G9 Lite, Honor 5A, Honor 6X, Honor 8 Security Vulnerabilities
CVE-2021-3571 affecting package linuxptp 2.0-8
CVE-2021-3571 affecting package linuxptp 2.0-8. This CVE either no longer is or was never...
7.1AI Score
0.003EPSS
CVE-2023-22609 affecting package binutils 2.37-8
CVE-2023-22609 affecting package binutils 2.37-8. This CVE either no longer is or was never...
6.7AI Score
CVE-2023-22604 affecting package binutils 2.37-8
CVE-2023-22604 affecting package binutils 2.37-8. This CVE either no longer is or was never...
6.7AI Score
CVE-2023-22607 affecting package binutils 2.37-8
CVE-2023-22607 affecting package binutils 2.37-8. This CVE either no longer is or was never...
6.7AI Score
CVE-2019-20633 affecting package patch 2.7.6-8
CVE-2019-20633 affecting package patch 2.7.6-8. No patch is available...
5.8AI Score
0.001EPSS
CVE-2023-22606 affecting package binutils 2.37-8
CVE-2023-22606 affecting package binutils 2.37-8. This CVE either no longer is or was never...
6.7AI Score
CVE-2022-41725 affecting package gcc 11.2.0-8
CVE-2022-41725 affecting package gcc 11.2.0-8. This CVE either no longer is or was never...
9.1AI Score
0.001EPSS
CVE-2022-2990 affecting package buildah 1.18.0-8
CVE-2022-2990 affecting package buildah 1.18.0-8. This CVE either no longer is or was never...
9.4AI Score
0.0005EPSS
CVE-2022-41724 affecting package gcc 11.2.0-8
CVE-2022-41724 affecting package gcc 11.2.0-8. This CVE either no longer is or was never...
9.1AI Score
0.001EPSS
CVE-2023-22605 affecting package binutils 2.37-8
CVE-2023-22605 affecting package binutils 2.37-8. This CVE either no longer is or was never...
6.7AI Score
CVE-2023-22603 affecting package binutils 2.37-8
CVE-2023-22603 affecting package binutils 2.37-8. This CVE either no longer is or was never...
6.7AI Score
CVE-2023-44487 affecting package kata-containers for versions less than 3.1.0-8
CVE-2023-44487 affecting package kata-containers for versions less than 3.1.0-8. A patched version of the package is...
7.8AI Score
0.72EPSS
CVE-2020-25657 affecting package m2crypto 0.35.2-8
CVE-2020-25657 affecting package m2crypto 0.35.2-8. No patch is available...
7.5AI Score
0.002EPSS
CVE-2020-8563 affecting package kubernetes-1.18.14 1.18.14-8
CVE-2020-8563 affecting package kubernetes-1.18.14 1.18.14-8. No patch is available...
7.5AI Score
0.0005EPSS
CVE-2023-44487 affecting package kata-containers for versions less than 3.1.0-8
CVE-2023-44487 affecting package kata-containers for versions less than 3.1.0-8. A patched version of the package is...
8.2AI Score
0.72EPSS
The Supreme Modules Lite – Divi Theme, Extra Theme and Divi Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘button_one_id’ parameter in all versions up to, and including, 2.5.51 due to insufficient input sanitization and output escaping. This makes it possible...
5.9AI Score
Oracle Linux 8 : container-tools:ol8 (ELSA-2024-3254)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3254 advisory. aardvark-dns buildah [2:1.33.7-1] - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 ...
7.4AI Score
7AI Score
0.004EPSS
Oracle Linux 8 : idm:DL1 / and / idm:client (ELSA-2024-3267)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3267 advisory. bind-dyndb-ldap custodia ipa [4.9.13-9.0.1] - Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674] [9.4.13-9] - dcerpc:...
7.3AI Score
Oracle Linux 8 : virt:ol / and / virt-devel:rhel (ELSA-2024-3253)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3253 advisory. hivex libguestfs libguestfs-winsupport libiscsi libnbd libtpms libvirt [8.0.0-23.1.0.1] - Set SOURCE_DATE_EPOCH from changelog...
8AI Score
Oracle Linux 8 : go-toolset:ol8 (ELSA-2024-3259)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3259 advisory. delve golang [1.21.9-1] - Fix CVE-2023-45288 - Resolves: RHEL-31915 go-toolset [1.21.9-1] - Fix CVE-2023-45288 - Resolves: RHEL-31915 ...
7.5AI Score
7.5AI Score
7.4AI Score
7.5AI Score
(RHSA-2024:3530) Important: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): kernel: nf_tables: use-after-free vulnerability in the nft_verdict_init() function (CVE-2024-1086) kernel: net: bridge: data races...
6.8AI Score
0.003EPSS
(RHSA-2024:3529) Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: nf_tables: use-after-free vulnerability in the nft_verdict_init() function (CVE-2024-1086) kernel: net: bridge: data races indata-races in br_handle_frame_finish() (CVE-2023-52578) ...
6.7AI Score
0.003EPSS
(RHSA-2024:3528) Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: NULL pointer dereference in can_rcv_filter (CVE-2023-2166) kernel: Slab-out-of-bound read in compare_netdev_and_ip (CVE-2023-2176) kernel: nf_tables: use-after-free vulnerability...
6.7AI Score
0.003EPSS
Ars0N-Framework - A Modern Framework For Bug Bounty Hunting
Howdy! My name is Harrison Richardson, or rs0n (arson) when I want to feel cooler than I really am. The code in this repository started as a small collection of scripts to help automate many of the common Bug Bounty hunting processes I found myself repeating. Over time, I built a simple web...
7AI Score
New banking trojan “CarnavalHeist” targets Brazil with overlay attacks
Since February 2024, Cisco Talos has been observing an active campaign targeting Brazilian users with a new banking trojan called "CarnavalHeist." Many of the observed tactics, techniques and procedures (TTPs) are common among other banking trojans coming out of Brazil. This family has also been...
8AI Score
7.4AI Score
In the Linux kernel, the following vulnerability has been resolved: tipc: fix UAF in error path Sam Page (sam4k) working with Trend Micro Zero Day Initiative reported a UAF in the tipc_buf_append() error path: BUG: KASAN: slab-use-after-free in kfree_skb_list_reason+0x47e/0x4c0...
7.1AI Score
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() When I did memory failure tests recently, below warning occurs: DEBUG_LOCKS_WARN_ON(1) WARNING: CPU: 8 PID: 1011 at kernel/locking/lockdep.c:232...
7.2AI Score
AlmaLinux 8 : python39:3.9 and python39-devel:3.9 (ALSA-2024:3466)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:3466 advisory. * python39:3.9/python39: python: Path traversal on tempfile.TemporaryDirectory (CVE-2023-6597) * python39:3.9/python39: python: The zipfile module is...
7AI Score
python39:3.9 and python39-devel:3.9 security update
mod_wsgi numpy python39 [3.9.19-1] - Update to 3.9.19 - Security fixes for CVE-2023-6597 and CVE-2024-0450 - Fix tests for XMLPullParser with Expat with fixed CVE Resolves: RHEL-33676, RHEL-33688 python3x-pip python3x-setuptools python3x-six python-cffi python-chardet python-cryptography...
7.2AI Score
0.0005EPSS
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:1870-1)
The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1870-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following...
8.2AI Score
AlmaLinux 8 : ruby:3.0 (ALSA-2024:3500)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:3500 advisory. * ruby/cgi-gem: HTTP response splitting in CGI (CVE-2021-33621) * ruby: ReDoS vulnerability in URI (CVE-2023-28755) * ruby: ReDoS vulnerability in Time...
7.7AI Score
ruby [3.0.7-143] - Fix Zlib test failures on s390x due to HW acceleration Related: RHEL-36189 [3.0.7-142] - Upgrade to Ruby 3.0.7. Resolves: RHEL-36189 - Fix HTTP response splitting in CGI. Resolves: RHEL-36193 - Fix ReDoS vulnerability in URI. Resolves: RHEL-36196 - Fix ReDoS...
7.1AI Score
0.003EPSS
In the Linux kernel, the following vulnerability has been resolved: workqueue: Fix selection of wake_cpu in kick_pool() With cpu_possible_mask=0-63 and cpu_online_mask=0-7 the following kernel oops was observed: smp: Bringing up secondary CPUs ... smp: Brought up 1 node, 8 CPUs Unable to handle...
7.1AI Score
7.4AI Score
Oracle Linux 8 : glibc (ELSA-2024-3344)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3344 advisory. [2.28-251.0.2.2] - Forward port of Oracle patches over 2.28-251.2 Reviewed-by: Jose E. Marchesi <[email protected]> Oracle history: ...
6.6AI Score
Statamic is a, Laravel + Git powered CMS designed for building websites. In affected versions users registering via the user:register_form tag will have their password confirmation stored in plain text in their user file. This only affects sites matching all of the following conditions: 1. Running....
6.5AI Score
In the Linux kernel, the following vulnerability has been resolved: tipc: fix UAF in error path Sam Page (sam4k) working with Trend Micro Zero Day Initiative reported a UAF in the tipc_buf_append() error path: BUG: KASAN: slab-use-after-free in kfree_skb_list_reason+0x47e/0x4c0...
6.5AI Score
In the Linux kernel, the following vulnerability has been resolved: workqueue: Fix selection of wake_cpu in kick_pool() With cpu_possible_mask=0-63 and cpu_online_mask=0-7 the following kernel oops was observed: smp: Bringing up secondary CPUs ... smp: Brought up 1 node, 8 CPUs Unable to handle...
6.5AI Score
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() When I did memory failure tests recently, below warning occurs: DEBUG_LOCKS_WARN_ON(1) WARNING: CPU: 8 PID: 1011 at kernel/locking/lockdep.c:232...
6.6AI Score
Attackers are impersonating a road toll payment processor across the U.S. in phishing attacks
My wife (no stranger to weird types of scams) recently received a fake text message from someone claiming to be New Jersey's E-ZPass program saying that she had an outstanding balance from highway tolls that she owed, prompting her to visit a site so she could pay and avoid additional fines. There....
7.4AI Score
In the Linux kernel, the following vulnerability has been resolved: firewire: ohci: mask bus reset interrupts between ISR and bottom half In the FireWire OHCI interrupt handler, if a bus reset interrupt has occurred, mask bus reset interrupts until bus_reset_work has serviced and cleared the...
6.5AI Score
In the Linux kernel, the following vulnerability has been resolved: firewire: ohci: mask bus reset interrupts between ISR and bottom half In the FireWire OHCI interrupt handler, if a bus reset interrupt has occurred, mask bus reset interrupts until bus_reset_work has serviced and cleared the...
7.2AI Score
In the Linux kernel, the following vulnerability has been resolved: bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue Fix NULL pointer data-races in sk_psock_skb_ingress_enqueue() which syzbot reported [1]. [1] BUG: KCSAN: data-race in sk_psock_drop /...
7.2AI Score
In the Linux kernel, the following vulnerability has been resolved: nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment(). syzbot triggered various splats (see [0] and links) by a crafted GSO packet of VIRTIO_NET_HDR_GSO_UDP layering the following protocols:...
7.4AI Score
In the Linux kernel, the following vulnerability has been resolved: bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue Fix NULL pointer data-races in sk_psock_skb_ingress_enqueue() which syzbot reported [1]. [1] BUG: KCSAN: data-race in sk_psock_drop /...
6.5AI Score