Lucene search

K

Business Directory Plugin | GeoDirectory Security Vulnerabilities

nessus
nessus

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : openssl-3 (SUSE-SU-2024:2020-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2020-1 advisory. - CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers. (bsc#1225551) Tenable has extracted the...

7AI Score

EPSS

2024-06-14 12:00 AM
cvelist
cvelist

CVE-2024-24320

Directory Traversal vulnerability in Mgt-commerce CloudPanel v.2.0.0 thru v.2.4.0 allows a remote attacker to obtain sensitive information and execute arbitrary code via the service parameter of the load-logfiles...

0.0004EPSS

2024-06-14 12:00 AM
wpvulndb
wpvulndb

YITH WooCommerce Product Add-Ons < 4.9.3 - Unauthenticated Content Injection

Description The YITH WooCommerce Product Add-Ons plugin for WordPress is vulnerable to Content Injection in all versions up to, and including, 4.9.2. This is due to the plugin not properly validating a field that can be updated. This makes it possible for unauthenticated attackers to inject...

5.3CVSS

7.1AI Score

0.0005EPSS

2024-06-14 12:00 AM
1
nessus
nessus

Rocky Linux 8 : python-jinja2 (RLSA-2024:3102)

The remote Rocky Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2024:3102 advisory. * jinja2: HTML attribute injection when passing user input as keys to xmlattr filter (CVE-2024-22195) Tenable has extracted the preceding description block...

6.1CVSS

6.6AI Score

0.001EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : gdk-pixbuf2 (RLSA-2024:3341)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3341 advisory. * gdk-pixbuf2: heap memory corruption on gdk-pixbuf (CVE-2022-48622) Tenable has extracted the preceding description block directly from the Rocky Linux security.....

7.8CVSS

7.9AI Score

0.001EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : bind and dhcp (RLSA-2024:3271)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3271 advisory. * bind9: Parsing large DNS messages may cause excessive CPU load (CVE-2023-4408) * bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator...

7.5CVSS

9.3AI Score

0.05EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : python-dns (RLSA-2024:3275)

The remote Rocky Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2024:3275 advisory. * dnspython: denial of service in stub resolver (CVE-2023-29483) Tenable has extracted the preceding description block directly from the Rocky Linux security...

6.6AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : firefox (RLSA-2024:3783)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3783 advisory. * firefox: Arbitrary JavaScript execution in PDF.js (CVE-2024-4367) * firefox: IndexedDB files retained in private browsing mode (CVE-2024-4767) *...

7.8AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 9 : nodejs (RLSA-2024:2910)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2910 advisory. * nodejs: CONTINUATION frames DoS (CVE-2024-27983) * nodejs: using the fetch() function to retrieve content from an untrusted URL leads to denial of...

5.3CVSS

7.8AI Score

0.0004EPSS

2024-06-14 12:00 AM
2
nessus
nessus

Rocky Linux 9 : kernel (RLSA-2024:3619)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3619 advisory. * kernel: ipv6: sr: fix possible use-after-free and null-ptr-deref (CVE-2024-26735) * kernel: fs: sysfs: Fix reference leak in...

8.2AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : 389-ds:1.4 (RLSA-2024:3047)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3047 advisory. * 389-ds-base: a heap overflow leading to denail-of-servce while writing a value larger than 256 chars (in log_entry_attr) (CVE-2024-1062) Tenable has...

5.5CVSS

7.2AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

RHEL 8 / 9 : Red Hat Ceph Storage 7.1 (RHSA-2024:3925)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3925 advisory. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage...

9.8CVSS

7.3AI Score

0.002EPSS

2024-06-14 12:00 AM
nessus
nessus

AlmaLinux 9 : fence-agents (ALSA-2024:3820)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:3820 advisory. * jinja2: accepts keys containing non-attribute characters (CVE-2024-34064) Tenable has extracted the preceding description block directly from the AlmaLinux...

5.4CVSS

5.5AI Score

0.0004EPSS

2024-06-14 12:00 AM
1
nessus
nessus

Rocky Linux 8 : idm:DL1 and idm:client (RLSA-2024:3267)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3267 advisory. * JWCrypto: denail of service Via specifically crafted JWE (CVE-2023-6681) * python-jwcrypto: malicious JWE token can cause denial of service...

6.8CVSS

7AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : .NET 8.0 (RLSA-2024:3345)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3345 advisory. * dotnet: stack buffer overrun in Double Parse (CVE-2024-30045) * dotnet: denial of service in ASP.NET Core due to deadlock in...

6.3CVSS

6.8AI Score

0.0005EPSS

2024-06-14 12:00 AM
nessus
nessus

Debian dsa-5710 : chromium - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5710 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5710-1 [email protected] ...

6.7AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : libssh (RLSA-2024:3233)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3233 advisory. * libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname (CVE-2023-6004) * libssh: Missing checks for return...

5.3CVSS

8.3AI Score

0.001EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 9 : gvisor-tap-vsock (RLSA-2024:3830)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3830 advisory. * golang: net/http: memory exhaustion in Request.ParseMultipartForm (CVE-2023-45290) Tenable has extracted the preceding description block directly from the...

5AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : xorg-x11-server-Xwayland (RLSA-2024:3343)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3343 advisory. * xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents (CVE-2024-31080) * xorg-x11-server: Heap buffer overread/data leakage in.....

7.8CVSS

8AI Score

0.0005EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : libxml2 (RLSA-2024:3626)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3626 advisory. * libxml2: use-after-free in XMLReader (CVE-2024-25062) Tenable has extracted the preceding description block directly from the Rocky Linux security advisory....

7.5CVSS

7.1AI Score

0.0005EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : python39:3.9 and python39-devel:3.9 (RLSA-2024:2985)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2985 advisory. * pypa-setuptools: Regular Expression Denial of Service (ReDoS) in package_index.py (CVE-2022-40897) * python-cryptography: memory corruption via...

8.1CVSS

7.6AI Score

0.005EPSS

2024-06-14 12:00 AM
nessus
nessus

SolarWinds Serv-U < 15.4.2 HF 2 Directory Traversal

SolarWinds Serv-U versions prior to 15.4.2 HF 2 is vulnerable to a directory traversal allowing an unauthenticated attacker to access sensitive files via a specially crafted...

7.2AI Score

2024-06-14 12:00 AM
1
exploitdb

7.4AI Score

0.0004EPSS

2024-06-14 12:00 AM
36
nessus
nessus

SUSE SLES12 Security Update : php8 (SUSE-SU-2024:2027-1)

The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2027-1 advisory. - CVE-2024-5458: Fixed an issue that allows to bypass filters in filter_var FILTER_VALIDATE_URL. (bsc#1226073) Tenable has extracted the...

5.3CVSS

9.5AI Score

0.001EPSS

2024-06-14 12:00 AM
1
redos
redos

ROS-20240614-01

Vulnerability of UnRAR file unzipping tool is related to incorrect restriction of the path name to the directory with restricted access. Exploitation of the vulnerability could allow a remote attacker, Overwrite arbitrary files using a specially crafted...

7.5CVSS

7.2AI Score

0.927EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : pam (RLSA-2024:3163)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3163 advisory. * pam: allowing unprivileged user to block another user namespace (CVE-2024-22365) Tenable has extracted the preceding description block directly from the Rocky...

5.5CVSS

6.9AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : sssd (RLSA-2024:3270)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3270 advisory. * sssd: Race condition during authorization leads to GPO policies functioning inconsistently (CVE-2023-3758) Tenable has extracted the preceding description...

7.1CVSS

9.4AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : Image builder components bug fix, enhancement and (RLSA-2024:2961)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:2961 advisory. * osbuild-composer: race condition may disable GPG verification for package repositories (CVE-2024-2307) Tenable has extracted the preceding description block...

6.1CVSS

6.9AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6817-3)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6817-3 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer...

7.8CVSS

8.5AI Score

0.0005EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : httpd:2.4 (RLSA-2024:3121)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3121 advisory. * httpd: mod_macro: out-of-bounds read vulnerability (CVE-2023-31122) * mod_http2: reset requests exhaust memory (incomplete fix of CVE-2023-44487)...

7.5CVSS

8.9AI Score

0.732EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : kernel (RLSA-2024:3138)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3138 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): For more details about the security issue(s),...

9.8CVSS

7.7AI Score

EPSS

2024-06-14 12:00 AM
nessus
nessus

AlmaLinux 9 : podman (ALSA-2024:3826)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:3826 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods....

4.9CVSS

5.9AI Score

0.0005EPSS

2024-06-14 12:00 AM
nessus
nessus

AlmaLinux 9 : python-idna (ALSA-2024:3846)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:3846 advisory. * python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode() (CVE-2024-3651) Tenable has extracted the preceding...

7.6AI Score

EPSS

2024-06-14 12:00 AM
nessus
nessus

AlmaLinux 9 : containernetworking-plugins (ALSA-2024:3831)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:3831 advisory. * golang: net/http: memory exhaustion in Request.ParseMultipartForm (CVE-2023-45290) Tenable has extracted the preceding description block directly from the...

5.1AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 9 : thunderbird (RLSA-2024:2888)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2888 advisory. * firefox: Arbitrary JavaScript execution in PDF.js (CVE-2024-4367) * firefox: IndexedDB files retained in private browsing mode (CVE-2024-4767) *...

7.8AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : .NET 7.0 (RLSA-2024:3340)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3340 advisory. * dotnet: stack buffer overrun in Double Parse (CVE-2024-30045) * dotnet: denial of service in ASP.NET Core due to deadlock in...

6.3CVSS

6.8AI Score

0.0005EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : python3 (RLSA-2024:3347)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3347 advisory. * python: Path traversal on tempfile.TemporaryDirectory (CVE-2023-6597) * python: The zipfile module is vulnerable to zip-bombs leading to denial of...

7.8CVSS

7.3AI Score

0.0005EPSS

2024-06-14 12:00 AM
nessus
nessus

AlmaLinux 9 : libreoffice (ALSA-2024:3835)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:3835 advisory. * libreoffice: Improper Input Validation leading to arbitrary gstreamer plugin execution (CVE-2023-6185) * libreoffice: Insufficient macro permission...

8.8CVSS

9.2AI Score

0.001EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : ruby:3.3 (RLSA-2024:3670)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3670 advisory. * ruby: Buffer overread vulnerability in StringIO (CVE-2024-27280) * ruby: RCE vulnerability with .rdoc_options in RDoc (CVE-2024-27281) * ruby:...

9AI Score

EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : pcp (RLSA-2024:3264)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3264 advisory. * pcp: exposure of the redis server backend allows remote command execution via pmproxy (CVE-2024-3019) Tenable has extracted the preceding description block...

8.8CVSS

7.2AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 9 : python-idna (RLSA-2024:3846)

The remote Rocky Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2024:3846 advisory. * python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode() (CVE-2024-3651) Tenable has extracted the preceding...

7.6AI Score

EPSS

2024-06-14 12:00 AM
packetstorm

7.4AI Score

2024-06-14 12:00 AM
31
nessus
nessus

Oracle Linux 8 : ruby:3.1 (ELSA-2024-3546)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3546 advisory. ruby [3.1.5-143] - Upgrade to Ruby 3.1.5. Resolves: RHEL-35748 - Fix buffer overread vulnerability in StringIO. Resolves: RHEL-35749 - Fix RCE...

7AI Score

EPSS

2024-06-14 12:00 AM
nessus
nessus

Fedora 40 : chromium (2024-5acee8c47f)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-5acee8c47f advisory. update to 126.0.6478.55 * High CVE-2024-5830: Type Confusion in V8 * High CVE-2024-5831: Use after free in Dawn * High CVE-2024-5832: Use...

6.9AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

AlmaLinux 9 : cockpit (ALSA-2024:3843)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:3843 advisory. * cockpit: command injection when deleting a sosreport with a crafted name (CVE-2024-2947) Tenable has extracted the preceding description block directly from the...

7.3CVSS

7.4AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : libtiff (RLSA-2024:3059)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3059 advisory. * libtiff: out-of-bounds read in tiffcp in tools/tiffcp.c (CVE-2022-4645) Tenable has extracted the preceding description block directly from the Rocky Linux...

6.8CVSS

6.9AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : go-toolset:rhel8 (RLSA-2024:3259)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3259 advisory. * golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288) * golang: net/http/cookiejar: incorrect forwarding...

5.8AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 9 : .NET 8.0 (RLSA-2024:2842)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2842 advisory. * dotnet: stack buffer overrun in Double Parse (CVE-2024-30045) * dotnet: denial of service in ASP.NET Core due to deadlock in...

6.3CVSS

6.8AI Score

0.0005EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : grafana (RLSA-2024:3265)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3265 advisory. * golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394) * grafana: vulnerable to authorization bypass...

7.5CVSS

7.8AI Score

0.0005EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : cockpit (RLSA-2024:3667)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3667 advisory. * cockpit: command injection when deleting a sosreport with a crafted name (CVE-2024-2947) Tenable has extracted the preceding description block directly from...

7.3CVSS

7.4AI Score

0.0004EPSS

2024-06-14 12:00 AM
Total number of security vulnerabilities346396