Lucene search

K

DP300,IPS Module,NGFW Module,NIP6300,NIP6600,NIP6800,RP200,SVN5600,SVN5800,SVN5800-C,Secospace USG6300,Secospace USG6500,Secospace USG6600,TE30,TE40,TE50,TE60,TP3206,USG9500, Security Vulnerabilities

nessus
nessus

Rocky Linux 8 : cockpit (RLSA-2024:3667)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3667 advisory. * cockpit: command injection when deleting a sosreport with a crafted name (CVE-2024-2947) Tenable has extracted the preceding description block directly from...

7.3CVSS

7.4AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : idm:DL1 (RLSA-2024:3044)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3044 advisory. * freeipa: specially crafted HTTP requests potentially lead to denial of service (CVE-2024-1481) Tenable has extracted the preceding description block directly...

5.3CVSS

6.8AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : ghostscript (RLSA-2024:2966)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:2966 advisory. * ghostscript: Divide by zero in eps_print_page in gdevepsn.c (CVE-2020-21710) Tenable has extracted the preceding description block directly from the Rocky...

5.5CVSS

7AI Score

0.001EPSS

2024-06-14 12:00 AM
nessus
nessus

AlmaLinux 9 : gvisor-tap-vsock (ALSA-2024:3830)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:3830 advisory. * golang: net/http: memory exhaustion in Request.ParseMultipartForm (CVE-2023-45290) Tenable has extracted the preceding description block directly from the...

5.1AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : kernel-rt (RLSA-2024:2950)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2950 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. ...

9.8CVSS

7.8AI Score

EPSS

2024-06-14 12:00 AM
1
nessus
nessus

Rocky Linux 8 : grafana (RLSA-2024:3265)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3265 advisory. * golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394) * grafana: vulnerable to authorization bypass...

7.5CVSS

7.8AI Score

0.0005EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : libtiff (RLSA-2024:3059)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3059 advisory. * libtiff: out-of-bounds read in tiffcp in tools/tiffcp.c (CVE-2022-4645) Tenable has extracted the preceding description block directly from the Rocky Linux...

6.8CVSS

6.9AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : go-toolset:rhel8 (RLSA-2024:3259)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3259 advisory. * golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288) * golang: net/http/cookiejar: incorrect forwarding...

5.8AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

AlmaLinux 9 : cockpit (ALSA-2024:3843)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:3843 advisory. * cockpit: command injection when deleting a sosreport with a crafted name (CVE-2024-2947) Tenable has extracted the preceding description block directly from the...

7.3CVSS

7.4AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 9 : libreoffice (RLSA-2024:3835)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3835 advisory. * libreoffice: Improper Input Validation leading to arbitrary gstreamer plugin execution (CVE-2023-6185) * libreoffice: Insufficient macro permission...

8.8CVSS

9.2AI Score

0.001EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 9 : .NET 8.0 (RLSA-2024:2842)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2842 advisory. * dotnet: stack buffer overrun in Double Parse (CVE-2024-30045) * dotnet: denial of service in ASP.NET Core due to deadlock in...

6.3CVSS

6.8AI Score

0.0005EPSS

2024-06-14 12:00 AM
nessus
nessus

AlmaLinux 9 : 389-ds-base (ALSA-2024:3837)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:3837 advisory. * 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request (CVE-2024-3657) * 389-ds-base: Malformed userPassword may cause...

7.5CVSS

7.9AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : python3.11-urllib3 (RLSA-2024:2986)

The remote Rocky Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2024:2986 advisory. * python-urllib3: Cookie request header isn't stripped during cross-origin redirects (CVE-2023-43804) Tenable has extracted the preceding description block...

8.1CVSS

8.3AI Score

0.001EPSS

2024-06-14 12:00 AM
nessus
nessus

Rejetto HTTP File Server 2.x Remote Code Execution

Rejetto HTTP File Server 2.x, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP...

8.4AI Score

2024-06-14 12:00 AM
ubuntucve
ubuntucve

CVE-2024-35326

libyaml v0.2.5 is vulnerable to Buffer Overflow. Affected by this issue is the function yaml_emitter_emit of the file /src/libyaml/src/emitter.c. The manipulation leads to a double-free. Notes Author| Note ---|--- jdstrand | golang-goyaml is a go translation of libyaml and shouldn't share...

7.2AI Score

0.0004EPSS

2024-06-14 12:00 AM
exploitdb

9.8CVSS

7.4AI Score

0.919EPSS

2024-06-14 12:00 AM
58
nessus
nessus

Fedora 39 : chromium (2024-86e4115138)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-86e4115138 advisory. update to 126.0.6478.55 * High CVE-2024-5830: Type Confusion in V8 * High CVE-2024-5831: Use after free in Dawn * High CVE-2024-5832: Use...

6.9AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

SUSE SLES15 Security Update : python-Pillow (SUSE-SU-2024:1673-2)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1673-2 advisory. - Fixed ImagePath.Path array handling (bsc#1194552, CVE-2022-22815, bsc#1194551, CVE-2022-22816) - Use snprintf instead of sprintf (bsc#1188574,....

9.8CVSS

7.9AI Score

0.007EPSS

2024-06-14 12:00 AM
nessus
nessus

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : tiff (SUSE-SU-2024:2028-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2028-1 advisory. - CVE-2023-3164: Fixed a heap buffer overflow in tiffcrop. (bsc#1212233) Tenable has extracted the...

5.5CVSS

7.5AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Keycloak Installed (Linux)

Keycloak is installed on the remote Linux host. Note that 'Perform thorough tests' is required for this plugin to...

7.3AI Score

2024-06-14 12:00 AM
1
openvas
openvas

Mageia: Security Advisory (MGASA-2024-0217)

The remote host is missing an update for...

7.5AI Score

0.0004EPSS

2024-06-14 12:00 AM
2
nessus
nessus

Rocky Linux 8 : container-tools:rhel8 (RLSA-2024:3254)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3254 advisory. * buildah: full container escape at build time (CVE-2024-1753) * golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters.....

8.6CVSS

6AI Score

0.002EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : virt:rhel and virt-devel:rhel (RLSA-2024:3253)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3253 advisory. * libvirt: negative g_new0 length can lead to unbounded memory allocation (CVE-2024-2494) Tenable has extracted the preceding description block directly from the.....

6.2CVSS

9.4AI Score

0.001EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : kernel-rt (RLSA-2024:3627)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3627 advisory. * kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240) * kernel: Information disclosure in...

7.8CVSS

9.3AI Score

0.001EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 9 : .NET 7.0 (RLSA-2024:2843)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2843 advisory. * dotnet: stack buffer overrun in Double Parse (CVE-2024-30045) * dotnet: denial of service in ASP.NET Core due to deadlock in...

6.3CVSS

6.8AI Score

0.0005EPSS

2024-06-14 12:00 AM
nessus
nessus

AlmaLinux 9 : rpm-ostree (ALSA-2024:3823)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:3823 advisory. * rpm-ostree: world-readable /etc/shadow file [9.4.z] (JIRA:AlmaLinux-31852) Tenable has extracted the preceding description block directly from the AlmaLinux...

6.2CVSS

7.4AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : glibc (RLSA-2024:3344)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3344 advisory. * glibc: stack-based buffer overflow in netgroup cache (CVE-2024-33599) * glibc: null pointer dereferences after failed netgroup cache insertion ...

7.5AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 9 : ruby:3.1 (RLSA-2024:3668)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3668 advisory. * ruby: Buffer overread vulnerability in StringIO (CVE-2024-27280) * ruby: RCE vulnerability with .rdoc_options in RDoc (CVE-2024-27281) * ruby:...

9AI Score

EPSS

2024-06-14 12:00 AM
nessus
nessus

Fortinet FortiClient (FG-IR-22-299)

The version of FortiClient installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-299 advisory. A incorrect authorization in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 -...

7.1CVSS

7.1AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Fortinet FortiClient (FG-IR-21-167)

The version of FortiClient installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-167 advisory. A improper control of a resource through its lifetime in Fortinet FortiClientWindows version 6.4.1 and 6.4.0, version...

4.4CVSS

7.3AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : exempi (RLSA-2024:3066)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3066 advisory. * exempi: denial of service via opening of crafted audio file with ID3V2 frame (CVE-2020-18651) * exempi: denial of service via opening of crafted webp...

6.5CVSS

7.3AI Score

0.001EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : LibRaw (RLSA-2024:2994)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:2994 advisory. * LibRaw: stack buffer overflow in LibRaw_buffer_datastream::gets() in src/libraw_datastream.cpp (CVE-2021-32142) Tenable has extracted the preceding...

7.8CVSS

7.5AI Score

0.001EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : python-pillow (RLSA-2024:3005)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3005 advisory. * python-pillow: uncontrolled resource consumption when textlength in an ImageDraw instance operates on a long text argument (CVE-2023-44271) Tenable has...

7.5CVSS

7AI Score

0.001EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : idm:DL1 (RLSA-2024:3755)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3755 advisory. * CVE-2024-2698 freeipa: delegation rules allow a proxy service to impersonate any user to access another target service * CVE-2024-3183 freeipa:...

8.1CVSS

8.3AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

AlmaLinux 9 : gdk-pixbuf2 (ALSA-2024:3834)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:3834 advisory. * gdk-pixbuf2: heap memory corruption on gdk-pixbuf (CVE-2022-48622) Tenable has extracted the preceding description block directly from the AlmaLinux security...

7.8CVSS

7.9AI Score

0.001EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 9 : nghttp2 (RLSA-2024:3501)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3501 advisory. * nghttp2: CONTINUATION frames DoS (CVE-2024-28182) Tenable has extracted the preceding description block directly from the Rocky Linux security advisory. Note...

5.3CVSS

5.9AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : python39:3.9 and python39-devel:3.9 (RLSA-2024:3466)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3466 advisory. * python39:3.9/python39: python: Path traversal on tempfile.TemporaryDirectory (CVE-2023-6597) * python39:3.9/python39: python: The zipfile module is...

7.8CVSS

7.3AI Score

EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : squashfs-tools (RLSA-2024:3139)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3139 advisory. * squashfs-tools: unvalidated filepaths allow writing outside of destination (CVE-2021-40153) * squashfs-tools: possible Directory Traversal via...

8.1CVSS

10AI Score

0.009EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : ruby:3.1 (RLSA-2024:3546)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3546 advisory. * ruby: RCE vulnerability with .rdoc_options in RDoc (CVE-2024-27281) * ruby: Buffer overread vulnerability in StringIO (CVE-2024-27280) * ruby:...

8.9AI Score

EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 9 : glibc (RLSA-2024:3339)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3339 advisory. * glibc: Out of bounds write in iconv conversion to ISO-2022-CN-EXT (CVE-2024-2961) * glibc: stack-based buffer overflow in netgroup cache...

7.7AI Score

0.0005EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : gstreamer1-plugins-good (RLSA-2024:3089)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3089 advisory. * gstreamer-plugins-good: integer overflow leading to heap overwrite in FLAC image tag handling (CVE-2023-37327) Tenable has extracted the preceding...

7.6CVSS

7.2AI Score

0.0005EPSS

2024-06-14 12:00 AM
nessus
nessus

Fortinet FortiClient (FG-IR-22-059) (macOS)

The version of FortiClient installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-059 advisory. The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for...

7.5CVSS

7AI Score

0.013EPSS

2024-06-14 12:00 AM
nessus
nessus

Fortinet FortiClient (FG-IR-22-235) (macOS)

The version of FortiClient installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-235 advisory. An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClient for Windows 7.2.0,...

3.3CVSS

6.6AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : tomcat (RLSA-2024:3666)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3666 advisory. * Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549) * Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672) Bug...

7.1AI Score

0.0004EPSS

2024-06-14 12:00 AM
1
nessus
nessus

Cisco Adaptive Security Appliance Software Authorization Bypass (cisco-sa-asaftd-saml-bypass-KkNvXyKW)

A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN services in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to successfully establish a VPN session on an...

5CVSS

7.4AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

AlmaLinux 9 : c-ares (ALSA-2024:3842)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:3842 advisory. * c-ares: Out of bounds read in ares__read_line() (CVE-2024-25629) Tenable has extracted the preceding description block directly from the AlmaLinux security...

4.4CVSS

5.5AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

GitLab 16.10.0 < 16.10.6 / 16.11.0 < 16.11.3 (CVE-2024-5469)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: DoS in KAS in GitLab CE/EE affecting all versions from 16.10.0 prior to 16.10.6 and 16.11.0 prior to 16.11.3 allows an attacker to crash KAS via crafted gRPC requests. (CVE-2024-5469) Note that...

3.1CVSS

4AI Score

0.0004EPSS

2024-06-14 12:00 AM
1
nessus
nessus

Rocky Linux 8 : pki-core:10.6 and pki-deps:10.6 (RLSA-2024:3061)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3061 advisory. * jackson-databind: denial of service via a large depth of nested objects (CVE-2020-36518) Tenable has extracted the preceding description block directly from...

7.5CVSS

7.2AI Score

0.002EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : webkit2gtk3 (RLSA-2024:2982)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2982 advisory. * webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2023-40414) * webkitgtk: Processing web content may lead to arbitrary code.....

9.8CVSS

8.7AI Score

0.017EPSS

2024-06-14 12:00 AM
nessus
nessus

OpenTelemetry Collector < 0.102.1 DoS

The OpenTelemetry Collector offers a vendor-agnostic implementation on how to receive, process and export telemetry data. An unsafe decompression vulnerability allows unauthenticated attackers to crash the collector via excessive memory consumption. OTel Collector version 0.102.1 fixes this issue.....

8.2CVSS

8.2AI Score

0.0004EPSS

2024-06-14 12:00 AM
Total number of security vulnerabilities1446144