K000139446 : Oracle Java vulnerability CVE-2024-21005
Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Supported versions that are affected are Oracle Java SE: 8u401; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to exploit...
3.1CVSS
5.6AI Score
0.0005EPSS
Moderate: libreswan security update
Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network (VPN).....
7.1AI Score
0.0004EPSS
Amazon Linux 2 : java-17-amazon-corretto (ALAS-2024-2528)
The version of java-17-amazon-corretto installed on the remote host is prior to 17.0.11+9-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2528 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...
3.7CVSS
5.9AI Score
0.001EPSS
RHEL 9 : libreswan (RHSA-2024:2565)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2565 advisory. Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both...
6.4AI Score
0.0004EPSS
Moderate: traceroute security update
The traceroute utility displays the route used by IP packets on their way to a specified network (or Internet) host. Security Fix(es): traceroute: improper command line parsing (CVE-2023-46316) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and...
5.5CVSS
7AI Score
0.0004EPSS
Important: bind security update
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....
7.5CVSS
7.8AI Score
0.05EPSS
Amazon Linux 2 : java-11-amazon-corretto (ALAS-2024-2527)
The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.23+9-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2527 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...
3.7CVSS
6AI Score
0.001EPSS
RHEL 8 : libreswan (RHSA-2024:2082)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2082 advisory. Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both...
6.4AI Score
0.0004EPSS
RHEL 9 : tigervnc (RHSA-2024:2298)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2298 advisory. Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the...
7CVSS
6.1AI Score
0.0004EPSS
Important: tigervnc security update
Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients....
7.8CVSS
7.3AI Score
0.0005EPSS
(RHSA-2024:2101) Low: Red Hat Satellite Client bug fix and security update
Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard...
7.7AI Score
0.001EPSS
If state-sponsored actors are after one thing, it's to spread fear and uncertainty across the internet. There's always money to be made targeting individual businesses and organizations, but for James Nutland's work, it's always about the bigger picture. And his background in studying...
7.2AI Score
(RHSA-2024:2085) Moderate: libreswan security and bug fix update
Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network (VPN).....
7.5AI Score
0.0004EPSS
(RHSA-2024:2082) Moderate: libreswan security update
Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network (VPN).....
7.5AI Score
0.0004EPSS
(RHSA-2024:2081) Moderate: libreswan security update
Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network (VPN).....
7.5AI Score
0.0004EPSS
(RHSA-2024:2080) Important: tigervnc security update
Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients....
7.4AI Score
0.0005EPSS
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-598 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are...
5.8AI Score
0.001EPSS
Amazon Linux 2023 : java-1.8.0-amazon-corretto, java-1.8.0-amazon-corretto-devel (ALAS2023-2024-602)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-602 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Supported versions that are affected are Oracle Java SE: 8u401; Oracle...
3.7CVSS
5.7AI Score
0.001EPSS
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-599 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are...
3.7CVSS
5.8AI Score
0.001EPSS
SUSE SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2024:1450-1)
The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1450-1 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE...
3.7CVSS
6AI Score
0.001EPSS
SUSE SLES12 Security Update : java-11-openjdk (SUSE-SU-2024:1452-1)
The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1452-1 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE...
3.7CVSS
6AI Score
0.001EPSS
RHEL 7 : tigervnc (RHSA-2024:2080)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2080 advisory. Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the...
7.8CVSS
8.3AI Score
0.0005EPSS
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-601 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are...
3.7CVSS
5.8AI Score
0.001EPSS
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-600 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are...
3.7CVSS
5.9AI Score
0.001EPSS
SUSE SLES15 / openSUSE 15 Security Update : java-1_8_0-openjdk (SUSE-SU-2024:1451-1)
The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1451-1 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of ...
3.7CVSS
6AI Score
0.001EPSS
RHEL 6 / 7 / 8 / 9 : Red Hat Satellite Client (RHSA-2024:2101)
The remote Redhat Enterprise Linux 6 / 7 / 8 / 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2101 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the...
3.7CVSS
8.2AI Score
0.001EPSS
[SECURITY] [DLA 3797-1] frr security update
Debian LTS Advisory DLA-3797-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost April 28, 2024 https://wiki.debian.org/LTS Package : frr Version : 7.5.1-1.1+deb10u2 CVE ID :...
9.8CVSS
8.9AI Score
0.029EPSS
RHEL 8 : bind and dhcp (RHSA-2024:1782)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1782 advisory. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named);.....
7.5CVSS
8.1AI Score
0.05EPSS
RHEL 8 : Satellite 6.13.1 Async Security Update (Moderate) (RHSA-2023:3387)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:3387 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to...
5.4CVSS
5.8AI Score
0.001EPSS
RHEL 8 : Red Hat Satellite 6 (RHSA-2024:1061)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1061 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity...
7.5CVSS
7AI Score
0.001EPSS
RHEL 8 : Satellite 6.13.3 Async Security Update (Important) (RHSA-2023:4466)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4466 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity...
9.1CVSS
8.3AI Score
0.004EPSS
RHEL 8 : Satellite 6.14.3 Async Security Update (Moderate) (RHSA-2024:1536)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1536 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity...
7.5CVSS
7.8AI Score
0.052EPSS
RHEL 8 : Satellite 6.12.3 Async Security Update (Important) (RHSA-2023:1630)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1630 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to...
5.5CVSS
6.3AI Score
0.001EPSS
RHEL 8 : Satellite 6.13.5 Async Security Update (Important) (RHSA-2023:5931)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5931 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity...
9.8CVSS
8.8AI Score
0.732EPSS
RHEL 8 : Satellite 6.12.5.2 Async Security Update (Important) (RHSA-2023:5979)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5979 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity...
9.8CVSS
9.1AI Score
0.732EPSS
RHEL 7 / 8 : Satellite 6.11.5 Async Security Update (Critical) (RHSA-2023:1151)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1151 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the...
9.8CVSS
8.7AI Score
0.003EPSS
RHEL 8 : Satellite 6.12.1 Async Security Update (Critical) (RHSA-2023:0261)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0261 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity...
9.8CVSS
9.8AI Score
0.972EPSS
RHEL 8 : Satellite 6.14.2 Async Security Update (Important) (RHSA-2024:0797)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0797 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity...
9.8CVSS
8.6AI Score
0.003EPSS
RHEL 7 / 8 : Satellite 6.11.5.6 async (RHSA-2023:5980)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5980 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the...
9.8CVSS
9.2AI Score
0.732EPSS
RHEL 7 / 8 : Satellite 6.11.4 Async Security Update (Important) (RHSA-2022:7242)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7242 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the...
8.1CVSS
9.5AI Score
0.003EPSS
RHEL 8 : Satellite 6.14.1 Async Security Update (Moderate) (RHSA-2023:7851)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7851 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity...
8.1CVSS
6.9AI Score
EPSS
RHEL 7 : opendaylight (RHSA-2018:2598)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2018:2598 advisory. OpenDaylight (ODL) is a modular open platform for customizing and automating networks of any size and scale. The OpenDaylight Project arose out of...
5.9CVSS
6.4AI Score
0.011EPSS
K000139423 : OpenJDK vulnerabilities CVE-2024-21002, CVE-2024-21003, and CVE-2024-21004
Security Advisory Description CVE-2024-21002 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Supported versions that are affected are Oracle Java SE: 8u401; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to...
3.1CVSS
5.4AI Score
0.0005EPSS
Summary Multiple issues were identified with IBM Runtime Environment, Java Technology Edition, Version 8 which is shipped with IBM MQ. CVE-2023-33850 covers the GSKIT-Crypto (ICC) package used by IBM Runtime Environment, Java Technology Edition. This is separate to the GSKit-SSL package which...
7.5CVSS
6.3AI Score
0.001EPSS
Summary IBM MQ Internet Pass-Thru has addressed a vulnerability in which HTTP requests could cause a denial of service. Vulnerability Details CVEID: CVE-2024-25015 DESCRIPTION: IBM MQ Internet Pass-Thru could allow a remote user to cause a denial of service by sending HTTP requests that would...
7.5CVSS
6.7AI Score
0.0004EPSS
Security Bulletin: IBM MQ is affected by a vulnerability in the IBM Semeru Runtime (CVE-2024-20952)
Summary An issue was identified with IBM Semeru Runtime, Version 17, which is used in IBM MQ Explorer. Vulnerability Details CVEID: CVE-2024-20952 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could allow a remote attacker to cause high confidentiality...
7.4CVSS
6.2AI Score
0.001EPSS
internet-marketing-services.nl Improper Access Control vulnerability OBB-3922306
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
CSAF - Cyber Security Awareness Framework
The Cyber Security Awareness Framework (CSAF) is a structured approach aimed at enhancing Cybersecurity" title="Cybersecurity">cybersecurity awareness and understanding among individuals, organizations, and communities. It provides guidance for the development of effective Cybersecurity"...
7.5AI Score
Eclipse Target Management: Terminal and Remote System Explorer (RSE) version <= 4.5.400 has a remote code execution vulnerability that does not require authentication. The fixed version is included in Eclipse IDE...
9.8CVSS
7.8AI Score
0.0004EPSS
Eclipse Target Management: Terminal and Remote System Explorer (RSE) version <= 4.5.400 has a remote code execution vulnerability that does not require authentication. The fixed version is included in Eclipse IDE...
9.8CVSS
9.9AI Score
0.0004EPSS