Lucene search

K

DP300; IPS Module; NGFW Module; NIP6300; NIP6600; RP200; S12700; S1700; S2700; S5700; S6700; S7700; S9700; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60; TP3106; TP3206; USG9500; ViewPoint 9030 Security Vulnerabilities

nessus
nessus

RHEL 8 : python-lxml (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. python-lxml: XSS in lxml.html.clean module in lxml/html/clean.py (CVE-2018-19787) Note that Nessus has not tested...

6.1CVSS

6.5AI Score

0.004EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 4 : systemtap (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. systemtap: signed module loading race condition (CVE-2011-2503) Note that Nessus has not tested for this issue but...

7.3AI Score

0.0004EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 5 : orca (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. orca: Arbitrary code execution due to insecure CWD Python module load (CVE-2013-4245) Note that Nessus has not...

7.3CVSS

7.5AI Score

0.0004EPSS

2024-06-03 12:00 AM
redos
redos

ROS-20240603-04

Vulnerability of mod_proxy module of Apache HTTP Server web server is related to failure to take measures to process CRLF sequences in HTTP headers. CRLF sequences in HTTP headers. Exploitation of the vulnerability could allow an attacker, acting remotely to perform HTTP response splitting attacks....

9CVSS

6.6AI Score

0.023EPSS

2024-06-03 12:00 AM
1
nessus
nessus

RHEL 7 : perl-email-address (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. perl-Email-Address: denial of service when parsing crafted email address list (CVE-2015-7686) ...

7.5CVSS

8.2AI Score

0.039EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 6 : pam (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. pam: path traversal issue in pam_timestamp's format_timestamp_name() (CVE-2014-2583) The pam_userdb...

6.9AI Score

0.003EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 3 : pam (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 3 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. pam: pam_env and pam_mail accessing users' file with root privileges (CVE-2010-3435) The run_coprocess...

6.8AI Score

0.0004EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 6 : numpy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. numpy: crafted serialized object passed in numpy.load() in pickle python module allows arbitrary code ...

9.8CVSS

7.6AI Score

0.032EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 6 : python-lxml (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. python-lxml: XSS in lxml.html.clean module in lxml/html/clean.py (CVE-2018-19787) Incomplete blacklist...

6.1CVSS

6.6AI Score

0.013EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 8 : firebird (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. firebird: Firebird fbudf Module Authenticated Remote Code Execution (CVE-2017-11509) Note that Nessus has not tested...

8.8CVSS

9AI Score

0.009EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 5 : python-lxml (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. python-lxml: XSS in lxml.html.clean module in lxml/html/clean.py (CVE-2018-19787) Incomplete blacklist...

6.1CVSS

6.6AI Score

0.013EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 9 : nodejs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. nodejs: integrity checks according to policies can be circumvented (CVE-2023-38552) Versions of the...

7.5CVSS

7.8AI Score

EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 5 : busybox (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. busybox: heap-based buffer overflow in OPTION_6RD parsing (CVE-2016-2148) Directory traversal...

9.8CVSS

8.3AI Score

0.088EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 8 : nodejs : (RHSA-2024:3553)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3553 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security...

8.2CVSS

8.4AI Score

0.0004EPSS

2024-06-03 12:00 AM
1
nessus
nessus

RHEL 6 : busybox (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. busybox: heap-based buffer overflow in OPTION_6RD parsing (CVE-2016-2148) Directory traversal...

9.8CVSS

7.2AI Score

0.088EPSS

2024-06-03 12:00 AM
1
nessus
nessus

RHEL 4 : pam (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. pam: pam_env and pam_mail accessing users' file with root privileges (CVE-2010-3435) pam: pam_xauth:...

6.9AI Score

0.0004EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 8 : ruby:3.1 (RHSA-2024:3546)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3546 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

9.5AI Score

EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 7 : perl-dbd-mysql (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. perl-DBD-MySQL: Use-after-free when calling mysql_stmt_error() after mysql_stmt_close() (CVE-2017-10788) ...

9.8CVSS

7.6AI Score

0.019EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 8 : 8.3_libtpms (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libtpms: out-of-bounds access when trying to resume the state of the vTPM (CVE-2021-3623) A flaw was...

6.1CVSS

7AI Score

0.001EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 7 : perl-module-signature (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. perl-Module-Signature: unsigned files interpreted as signed in some circumstances (CVE-2015-3406) ...

7.5CVSS

8.2AI Score

0.016EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 7 : ghostscript (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ghostscript: use-after-free in xps_finish_image_path() in devices/vector/gdevxps.c could result in a ...

7.8CVSS

7.6AI Score

0.014EPSS

2024-06-03 12:00 AM
oraclelinux
oraclelinux

ruby:3.1 security, bug fix, and enhancement update

ruby [3.1.5-143] - Upgrade to Ruby 3.1.5. Resolves: RHEL-35748 - Fix buffer overread vulnerability in StringIO. Resolves: RHEL-35749 - Fix RCE vulnerability with .rdoc_options in RDoc. Resolves: RHEL-35750 - Fix arbitrary memory address read vulnerability with Regex search. Resolves:...

6.5AI Score

EPSS

2024-06-03 12:00 AM
3
nessus
nessus

RHEL 7 : numpy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. numpy: crafted serialized object passed in numpy.load() in pickle python module allows arbitrary code ...

9.8CVSS

8.1AI Score

0.032EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 4 : busybox (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. busybox: Path traversal via crafted tar file containing symlink (CVE-2011-5325) The add_probe function...

7.5CVSS

9.3AI Score

0.013EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 6 : python (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. python: Heap overflow in zipimporter module (CVE-2016-5636) python: Integer overflow in...

9.8CVSS

8.4AI Score

0.09EPSS

2024-06-03 12:00 AM
2
nessus
nessus

RHEL 8 : nodejs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. nodejs: Unitialized buffer due to incorrect encoding (CVE-2017-15897) nodejs: integrity checks according...

7.5CVSS

7.9AI Score

EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 7 : subversion (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. subversion: (mod_dav_svn) integer overflow when parsing skel-encoded request bodies (CVE-2015-5343) The...

7.6CVSS

7.6AI Score

0.943EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 5 : freeradius2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. freeradius: stack-based buffer overflow flaw in rlm_pap module (CVE-2014-2015) Note that Nessus has not tested for...

7AI Score

0.008EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 7 : perl-dbi (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. perl-dbi: Buffer overflow on an overlong DBD class name (CVE-2020-14393) An issue was discovered in the...

7.1CVSS

7.8AI Score

0.002EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 7 : git (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. git: Recursive submodule cloning allows using git directory twice with synonymous directory name...

8.8CVSS

8.1AI Score

0.077EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 6 : flash-plugin (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. flash-plugin: arbitrary code execution via unspecified vulnerability (CVE-2011-4694) Unspecified...

9.2AI Score

0.036EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 6 : perl-dbd-mysql (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. perl-DBD-MySQL: Use-after-free when calling mysql_stmt_error() after mysql_stmt_close() (CVE-2017-10788) ...

9.8CVSS

7.5AI Score

0.019EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 5 : pam (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. pam: DoS/user enumeration due to blocking pipe in pam_unix module (CVE-2015-3238) The pam_userdb module...

6.5CVSS

7.4AI Score

0.006EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 5 : perl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. perl: heap buffer overflow in pp_pack.c (CVE-2018-6913) _is_safe in the File::Temp module for Perl does...

7.8CVSS

8.7AI Score

0.57EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 7 : ansible (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. Ansible: Compromised remote hosts can lead to running commands on the Ansible controller (CVE-2016-9587) ...

8.1CVSS

7.8AI Score

0.014EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 6 : orca (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. orca: Arbitrary code execution due to insecure CWD Python module load (CVE-2013-4245) Note that Nessus has not...

7.3CVSS

7.5AI Score

0.0004EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 8 : python (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. python: tarfile module directory traversal (CVE-2007-4559) python: XML External Entity in XML processing...

9.8CVSS

8.1AI Score

0.025EPSS

2024-06-03 12:00 AM
1
osv
osv

Improper Handling of Insufficient Permissions in `wagtail.contrib.settings`

Impact Due to an improperly applied permission check in the wagtail.contrib.settings module, a user with access to the Wagtail admin and knowledge of the URL of the edit view for a settings model can access and update that setting, even when they have not been granted permission over the model....

5.5CVSS

6.3AI Score

0.0004EPSS

2024-06-02 10:28 PM
github
github

Improper Handling of Insufficient Permissions in `wagtail.contrib.settings`

Impact Due to an improperly applied permission check in the wagtail.contrib.settings module, a user with access to the Wagtail admin and knowledge of the URL of the edit view for a settings model can access and update that setting, even when they have not been granted permission over the model....

5.5CVSS

6.3AI Score

0.0004EPSS

2024-06-02 10:28 PM
5
githubexploit

8.6CVSS

6.2AI Score

0.945EPSS

2024-06-02 08:16 PM
67
redhatcve
redhatcve

CVE-2024-36886

In the Linux kernel, the following vulnerability has been resolved: tipc: fix UAF in error path Sam Page (sam4k) working with Trend Micro Zero Day Initiative reported a UAF in the tipc_buf_append() error path: BUG: KASAN: slab-use-after-free in kfree_skb_list_reason+0x47e/0x4c0...

7.1AI Score

0.0004EPSS

2024-06-02 02:31 PM
1
githubexploit
githubexploit

Exploit for CVE-2024-25600

CVE-2024-25600 Exploit Tool 🚀 Disclaimer: This tool is...

10CVSS

10AI Score

0.001EPSS

2024-06-02 10:49 AM
9
githubexploit
githubexploit

Exploit for CVE-2024-25600

CVE-2024-25600 Exploit Tool 🚀 Disclaimer: This tool is...

10CVSS

10AI Score

0.001EPSS

2024-06-02 10:49 AM
349
zdt
zdt

Flowmon Unauthenticated Command Injection Exploit

This Metasploit module exploits an unauthenticated command injection vulnerability in Progress Flowmon versions before...

10CVSS

7AI Score

0.003EPSS

2024-06-02 12:00 AM
11
zdt
zdt

Progress Flowmon 12.3.5 Local sudo Privilege Escalation Exploit

This Metasploit module abuses a feature of the sudo command on Progress Flowmon. Certain binary files are allowed to automatically elevate with the sudo command. This is based off of the file name. This includes executing a PHP command with a specific file name. If the file is overwritten with PHP....

10CVSS

6.7AI Score

0.003EPSS

2024-06-02 12:00 AM
8
zdt

7.4AI Score

2024-06-02 12:00 AM
10
githubexploit

8.6CVSS

6.3AI Score

0.945EPSS

2024-06-01 02:20 AM
69
nessus
nessus

Oracle Linux 8 : container-tools:ol8 (ELSA-2024-3254)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3254 advisory. aardvark-dns buildah [2:1.33.7-1] - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 ...

8.6CVSS

6.9AI Score

0.002EPSS

2024-06-01 12:00 AM
10
nessus
nessus

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-requests (SUSE-SU-2024:1880-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:1880-1 advisory. - CVE-2024-35195: Fixed cert verification regardless of changes to the value of verify (bsc#1224788). ...

5.6CVSS

5.5AI Score

0.0004EPSS

2024-06-01 12:00 AM
1
nessus
nessus

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : Java (SUSE-SU-2024:1874-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1874-1 advisory. This update for Java fixes thefollowing issues: apiguardian was updated to vesion 1.1.2: - Added...

7.5CVSS

8.2AI Score

0.005EPSS

2024-06-01 12:00 AM
6
Total number of security vulnerabilities116390