CVE-2024-26970 clk: qcom: gcc-ipq6018: fix terminating of frequency table arrays
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq6018: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid...
7.8AI Score
0.0004EPSS
CVE-2024-26969 clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid...
7.8AI Score
0.0004EPSS
CVE-2024-26968 clk: qcom: gcc-ipq9574: fix terminating of frequency table arrays
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq9574: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid...
6.7AI Score
0.0004EPSS
CVE-2024-26967 clk: qcom: camcc-sc8280xp: fix terminating of frequency table arrays
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: camcc-sc8280xp: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid...
6.7AI Score
0.0004EPSS
CVE-2024-26966 clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid...
7.8AI Score
0.0004EPSS
CVE-2024-26965 clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid...
6.7AI Score
0.0004EPSS
CVE-2024-26965 clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid...
7.8AI Score
0.0004EPSS
CVE-2024-26935 scsi: core: Fix unremoved procfs host directory regression
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix unremoved procfs host directory regression Commit fc663711b944 ("scsi: core: Remove the /proc/scsi/${proc_name} directory earlier") fixed a bug related to modules loading/unloading, by adding a call to...
7.7AI Score
0.0004EPSS
CVE-2024-26935 scsi: core: Fix unremoved procfs host directory regression
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix unremoved procfs host directory regression Commit fc663711b944 ("scsi: core: Remove the /proc/scsi/${proc_name} directory earlier") fixed a bug related to modules loading/unloading, by adding a call to...
6.6AI Score
0.0004EPSS
(RHSA-2024:2633) Important: updated rhceph-6.1 container image
Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. This updated container image is based on Red Hat Ceph Storage 6.1 and Red Hat...
9.8AI Score
0.732EPSS
(RHSA-2024:2631) Critical: Red Hat Ceph Storage 6.1 security and bug fix update
Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. These new packages include numerous enhancements, and bug fixes. Space precludes....
6.6AI Score
0.002EPSS
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq9574: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid...
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid...
7.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: camcc-sc8280xp: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid...
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid...
7.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq5018: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid...
6.6AI Score
0.0004EPSS
RHEL 8 / 9 : Red Hat Ceph Storage 6.1 (RHSA-2024:2631)
The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2631 advisory. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system...
9.8CVSS
6AI Score
0.002EPSS
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix unremoved procfs host directory regression Commit fc663711b944 ("scsi: core: Remove the /proc/scsi/${proc_name} directory earlier") fixed a bug related to modules loading/unloading, by adding a call to...
7.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command The isd200 sub-driver in usb-storage uses the HEADS and SECTORS values in the ATA ID information to calculate cylinder and head values when creating a CDB for READ.....
7.6AI Score
0.0004EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1480-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1480-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic...
7.8CVSS
8AI Score
EPSS
In multiple methods of UserManagerService.java, there is a possible failure to persist or enforce user restrictions due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...
7.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq6018: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid...
7.6AI Score
0.0004EPSS
In multiple locations, there is a possible failure to persist or enforce user restrictions due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...
7.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: x86: Don't overflow lpage_info when checking attributes Fix KVM_SET_MEMORY_ATTRIBUTES to not overflow lpage_info array and trigger KASAN splat, as seen in the private_mem_conversions_test selftest. When memory...
6.3AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid...
7.6AI Score
0.0004EPSS
Summary IBM Virtualization Engine TS7700 is susceptible to a denial of service due to the use of OpenSSL (CVE-2023-6129). OpenSSL is used in TS7700 to encrypt data in flight during EKM communications, Secure Data Transfer between clusters, and for TS7700 Advanced Object Store for DS8000....
6.5CVSS
7AI Score
0.001EPSS
Summary IBM Storage Copy Data Management can be affected by vulnerabilities in Apache Commons Compress and PostgreSQL. Vulnerabilities include causing a denial of service condition, and executing arbitrary SQL functions as the command issuer, as described by the CVEs in the "Vulnerability Details"....
8.1CVSS
7.7AI Score
0.001EPSS
Summary IBM Storage Copy Data Management can be affected by vulnerabilities in OpenSSL and Linux Kernel. A remote or local authenticated attacker could exploit these vulnerabilities to break SSH extension negotiation and downgrading the client connection security, to cause the system to crash, to.....
7.8CVSS
8.9AI Score
0.963EPSS
Security Bulletin: Vulnerability in Linux Kernel could affect IBM Storage Copy Data Management
Summary IBM Storage Copy Data Management can be affected by a vulnerability in Linux Kernel. A remote attacker could overflow a buffer and execute arbitrary code or cause a denial of service condition on the system as described by the CVE in the "Vulnerability Details" section. (CVE-2023-45871)...
7.5CVSS
7.6AI Score
0.001EPSS
Summary A vulnerability in Apache Tomcat affects the product's management GUI, potentially allowing HTTP request smuggling and the obtaining of sensitive information. The Command Line Interface is unaffected. Vulnerability Details ** CVEID: CVE-2023-45648 DESCRIPTION: **Apache Tomcat is...
7.5CVSS
7.4AI Score
0.01EPSS
Summary A vulnerability in IBM® Runtime Environment Java™ Technology Edition affects the product's management GUI. The Command Line Interface is unaffected. Vulnerability Details ** CVEID: CVE-2023-30441 DESCRIPTION: **IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0...
7.5CVSS
5.8AI Score
0.002EPSS
Where does your software (really) come from?
Software is a funny, profound thing: each piece of it is an invisible machine, seemingly made of magic words, designed to run on the ultimate, universal machine. It's not alive, but it has a lifecycle. It starts out as source code--just text files, sitting in a repository somewhere--and then later....
6.9AI Score
IBM Storage Scale 5.1.0.0 through 5.1.9.2 could allow an authenticated user to steal or manipulate an active session to gain access to the system. IBM X-Force ID: ...
5CVSS
6.4AI Score
0.0004EPSS
IBM Storage Scale 5.1.0.0 through 5.1.9.2 could allow an authenticated user to steal or manipulate an active session to gain access to the system. IBM X-Force ID: ...
5CVSS
5.1AI Score
0.0004EPSS
CVE-2023-38002 IBM Storage Scale session fixation
IBM Storage Scale 5.1.0.0 through 5.1.9.2 could allow an authenticated user to steal or manipulate an active session to gain access to the system. IBM X-Force ID: ...
5CVSS
5.3AI Score
0.0004EPSS
CVE-2023-38002 IBM Storage Scale session fixation
IBM Storage Scale 5.1.0.0 through 5.1.9.2 could allow an authenticated user to steal or manipulate an active session to gain access to the system. IBM X-Force ID: ...
5CVSS
6.5AI Score
0.0004EPSS
(RHSA-2024:2560) Moderate: libvirt security and bug fix update
The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fixes: libvirt: off-by-one error in udevListInterfacesByStatus()...
7.3AI Score
0.001EPSS
(RHSA-2024:2236) Moderate: libvirt security update
The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix(es): libvirt: NULL pointer dereference in...
6.7AI Score
0.0004EPSS
Moderate: libvirt security update
The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix(es): libvirt: NULL pointer dereference in...
5CVSS
6.7AI Score
0.0004EPSS
Pouring Acid Rain By Max Kersten · April 30, 2024 In two recent major geopolitical conflicts, in Ukraine and in Israel, wipers - malware used to destroy access to files and commonly used to halt telecom operations - were used to destroy digital infrastructure. Their ongoing shows that wipers have.....
7.7AI Score
Moderate: libvirt security and bug fix update
The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fixes: libvirt: off-by-one error in udevListInterfacesByStatus()...
6.2CVSS
6.9AI Score
0.001EPSS
K000139446 : Oracle Java vulnerability CVE-2024-21005
Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Supported versions that are affected are Oracle Java SE: 8u401; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to exploit...
3.1CVSS
5.6AI Score
0.0005EPSS
RHEL 9 : libvirt (RHSA-2024:2236)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2236 advisory. The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In...
5CVSS
5.7AI Score
0.0004EPSS
Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-054)
The version of kernel installed on the remote host is prior to 5.10.214-202.855. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2024-054 advisory. 2024-05-23: CVE-2024-26898 was added to this advisory. In the Linux kernel, the following vulnerability...
7.8CVSS
7.8AI Score
0.0004EPSS
RHEL 9 : libvirt (RHSA-2024:2560)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2560 advisory. The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating...
6.2CVSS
6.9AI Score
0.001EPSS
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1466-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1466-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A...
7.8CVSS
7.5AI Score
EPSS
Encoded session passwords on session storage for Virtual Fabric platforms.(CVE-2024-29953)
A vulnerability in the web interface in Brocade Fabric OS before v9.2.1, v9.2.0b, and v9.1.1d prints encoded session passwords on session storage for Virtual Fabric platforms. This could allow an authenticated user to view other users' session encoded...
6.6AI Score
0.0004EPSS
K000139430 : Linux kernel vulnerability CVE-2024-1086
Security Advisory Description A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow()...
7.8CVSS
6.9AI Score
0.002EPSS
IEIT NF5280M6 UEFI firmware through 8.4 has a pool overflow vulnerability, caused by improper use of the gRT->GetVariable() function. Attackers with access to local NVRAM variables can exploit this by modifying these variables on SPI Flash, resulting in memory data being tampered with. When...
6.7AI Score
0.0004EPSS
IEIT NF5280M6 UEFI firmware through 8.4 has a pool overflow vulnerability, caused by improper use of the gRT->GetVariable() function. Attackers with access to local NVRAM variables can exploit this by modifying these variables on SPI Flash, resulting in memory data being tampered with. When...
7AI Score
0.0004EPSS