Unbreakable Enterprise kernel security update
[5.4.17-2136.318.7.1] - KVM: arm64: Disabling disabled PMU counters wastes a lot of time (Alexandre Chartre) [Orabug: 33312587] - KVM: arm64: Don't zero the cycle count register when PMCR_EL0.P is set (Alexandru Elisei) [Orabug: 33312587] - KVM: arm64: pmu: Only handle supported event counters...
8.8CVSS
7.9AI Score
0.0004EPSS
7.5CVSS
7.1AI Score
0.02EPSS
(RHSA-2023:1468) Important: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: tun: avoid double free in tun_free_netdev (CVE-2022-4744) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related...
7.5AI Score
0.0004EPSS
Amazon Linux 2 : libxml2 (ALAS-2023-1996)
The version of libxml2 installed on the remote host is prior to 2.9.1-6. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1996 advisory. An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE...
8.3AI Score
0.004EPSS
Unbreakable Enterprise kernel security update
[5.4.17-2136.317.5.3] - udf: Fix file corruption when appending just after end of preallocated extent (Jan Kara) [Orabug: 35192150] - selftests/ftrace: Fix bash specific '==' operator (Masami Hiramatsu (Google)) [Orabug: 35192150] - net: Fix unwanted sign extension in netdev_stats_to_stats64()...
7.8CVSS
8.4AI Score
0.001EPSS
Unbreakable Enterprise kernel-container security update
[5.4.17-2136.317.5.3] - udf: Fix file corruption when appending just after end of preallocated extent (Jan Kara) [Orabug: 35192150] - selftests/ftrace: Fix bash specific '==' operator (Masami Hiramatsu (Google)) [Orabug: 35192150] - net: Fix unwanted sign extension in netdev_stats_to_stats64()...
7.8CVSS
8.4AI Score
0.001EPSS
Amazon Linux 2023 : libxml2, libxml2-devel, libxml2-static (ALAS2023-2023-096)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-096 advisory. valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. (CVE-2022-23308) In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf) and tree.c...
8.3AI Score
0.004EPSS
Amazon Linux 2023 : xmlsec1, xmlsec1-devel, xmlsec1-openssl (ALAS2023-2023-097)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-097 advisory. An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This...
8.4AI Score
0.004EPSS
CBL Mariner 2.0 Security Update: libxml2 (CVE-2022-40303)
The version of libxml2 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-40303 advisory. An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the ...
8.6AI Score
0.004EPSS
CBL Mariner 2.0 Security Update: rubygem-yajl-ruby (CVE-2022-24795)
The version of rubygem-yajl-ruby installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-24795 advisory. yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the...
8.3AI Score
0.01EPSS
Issue Overview: An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a...
7.8CVSS
8AI Score
0.004EPSS
KB5023788: Servicing stack update for Windows Server 2016: March 14, 2023
KB5023788: Servicing stack update for Windows Server 2016: March 14, 2023 ReminderWindows 10, version 1607 Mobile and Mobile Enterprise editions reached end of service on October 9, 2018.Windows 10, version 1607 for Education, Enterprise, and IoT Enterprise reached end of service on April 9, 2019.....
6.8AI Score
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-1510)
The remote host is missing an update for the Huawei...
7.8CVSS
8.5AI Score
0.004EPSS
EulerOS 2.0 SP5 : libxml2 (EulerOS-SA-2023-1510)
According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled,...
0.2AI Score
0.004EPSS
Multiple XSS @ answer/question/tag
Description The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. # Proof of Concept Posting the Question: func (req *QuestionAdd) Check() (errFields []*validator.FormErrorField,...
5.4CVSS
5.5AI Score
0.001EPSS
Meinberg LANTIME Detection Consolidation
Consolidation of Meinberg LANTIME NTP Timeserver device ...
6.9AI Score
Fedora: Security Advisory for plasma-nano (FEDORA-2023-e31c3e4b6c)
The remote host is missing an update for...
7.5AI Score
1.9AI Score
Fedora 37 : bluedevil / breeze-gtk / flatpak-kcm / grub2-breeze-theme / etc (2023-e31c3e4b6c)
The remote Fedora 37 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-e31c3e4b6c advisory. Plasma 5.27.1 ---- Add patch to disable global shortcuts at login for the SDDM Plasma Wayland configuration (#2171332) (FEDORA-2023-e31c3e4b6c) ...
0.3AI Score
Unbreakable Enterprise kernel-container security update
[5.4.17-2136.316.7] - runtime revert of virtio_net: Stripe queue affinities across cores. (Konrad Rzeszutek Wilk) [Orabug: 35001045] [5.4.17-2136.316.6] - block: Change the granularity of io ticks from ms to ns (Gulam Mohamed) [Orabug: 34780807] - powercap: intel_rapl: support new layout of...
8.8CVSS
9.6AI Score
0.001EPSS
Unbreakable Enterprise kernel security update
[5.4.17-2136.316.7] - runtime revert of virtio_net: Stripe queue affinities across cores. (Konrad Rzeszutek Wilk) [Orabug: 35001045] [5.4.17-2136.316.6] - block: Change the granularity of io ticks from ms to ns (Gulam Mohamed) [Orabug: 34780807] - powercap: intel_rapl: support new layout of...
8.8CVSS
9.6AI Score
0.001EPSS
EulerOS 2.0 SP10 : libxml2 (EulerOS-SA-2023-1393)
According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled,...
0.2AI Score
0.004EPSS
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-1393)
The remote host is missing an update for the Huawei...
7.8CVSS
8.5AI Score
0.004EPSS
EulerOS 2.0 SP10 : libxml2 (EulerOS-SA-2023-1365)
According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled,...
0.2AI Score
0.004EPSS
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-1365)
The remote host is missing an update for the Huawei...
7.8CVSS
8.5AI Score
0.004EPSS
What is sandfly-entropyscan? sandfly-entropyscan is a utility to quickly scan files or running processes and report on their entropy (measure of randomness) and if they are a Linux/Unix ELF type executable. Some malware for Linux is packed or encrypted and shows very high entropy. This tool can...
-0.4AI Score
Huawei EulerOS: Security Advisory for yajl (EulerOS-SA-2023-1304)
The remote host is missing an update for the Huawei...
7.5CVSS
7.7AI Score
0.01EPSS
An information leak vulnerability in the SMI Set BIOS Password SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM...
4.4CVSS
4.4AI Score
0.0004EPSS
EulerOS Virtualization 3.0.2.2 : yajl (EulerOS-SA-2023-1304)
According to the versions of the yajl package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an...
8.5AI Score
0.01EPSS
Fedora 37 : open62541 (2023-4827db70a8)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-4827db70a8 advisory. The package open62541/open62541 before 1.2.5, from 1.3-rc1 and before 1.3.1 are vulnerable to Denial of Service (DoS) due to a missing limitation on the...
7.2AI Score
0.003EPSS
DC-Sonar - Analyzing AD Domains For Security Risks Related To User Accounts
DC Sonar Community Repositories The project consists of repositories: dc-sonar-frontend dc-sonar-user-layer dc-sonar-workers-layer ntlm-scrutinizer Disclaimer It's only for education purposes. Avoid using it on the production Active Directory (AD) domain. Neither contributor incur any...
-0.4AI Score
NVIDIA has released a software update for NVIDIA® Jetson AGX Xavier™ series, Jetson Xavier™ NX, and Jetson AGX Orin series in the NVIDIA JetPack™ software development kit (SDK). The update addresses security issues that may lead to escalation of privileges, compromised data integrity and...
7.8CVSS
2.6AI Score
0.001EPSS
AlmaLinux 9 : libxml2 (ALSA-2023:0338)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0338 advisory. An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several...
-0.1AI Score
0.004EPSS
Oracle Linux 9 : libxml2 (ELSA-2023-0338)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-0338 advisory. An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled,...
8.2AI Score
0.004EPSS
RHEL 9 : libxml2 (RHSA-2023:0338)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0338 advisory. An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option...
8.2AI Score
0.004EPSS
RHEL 8 : libxml2 (RHSA-2023:0173)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0173 advisory. An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option...
8.2AI Score
0.004EPSS
Oracle Linux 8 : libxml2 (ELSA-2023-0173)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-0173 advisory. An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled,...
8.2AI Score
0.004EPSS
AlmaLinux 8 : libxml2 (ALSA-2023:0173)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0173 advisory. An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several...
-0.1AI Score
0.004EPSS
Huawei EulerOS: Security Advisory for yajl (EulerOS-SA-2023-1160)
The remote host is missing an update for the Huawei...
7.5CVSS
7.7AI Score
0.01EPSS
Unbreakable Enterprise kernel security update
[5.15.0-6.80.3.1] - Revert 'rds: ib: Enable FC by default' (Hakon Bugge) [Orabug: 34964359] [5.15.0-6.80.3] - net/mlx5: Suppress error logging on UCTX creation (Marina) [Orabug: 34888471] - rds: ib: Fix leaked MRs during kexec (Hakon Bugge) [Orabug: 34892082] - uek-rpm: Add ptp_kvm.ko to core...
8.8CVSS
8.6AI Score
0.001EPSS
Huawei EulerOS: Security Advisory for yajl (EulerOS-SA-2023-1240)
The remote host is missing an update for the Huawei...
7.5CVSS
7.7AI Score
0.01EPSS
Huawei EulerOS: Security Advisory for yajl (EulerOS-SA-2023-1181)
The remote host is missing an update for the Huawei...
7.5CVSS
7.7AI Score
0.01EPSS
Huawei EulerOS: Security Advisory for yajl (EulerOS-SA-2023-1210)
The remote host is missing an update for the Huawei...
7.5CVSS
7.7AI Score
0.01EPSS
Unbreakable Enterprise kernel-container security update
[5.15.0-6.80.3.1] - Revert 'rds: ib: Enable FC by default' (Hakon Bugge) [Orabug: 34964359] [5.15.0-6.80.3] - net/mlx5: Suppress error logging on UCTX creation (Marina) [Orabug: 34888471] - rds: ib: Fix leaked MRs during kexec (Hakon Bugge) [Orabug: 34892082] - uek-rpm: Add ptp_kvm.ko to core...
8.8CVSS
8.6AI Score
0.001EPSS
EulerOS Virtualization 2.9.0 : yajl (EulerOS-SA-2023-1240)
According to the versions of the yajl package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an...
8.5AI Score
0.01EPSS
EulerOS Virtualization 2.10.1 : yajl (EulerOS-SA-2023-1160)
According to the versions of the yajl package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an...
8.5AI Score
0.01EPSS
EulerOS Virtualization 2.9.1 : yajl (EulerOS-SA-2023-1210)
According to the versions of the yajl package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an...
8.5AI Score
0.01EPSS
EulerOS Virtualization 2.10.0 : yajl (EulerOS-SA-2023-1181)
According to the versions of the yajl package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an...
8.5AI Score
0.01EPSS
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-1106)
The remote host is missing an update for the Huawei...
7.8CVSS
8.5AI Score
0.004EPSS
Unbreakable Enterprise kernel security update
[4.14.35-2047.521.4] - tcp: Tunables for TCP delayed ack (min and max) timers (Venkat Venkatsubra) [Orabug: 34883100] [4.14.35-2047.521.3] - Revert 'random: use expired timer rather than wq for mixing fast pool' (Saeed Mirzamohammadi) [Orabug: 34918228] [4.14.35-2047.521.2] - RDS/IB: Fix the...
7.8CVSS
AI Score
0.0004EPSS