RHEL 8 : glibc (RHSA-2024:3312)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3312 advisory. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the...
8.1AI Score
RHEL 8 : gdk-pixbuf2 (RHSA-2024:3341)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3341 advisory. The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits...
7.5AI Score
[1.13.1-8] - Fix copy/paste error in the DeviceStateNotify Resolves: RHEL-20530 [1.13.1-7] - Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice Resolves: RHEL-20388 - Fix CVE-2024-21885 tigervnc: xorg-x11-server: heap buffer overflow in...
7.2AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: msft: fix slab-use-after-free in msft_do_close() Tying the msft->data lifetime to hdev by freeing it in hci_release_dev() to fix the following case: [use] msft_do_close() msft = hdev->msft_data; if (!msft) ...(1) &...
6.6AI Score
0.0004EPSS
[8.0p1-24.0.1] - Update upstream references [Orabug: 36587718] [8.0p1-24] - Providing a kill switch for scp to deal with CVE-2020-15778 Resolves: RHEL-22870 [8.0p1-23] - Fix Terrapin attack Resolves: RHEL-19308 [8.0p1-22] - Fix Terrapin attack Resolves: RHEL-19308 - Forbid shell metasymbols...
6.9AI Score
0.004EPSS
[20220126gitbb1bba3d77-13] - edk2-EmbeddedPkg-Hob-Integer-Overflow-in-CreateHob.patch [RHEL-21158] - edk2-StandaloneMmPkg-Hob-Integer-Overflow-in-CreateHob.patch [RHEL-21158] - Resolves: RHEL-21158 (CVE-2022-36765 edk2: integer overflow in CreateHob() could lead to HOB OOB R/W [rhel-8])...
7.5AI Score
0.006EPSS
Important: .NET 7.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.119 and .NET Runtime 7.0.19....
6.5AI Score
0.0005EPSS
RHEL 8 : bind and dhcp (RHSA-2024:3271)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3271 advisory. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named);.....
8AI Score
6.9AI Score
0.001EPSS
RHEL 8 : pki-core:10.6 and pki-deps:10.6 (RHSA-2024:3061)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3061 advisory. The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System. Security Fix(es): *...
6.5AI Score
RHEL 8 : libssh (RHSA-2024:3233)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3233 advisory. libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fix(es): *...
5.8AI Score
The version of Tomcat installed on the remote host is prior to 8.5.65. It is, therefore, affected by a vulnerability as referenced in the fixed_in_apache_tomcat_8.5.65_security-8 advisory. A vulnerability in Apache Tomcat allows an attacker to remotely trigger a denial of service. An error ...
7.2AI Score
RHEL 8 : grafana (RHSA-2024:3265)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3265 advisory. An update for grafana is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security...
7.5AI Score
RHEL 8 : xorg-x11-server-Xwayland (RHSA-2024:2996)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:2996 advisory. Xwayland is an X server for running X clients under Wayland. Security Fix(es): * xorg-x11-server: Out-of-bounds write in...
8.2AI Score
RHEL 8 : varnish:6 (RHSA-2024:3305)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3305 advisory. Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and...
7.3AI Score
RHEL 8 : Image builder components (RHSA-2024:2961)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2961 advisory. Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security...
6.3AI Score
RHEL 8 : libtiff (RHSA-2024:3059)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3059 advisory. An update for libtiff is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of...
7.3AI Score
RHEL 8 : perl-Convert-ASN1 (RHSA-2024:3049)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3049 advisory. Convert::ASN1 encodes and decodes ASN.1 data structures using BER/DER rules. Security Fix(es): * perl-Convert-ASN1: allows remote attackers to cause...
6.4AI Score
RHEL 8 : edk2 (RHSA-2024:3017)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3017 advisory. EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI...
7.9AI Score
RHEL 8 : python-pillow (RHSA-2024:3005)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3005 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal...
6.1AI Score
RHEL 8 : fence-agents (RHSA-2024:2968)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2968 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or...
6.6AI Score
RHEL 8 : linux-firmware (RHSA-2024:3178)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3178 advisory. The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix(es): * hw:...
7AI Score
RHEL 8 : xorg-x11-server (RHSA-2024:3258)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3258 advisory. X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical...
7.7AI Score
RHEL 8 : poppler (RHSA-2024:2979)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2979 advisory. Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince. Security Fix(es): * poppler: NULL pointer...
6.1AI Score
RHEL 8 : python-jinja2 (RHSA-2024:3102)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3102 advisory. The python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports...
6AI Score
RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2024:2962)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2962 advisory. Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module...
6.4AI Score
RHEL 8 : motif (RHSA-2024:3022)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3022 advisory. The motif packages include the Motif shared libraries needed to run applications which are dynamically linked against Motif, as well as...
6.6AI Score
The version of Tomcat installed on the remote host is prior to 8.5.38. It is, therefore, affected by a vulnerability as referenced in the fixed_in_apache_tomcat_8.5.38_security-8 advisory. The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.14 and 8.5.0 to 8.5.37 accepted streams with ...
7.2AI Score
RHEL 8 : tigervnc (RHSA-2024:3067)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3067 advisory. Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine...
6AI Score
RHEL 8 : webkit2gtk3 (RHSA-2024:2982)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2982 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fix(es): * webkitgtk: Processing web...
9.1AI Score
[3.5.12-11] - Drop hardening patches from previous version to keep ABI compatibility [3.5.12-10] - CVE-2023-43786 libX11: stack exhaustion from infinite recursion in PutSubImage() - CVE-2023-43787 libX11: integer overflow in XCreateImage() leading to a heap overflow - CVE-2023-43788 libXpm:...
6.9AI Score
0.0004EPSS
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2953 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fix(es): * rubygem-rack:...
5.7AI Score
Apache Tomcat 9.0.0.M1 < 9.0.0.M13 multiple vulnerabilities
The version of Tomcat installed on the remote host is prior to 9.0.0.M13. It is, therefore, affected by multiple vulnerabilities as referenced in the fixed_in_apache_tomcat_9.0.0.m13_security-9 advisory. Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x...
7AI Score
python3.11-urllib3 security update
[1.26.12-2] - Security fix for CVE-2023-43804 Resolves:...
6.9AI Score
0.001EPSS
CentOS 8 : .NET 7.0 (CESA-2024:3340)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:3340 advisory. .NET and Visual Studio Remote Code Execution Vulnerability (CVE-2024-30045) Visual Studio Denial of Service Vulnerability (CVE-2024-30046) Note...
8.3AI Score
RHEL 8 : tigervnc (RHSA-2024:3261)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3261 advisory. Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the...
7.7AI Score
ansible-core bug fix, enhancement, and security update
[2.16.3-2] - rebuild with python 3.12 (RHEL-24141) [2.16.3-1] - ansible-core 2.16.3 release (RHEL-23782) - Fix CVE-2024-0690 (possible information leak in tasks that ignore ANSIBLE_NO_LOG configuration) (RHEL-22123) [2.16.2-1] - ansible-core 2.16.2 release (RHEL-19297) [2.16.1-1] - ansible-core...
6.6AI Score
0.0004EPSS
gstreamer1-plugins-base security update
[1.16.1-3.0.1] - Update origin URL [Orabug: 36209826] [1.16.1-3] - CVE-2023-37328 gstreamer1-plugins-base: heap overwrite in subtitle parsing - Resolves:...
6.9AI Score
0.0005EPSS
Important: xorg-x11-server-Xwayland security update
Xwayland is an X server for running X clients under Wayland. Security Fix(es): xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents (CVE-2024-31080) xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice (CVE-2024-31081) xorg-x11-server:...
6.9AI Score
0.0005EPSS
Important: git-lfs security update
Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fix(es): golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS...
6.7AI Score
0.0004EPSS
[4.0.9-31] - Fix CVE-2022-3599 CVE-2022-4645 - Resolves: RHEL-5399 [4.0.9-30] - Bump specfile to retrigger gating - Add tests folder for standard beakerlib - Related: RHEL-4683 RHEL-4685 RHEL-4686 RHEL-4687...
6.9AI Score
0.0004EPSS
Important: python3 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security...
6.8AI Score
0.0005EPSS
Moderate: gdk-pixbuf2 security update
The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. Security Fix(es): gdk-pixbuf2: heap memory corruption on gdk-pixbuf (CVE-2022-48622) For more details about the security...
7.1AI Score
0.001EPSS
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect() Extend a critical section to prevent chan from early freeing. Also make the l2cap_connect() return type void. Nothing is using the returned value but it is ugly to...
6.6AI Score
0.0004EPSS
CentOS 8 : glibc (CESA-2024:3344)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:3344 advisory. nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests...
8AI Score
RHEL 8 : glibc (RHSA-2024:3309)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3309 advisory. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the...
8.9AI Score
[2.4.5-4] - Fix CVE-2020-18652 - Resolves: RHEL-5416 [2.4.5-3] - Fix CVE-2020-18651 - Resolves:...
7AI Score
0.001EPSS
Important: .NET 7.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.119 and .NET Runtime 7.0.19....
6.3AI Score
0.0005EPSS
(RHSA-2024:3299) Moderate: libxml2 security update
The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): libxml2: use-after-free in XMLReader (CVE-2024-25062) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related...
6.9AI Score
0.0005EPSS
(RHSA-2024:2768) Moderate: Red Hat OpenStack Platform 17.1 (python-paramiko) security update
Paramiko, a combination of the esperanto words for paranoid and friend, is a module for python 2.3 or greater that implements the SSH2 protocol for secure (encrypted and authenticated) connections to remote machines. Unlike SSL (aka TLS), the SSH2 protocol does not require heirarchical...
7.5AI Score
0.962EPSS