6.9 for OpenShift image enhancement update
Red Hat Single Sign-On is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat Single Sign-On for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also manage...
8.2AI Score
0.05EPSS
(RHSA-2024:3568) Low: Red Hat Single Sign-On 7.6.9 security update on RHEL 9
Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.6.9 on RHEL 9 serves as a replacement for Red Hat Single Sign-On.....
6.3AI Score
0.0004EPSS
(RHSA-2024:3567) Low: Red Hat Single Sign-On 7.6.9 security update on RHEL 8
Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.6.9 on RHEL 8 serves as a replacement for Red Hat Single Sign-On.....
6.3AI Score
0.0004EPSS
(RHSA-2024:3566) Low: Red Hat Single Sign-On 7.6.9 security update on RHEL 7
Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.6.9 on RHEL 7 serves as a replacement for Red Hat Single Sign-On.....
6.3AI Score
0.0004EPSS
CVE-2024-24919 Nmap script to check vulnerability...
8.6CVSS
6.2AI Score
0.945EPSS
PCI DSS 4.0: Get Audit-Ready for the New Requirements
The Payment Card Industry Data Security Standard (PCI DSS) originated in 2004 and is managed by the PCI Security Standards Council to ensure security for the global payment industry. This mandate applies to all entities worldwide that store, process, or transmit payment cardholder data or...
7.6AI Score
In the Linux kernel, the following vulnerability has been resolved: nfs: Handle error of rpc_proc_register() in nfs_net_init(). syzkaller reported a warning [0] triggered while destroying immature netns. rpc_proc_register() was called in init_nfs_fs(), but its error has been ignored since at least....
6.2AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload The session resources are used by FW and driver when session is offloaded, once session is uploaded these resources are not used. The lock is not required as....
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6_output() According to syzbot, there is a chance that ip6_dst_idev() returns NULL in ip6_output(). Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported:...
5.5CVSS
6.5AI Score
0.0004EPSS
(RHSA-2024:3563) Important: Red Hat JBoss Enterprise Application Platform 7.4.17 Security update
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.16, and includes bug...
5.9AI Score
0.002EPSS
(RHSA-2024:3561) Important: Red Hat JBoss Enterprise Application Platform 7.4.17 Security update
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.16, and includes bug...
5.9AI Score
0.002EPSS
(RHSA-2024:3560) Important: Red Hat JBoss Enterprise Application Platform 7.4.17 Security update
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.16, and includes bug...
5.9AI Score
0.002EPSS
(RHSA-2024:3559) Important: Red Hat JBoss Enterprise Application Platform 7.4.17 Security update
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.16, and includes bug...
5.9AI Score
0.002EPSS
Microsoft is named a leader in the Forrester Wave for XDR
“Defenders think in lists, attackers think in graphs.”1 This remains a reality for the many organizations that operate across siloed security tools, fueling the demand on security operations (SOC) teams, as advanced cyberattacks continue to increase in frequency and speed. That’s where extended...
6.8AI Score
(RHSA-2024:3553) Important: nodejs : security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix(es): nodejs/16: CONTINUATION frames DoS (CVE-2024-27983) For more details about the security issue(s), including the impact, a CVSS score,...
6.4AI Score
0.0004EPSS
(RHSA-2024:3552) Moderate: python-idna security and bug fix update
Security Fix(es): python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode()...
6.3AI Score
EPSS
In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure snd_nxt is properly initialized on connect Christoph reported a splat hinting at a corrupted snd_una: WARNING: CPU: 1 PID: 38 at net/mptcp/protocol.c:1005 __mptcp_clean_una+0x4b3/0x620 net/mptcp/protocol.c:1005...
6.3AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets TCP_SYN_RECV state is really special, it is only used by cross-syn connections, mostly used by fuzzers. In the following crash [1], syzbot managed to trigger a divide by.....
6.3AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() syzbot is able to trigger the following crash [1], caused by unsafe ip6_dst_idev() use. Indeed ip6_dst_idev() can return NULL, and must always be checked. [1]....
5.5CVSS
6.4AI Score
0.0004EPSS
IT threat evolution in Q1 2024. Mobile statistics
IT threat evolution Q1 2024 IT threat evolution Q1 2024. Mobile statistics IT threat evolution Q1 2024. Non-mobile statistics Quarterly figures According to Kaspersky Security Network, in Q1 2024: 10.1 million attacks using malware, adware, or unwanted mobile software were blocked. The most...
7.9AI Score
IT threat evolution in Q1 2024. Non-mobile statistics
IT threat evolution Q1 2024 IT threat evolution Q1 2024. Mobile statistics IT threat evolution Q1 2024. Non-mobile statistics The statistics presented here are based on detection verdicts by Kaspersky products and services received from users who consented to providing statistical data. Quarterly.....
6.9AI Score
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() When I did memory failure tests recently, below warning occurs: DEBUG_LOCKS_WARN_ON(1) WARNING: CPU: 8 PID: 1011 at kernel/locking/lockdep.c:232...
6.5AI Score
0.0004EPSS
(RHSA-2024:3546) Moderate: ruby:3.1 security, bug fix, and enhancement update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fix(es): ruby: RCE vulnerability with .rdoc_options in RDoc (CVE-2024-27281) ruby: Buffer overread vulnerability in StringIO...
5.7AI Score
EPSS
(RHSA-2024:3545) Important: nodejs security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix(es): nodejs: HTTP Request Smuggling via Content Length Obfuscation (CVE-2024-27982) nodejs: CONTINUATION frames DoS (CVE-2024-27983) For more...
6.6AI Score
0.0004EPSS
(RHSA-2024:3544) Important: nodejs:18 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix(es): nodejs: CONTINUATION frames DoS (CVE-2024-27983) nodejs: nghttp2: CONTINUATION frames DoS (CVE-2024-28182) For more details about the security...
6.7AI Score
0.0004EPSS
(RHSA-2024:3543) Moderate: python-idna security and bug fix update
Security Fix(es): python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode()...
6.3AI Score
EPSS
K000139877: Linux kernel vulnerabilities CVE-2021-47076 and CVE-2021-47080
Security Advisory Description CVE-2021-47076 In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Return CQE error if invalid lkey was supplied RXE is missing update of WQE status in LOCAL_WRITE failures. This caused the following kernel panic if someone sent an atomic...
5.6AI Score
0.0004EPSS
EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-1788)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache There is...
8CVSS
8.3AI Score
EPSS
RHEL 8 : kernel (RHSA-2024:3528)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3528 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: NULL pointer dereference...
7.8CVSS
8.2AI Score
0.002EPSS
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3560 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This...
7.3CVSS
7.1AI Score
0.002EPSS
RHEL 7 : Red Hat Single Sign-On 7.6.9 security update on RHEL 7 (Low) (RHSA-2024:3566)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3566 advisory. Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on...
7.5CVSS
6.8AI Score
0.0004EPSS
RHEL 9 : nodejs:18 (RHSA-2024:3544)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3544 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. ...
5.3CVSS
7.6AI Score
0.0004EPSS