Lucene search

K

Event Calendar – Calendar (WordPress Plugin) Security Vulnerabilities

nessus
nessus

AlmaLinux 9 : gvisor-tap-vsock (ALSA-2024:3830)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:3830 advisory. * golang: net/http: memory exhaustion in Request.ParseMultipartForm (CVE-2023-45290) Tenable has extracted the preceding description block directly from the...

5.1AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 9 : libreoffice (RLSA-2024:3835)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3835 advisory. * libreoffice: Improper Input Validation leading to arbitrary gstreamer plugin execution (CVE-2023-6185) * libreoffice: Insufficient macro permission...

8.8CVSS

9.2AI Score

0.001EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : kernel-rt (RLSA-2024:2950)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2950 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. ...

9.8CVSS

7.8AI Score

EPSS

2024-06-14 12:00 AM
1
nessus
nessus

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2019-1)

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2019-1 advisory. The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes. The following...

9.8CVSS

8.4AI Score

0.005EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : python3.11-urllib3 (RLSA-2024:2986)

The remote Rocky Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2024:2986 advisory. * python-urllib3: Cookie request header isn't stripped during cross-origin redirects (CVE-2023-43804) Tenable has extracted the preceding description block...

8.1CVSS

8.3AI Score

0.001EPSS

2024-06-14 12:00 AM
nessus
nessus

Oracle Linux 8 : ruby:3.1 (ELSA-2024-3546)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3546 advisory. ruby [3.1.5-143] - Upgrade to Ruby 3.1.5. Resolves: RHEL-35748 - Fix buffer overread vulnerability in StringIO. Resolves: RHEL-35749 - Fix RCE...

7AI Score

EPSS

2024-06-14 12:00 AM
nessus
nessus

AlmaLinux 9 : 389-ds-base (ALSA-2024:3837)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:3837 advisory. * 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request (CVE-2024-3657) * 389-ds-base: Malformed userPassword may cause...

7.5CVSS

7.9AI Score

0.0004EPSS

2024-06-14 12:00 AM
wpvulndb
wpvulndb

tagDiv Composer < 4.9 - Authenticated (Contributor+) Local File Inclusion via Shortcode

Description The tagDiv Composer plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.8 via the 'td_block_title' shortcode 'block_template_id' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions,...

8.8CVSS

7.9AI Score

0.001EPSS

2024-06-14 12:00 AM
1
nessus
nessus

Fedora 39 : chromium (2024-86e4115138)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-86e4115138 advisory. update to 126.0.6478.55 * High CVE-2024-5830: Type Confusion in V8 * High CVE-2024-5831: Use after free in Dawn * High CVE-2024-5832: Use...

6.9AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

SUSE SLES15 Security Update : python-Pillow (SUSE-SU-2024:1673-2)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1673-2 advisory. - Fixed ImagePath.Path array handling (bsc#1194552, CVE-2022-22815, bsc#1194551, CVE-2022-22816) - Use snprintf instead of sprintf (bsc#1188574,....

9.8CVSS

7.9AI Score

0.007EPSS

2024-06-14 12:00 AM
nessus
nessus

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : tiff (SUSE-SU-2024:2028-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2028-1 advisory. - CVE-2023-3164: Fixed a heap buffer overflow in tiffcrop. (bsc#1212233) Tenable has extracted the...

5.5CVSS

7.5AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Keycloak Installed (Linux)

Keycloak is installed on the remote Linux host. Note that 'Perform thorough tests' is required for this plugin to...

7.3AI Score

2024-06-14 12:00 AM
1
nessus
nessus

Rocky Linux 8 : container-tools:rhel8 (RLSA-2024:3254)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3254 advisory. * buildah: full container escape at build time (CVE-2024-1753) * golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters.....

8.6CVSS

6AI Score

0.002EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : virt:rhel and virt-devel:rhel (RLSA-2024:3253)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3253 advisory. * libvirt: negative g_new0 length can lead to unbounded memory allocation (CVE-2024-2494) Tenable has extracted the preceding description block directly from the.....

6.2CVSS

9.4AI Score

0.001EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : kernel-rt (RLSA-2024:3627)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3627 advisory. * kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240) * kernel: Information disclosure in...

7.8CVSS

9.3AI Score

0.001EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 9 : .NET 7.0 (RLSA-2024:2843)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2843 advisory. * dotnet: stack buffer overrun in Double Parse (CVE-2024-30045) * dotnet: denial of service in ASP.NET Core due to deadlock in...

6.3CVSS

6.8AI Score

0.0005EPSS

2024-06-14 12:00 AM
nessus
nessus

AlmaLinux 9 : rpm-ostree (ALSA-2024:3823)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:3823 advisory. * rpm-ostree: world-readable /etc/shadow file [9.4.z] (JIRA:AlmaLinux-31852) Tenable has extracted the preceding description block directly from the AlmaLinux...

6.2CVSS

7.4AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : glibc (RLSA-2024:3344)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3344 advisory. * glibc: stack-based buffer overflow in netgroup cache (CVE-2024-33599) * glibc: null pointer dereferences after failed netgroup cache insertion ...

7.5AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 9 : ruby:3.1 (RLSA-2024:3668)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3668 advisory. * ruby: Buffer overread vulnerability in StringIO (CVE-2024-27280) * ruby: RCE vulnerability with .rdoc_options in RDoc (CVE-2024-27281) * ruby:...

9AI Score

EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : exempi (RLSA-2024:3066)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3066 advisory. * exempi: denial of service via opening of crafted audio file with ID3V2 frame (CVE-2020-18651) * exempi: denial of service via opening of crafted webp...

6.5CVSS

7.3AI Score

0.001EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : LibRaw (RLSA-2024:2994)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:2994 advisory. * LibRaw: stack buffer overflow in LibRaw_buffer_datastream::gets() in src/libraw_datastream.cpp (CVE-2021-32142) Tenable has extracted the preceding...

7.8CVSS

7.5AI Score

0.001EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : python-pillow (RLSA-2024:3005)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3005 advisory. * python-pillow: uncontrolled resource consumption when textlength in an ImageDraw instance operates on a long text argument (CVE-2023-44271) Tenable has...

7.5CVSS

7AI Score

0.001EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : idm:DL1 (RLSA-2024:3755)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3755 advisory. * CVE-2024-2698 freeipa: delegation rules allow a proxy service to impersonate any user to access another target service * CVE-2024-3183 freeipa:...

8.1CVSS

8.3AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

AlmaLinux 9 : gdk-pixbuf2 (ALSA-2024:3834)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:3834 advisory. * gdk-pixbuf2: heap memory corruption on gdk-pixbuf (CVE-2022-48622) Tenable has extracted the preceding description block directly from the AlmaLinux security...

7.8CVSS

7.9AI Score

0.001EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 9 : nghttp2 (RLSA-2024:3501)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3501 advisory. * nghttp2: CONTINUATION frames DoS (CVE-2024-28182) Tenable has extracted the preceding description block directly from the Rocky Linux security advisory. Note...

5.3CVSS

5.9AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : python39:3.9 and python39-devel:3.9 (RLSA-2024:3466)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3466 advisory. * python39:3.9/python39: python: Path traversal on tempfile.TemporaryDirectory (CVE-2023-6597) * python39:3.9/python39: python: The zipfile module is...

7.8CVSS

7.3AI Score

EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : squashfs-tools (RLSA-2024:3139)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3139 advisory. * squashfs-tools: unvalidated filepaths allow writing outside of destination (CVE-2021-40153) * squashfs-tools: possible Directory Traversal via...

8.1CVSS

10AI Score

0.009EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : ruby:3.1 (RLSA-2024:3546)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3546 advisory. * ruby: RCE vulnerability with .rdoc_options in RDoc (CVE-2024-27281) * ruby: Buffer overread vulnerability in StringIO (CVE-2024-27280) * ruby:...

8.9AI Score

EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 9 : glibc (RLSA-2024:3339)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3339 advisory. * glibc: Out of bounds write in iconv conversion to ISO-2022-CN-EXT (CVE-2024-2961) * glibc: stack-based buffer overflow in netgroup cache...

7.7AI Score

0.0005EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : gstreamer1-plugins-good (RLSA-2024:3089)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3089 advisory. * gstreamer-plugins-good: integer overflow leading to heap overwrite in FLAC image tag handling (CVE-2023-37327) Tenable has extracted the preceding...

7.6CVSS

7.2AI Score

0.0005EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : tomcat (RLSA-2024:3666)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3666 advisory. * Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549) * Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672) Bug...

7.1AI Score

0.0004EPSS

2024-06-14 12:00 AM
1
nessus
nessus

AlmaLinux 9 : c-ares (ALSA-2024:3842)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:3842 advisory. * c-ares: Out of bounds read in ares__read_line() (CVE-2024-25629) Tenable has extracted the preceding description block directly from the AlmaLinux security...

4.4CVSS

5.5AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : pki-core:10.6 and pki-deps:10.6 (RLSA-2024:3061)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3061 advisory. * jackson-databind: denial of service via a large depth of nested objects (CVE-2020-36518) Tenable has extracted the preceding description block directly from...

7.5CVSS

7.2AI Score

0.002EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 9 : 389-ds-base (RLSA-2024:3837)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3837 advisory. * 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request (CVE-2024-3657) * 389-ds-base: Malformed userPassword may cause.....

7.5CVSS

7.8AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 9 : podman (RLSA-2024:3826)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3826 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods....

4.9CVSS

5.9AI Score

0.0005EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : webkit2gtk3 (RLSA-2024:2982)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2982 advisory. * webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2023-40414) * webkitgtk: Processing web content may lead to arbitrary code.....

9.8CVSS

8.7AI Score

0.017EPSS

2024-06-14 12:00 AM
nessus
nessus

Fedora 40 : cyrus-imapd (2024-f3e0255c75)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-f3e0255c75 advisory. - Security fix for CVE-2024-34055 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus.....

6.5CVSS

6.9AI Score

0.0005EPSS

2024-06-14 12:00 AM
wpvulndb
wpvulndb

tagDiv Composer < 4.9 - Authenticated (Author+) Stored Cross-Site Scripting via Attachment Meta

Description The tagDiv Composer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'single' module in all versions up to, and including, 4.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

5.5CVSS

5.9AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : kernel update (Moderate) (RLSA-2024:3618)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3618 advisory. * kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240) * kernel: Information disclosure in...

7.8CVSS

9.5AI Score

0.001EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 9 : tomcat (RLSA-2024:3307)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3307 advisory. * Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549) * Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672) Bug...

7.1AI Score

0.0004EPSS

2024-06-14 12:00 AM
1
nessus
nessus

Rocky Linux 8 : booth (RLSA-2024:3659)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3659 advisory. * booth: specially crafted hash can lead to invalid HMAC being accepted by Booth server (CVE-2024-3049) Tenable has extracted the preceding description block...

7.4CVSS

7.4AI Score

0.001EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : git-lfs (RLSA-2024:3346)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3346 advisory. * golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288) * golang: net/http/cookiejar: incorrect forwarding...

5.8AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 8 : xorg-x11-server (RLSA-2024:3258)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3258 advisory. * xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents (CVE-2024-31080) * xorg-x11-server: Heap buffer overread/data leakage in.....

7.8CVSS

8AI Score

0.0005EPSS

2024-06-14 12:00 AM
nessus
nessus

AlmaLinux 9 : ruby (ALSA-2024:3838)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:3838 advisory. * ruby/cgi-gem: HTTP response splitting in CGI (CVE-2021-33621) * ruby: ReDoS vulnerability in URI (CVE-2023-28755) * ruby: ReDoS vulnerability in Time...

8.8CVSS

7.8AI Score

EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 9 : buildah (RLSA-2024:3827)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3827 advisory. * golang: net/http: memory exhaustion in Request.ParseMultipartForm (CVE-2023-45290) * jose-go: improper handling of highly compressed data...

4.9CVSS

5.9AI Score

0.0005EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 9 : booth (RLSA-2024:3661)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3661 advisory. * booth: specially crafted hash can lead to invalid HMAC being accepted by Booth server (CVE-2024-3049) Tenable has extracted the preceding description block...

7.4CVSS

7.4AI Score

0.001EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 9 : fence-agents (RLSA-2024:3820)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3820 advisory. * jinja2: accepts keys containing non-attribute characters (CVE-2024-34064) Tenable has extracted the preceding description block directly from the Rocky Linux...

5.4CVSS

5.5AI Score

0.0004EPSS

2024-06-14 12:00 AM
1
nessus
nessus

Rocky Linux 8 : libXpm (RLSA-2024:2974)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2974 advisory. * libXpm: out of bounds read in XpmCreateXpmImageFromBuffer() (CVE-2023-43788) * libXpm: out of bounds read on XPM with corrupted colormap...

5.5CVSS

7.5AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 9 : ipa (RLSA-2024:3754)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3754 advisory. * freeipa: delegation rules allow a proxy service to impersonate any user to access another target service (CVE-2024-2698) * freeipa: user can...

8.1CVSS

8.3AI Score

0.0004EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 9 : nodejs:20 (RLSA-2024:2853)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2853 advisory. * c-ares: Out of bounds read in ares__read_line() (CVE-2024-25629) * nghttp2: CONTINUATION frames DoS (CVE-2024-28182) * nodejs: using the fetch()...

5.3CVSS

7.8AI Score

0.0004EPSS

2024-06-14 12:00 AM
Total number of security vulnerabilities269648