(RHSA-2024:3066) Moderate: exempi security update
Exempi provides a library for easy parsing of XMP metadata. Security Fix(es): exempi: denial of service via opening of crafted audio file with ID3V2 frame (CVE-2020-18651) exempi: denial of service via opening of crafted webp file (CVE-2020-18652) For more details about the security...
7.2AI Score
0.001EPSS
(RHSA-2024:3060) Moderate: gstreamer1-plugins-bad-free security update
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es): gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with...
7.3AI Score
0.0005EPSS
(RHSA-2024:3059) Moderate: libtiff security update
The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): libtiff: out-of-bounds read in tiffcp in tools/tiffcp.c (CVE-2022-4645) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments,...
6.9AI Score
0.0004EPSS
(RHSA-2024:3030) Moderate: libsndfile security update
libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Security Fix(es): libsndfile: integer overflow in src/mat4.c and src/au.c leads to DoS (CVE-2022-33065) For more details about the security issue(s), including the impact, a CVSS score,...
7.3AI Score
0.001EPSS
(RHSA-2024:3022) Moderate: motif security update
The motif packages include the Motif shared libraries needed to run applications which are dynamically linked against Motif, as well as MWM, the Motif Window Manager. Security Fix(es): libXpm: out of bounds read in XpmCreateXpmImageFromBuffer() (CVE-2023-43788) libXpm: out of bounds read on...
6.9AI Score
0.0004EPSS
(RHSA-2024:3005) Moderate: python-pillow security update
The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fix(es): python-pillow: uncontrolled resource consumption when textlength in an ImageDraw...
6.9AI Score
0.001EPSS
(RHSA-2024:2994) Moderate: LibRaw security update
LibRaw is a library for reading RAW files obtained from digital photo cameras (CRW/CR2, NEF, RAF, DNG, and others). Security Fix(es): LibRaw: stack buffer overflow in LibRaw_buffer_datastream::gets() in src/libraw_datastream.cpp (CVE-2021-32142) For more details about the security issue(s),...
7.5AI Score
0.001EPSS
(RHSA-2024:2982) Important: webkit2gtk3 security update
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fix(es): webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2023-40414) webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2023-42852) webkitgtk:...
8AI Score
0.017EPSS
(RHSA-2024:2986) Moderate: python3.11-urllib3 security update
The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fix(es): python-urllib3: Cookie request header isn't stripped during cross-origin redirects (CVE-2023-43804) For more details about the security issue(s), including the impact, a...
6.9AI Score
0.001EPSS
(RHSA-2024:2979) Moderate: poppler security update
Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince. Security Fix(es): poppler: NULL pointer dereference in FoFiType1C::convertToType1 (CVE-2020-36024) For more details about the security issue(s), including the impact, a CVSS score,...
6.9AI Score
0.001EPSS
(RHSA-2024:2974) Moderate: libXpm security update
X.Org X11 libXpm runtime library. Security Fix(es): libXpm: out of bounds read in XpmCreateXpmImageFromBuffer() (CVE-2023-43788) libXpm: out of bounds read on XPM with corrupted colormap (CVE-2023-43789) For more details about the security issue(s), including the impact, a CVSS score,...
6.9AI Score
0.0004EPSS
(RHSA-2024:2973) Moderate: libX11 security update
The libX11 packages contain the core X11 protocol client library. Security Fix(es): libX11: out-of-bounds memory access in _XkbReadKeySyms() (CVE-2023-43785) libX11: stack exhaustion from infinite recursion in PutSubImage() (CVE-2023-43786) libX11: integer overflow in XCreateImage() leading...
7.3AI Score
0.0004EPSS
CVE-2021-47460 ocfs2: fix data corruption after conversion from inline format
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after conversion from inline format Commit 6dbf7bb55598 ("fs: Don't invalidate page buffers in block_write_full_page()") uncovered a latent bug in ocfs2 conversion from inline inode format to a normal...
7.4AI Score
0.0004EPSS
CVE-2021-47450 KVM: arm64: Fix host stage-2 PGD refcount
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix host stage-2 PGD refcount The KVM page-table library refcounts the pages of concatenated stage-2 PGDs individually. However, when running KVM in protected mode, the host's stage-2 PGD is currently managed by EL2 as....
7AI Score
0.0004EPSS
CVE-2021-47433 btrfs: fix abort logic in btrfs_replace_file_extents
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix abort logic in btrfs_replace_file_extents Error injection testing uncovered a case where we'd end up with a corrupt file system with a missing extent in the middle of a file. This occurs because the if statement to...
7.5AI Score
0.0004EPSS
Deserialization Of Untrusted Data
joblib is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to unsafe handling of pickle files in the read_array() function within numpy_pickle.py where pickle.load is enabled by default. This allows an attacker to execute arbitrary code by loading a maliciously crafted...
7.6AI Score
Updated gdk-pixbuf2.0 packages fix security vulnerability
In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of...
7.9AI Score
0.001EPSS
Updated stb packages fix security vulnerabilities
stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory write past an allocated heap buffer in start_decoder. The root cause is a potential integer overflow in sizeof(char*) * (f->comment_list_length) which may make setup_malloc allocat...
8.1AI Score
0.001EPSS
The Media Library Assistant plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the lang parameter in all versions up to, and including, 3.15 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...
6.1CVSS
6.8AI Score
0.0005EPSS
The Media Library Assistant plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode(s) in all versions up to, and including, 3.15 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible.....
8.8CVSS
7.8AI Score
0.001EPSS
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability. The specific flaw exists within the UpLoadServlet class. The issue results from the lack of proper.....
7.8AI Score
SUSE SLES15 Security Update : kernel (Live Patch 10 for SLE 15 SP5) (SUSE-SU-2024:1711-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1711-1 advisory. In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header If an...
7.3AI Score
SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 43 for SLE 15 SP2) (SUSE-SU-2024:1713-1)
The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1713-1 advisory. In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header...
6.9AI Score
SUSE SLES15 Security Update : kernel (Live Patch 21 for SLE 15 SP4) (SUSE-SU-2024:1740-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1740-1 advisory. In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header If an...
7.3AI Score
Adobe Acrobat Pro DC AcroForm Annotation Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
7.1AI Score
CentOS 8 : squashfs-tools (CESA-2024:3139)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2024:3139 advisory. squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the...
7.2AI Score
CentOS 8 : gstreamer1-plugins-base (CESA-2024:3088)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2024:3088 advisory. GStreamer PGS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary...
7.2AI Score
SUSE SLES15 Security Update : kernel (Live Patch 42 for SLE 15 SP3) (SUSE-SU-2024:1708-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1708-1 advisory. In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header If an...
7.2AI Score
SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 36 for SLE 15 SP2) (SUSE-SU-2024:1712-1)
The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1712-1 advisory. In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header...
7.1AI Score
A vulnerability in the Hotspot component of Java SE software platforms, Oracle GraalVM Enterprise Virtual Machine Edition is related to insufficient input data validation. Exploitation of the vulnerability could allow A remote attacker to create, delete, or modify access to data Vulnerability in...
6.8AI Score
0.002EPSS
CentOS 8 : qt5-qtbase (CESA-2024:3056)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:3056 advisory. An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before...
7.6AI Score
SUSE SLES15 Security Update : kernel RT (Live Patch 11 for SLE 15 SP5) (SUSE-SU-2024:1723-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1723-1 advisory. In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header If an...
7.1AI Score
Fortinet FortiWeb - Arbitrary file read through command line pipe (FG-IR-21-218)
The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-218 advisory. An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in the command line...
7.1AI Score
7.4AI Score
VMware Workstation SVGA Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VMware Workstation. User interaction is required to exploit this vulnerability in that the target in a guest system must visit a malicious page or open a malicious file. The specific flaw exists...
7.1CVSS
6.9AI Score
CentOS 8 : fence-agents (CESA-2024:2968)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:2968 advisory. urllib3 is a user-friendly HTTP client library for Python. urllib3 previously wouldn't remove the HTTP request body when an HTTP redirect response...
6.6AI Score
SUSE SLES15 Security Update : kernel (Live Patch 41 for SLE 15 SP3) (SUSE-SU-2024:1707-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1707-1 advisory. In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header If an...
7.1AI Score
(Pwn2Own) Microsoft Windows CLFS Integer Underflow Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Common Log File....
7.5CVSS
7AI Score
SUSE SLES15 Security Update : kernel (Live Patch 1 for SLE 15 SP5) (SUSE-SU-2024:1726-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1726-1 advisory. In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header If an...
7.5AI Score
CentOS 8 : pmix (CESA-2024:3008)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2024:3008 advisory. OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library...
7.2AI Score
CentOS 8 : poppler (CESA-2024:2979)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2024:2979 advisory. An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to...
6.4AI Score
SUSE SLES15 Security Update : kernel (Live Patch 38 for SLE 15 SP3) (SUSE-SU-2024:1706-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1706-1 advisory. In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header If an...
7.3AI Score
7.5AI Score
0.001EPSS
LAquis SCADA LGX Report TextFile Open Path Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of.....
7.8CVSS
7.8AI Score
SUSE SLES15 Security Update : kernel (Live Patch 38 for SLE 15 SP2) (SUSE-SU-2024:1729-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1729-1 advisory. In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header If an...
7.1AI Score
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing....
7.2AI Score
WithSecure Elements Endpoint Protection Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of WithSecure Elements Endpoint Protection. User interaction on the part of an administrator is required to exploit this vulnerability. The specific flaw exists within the WithSecure plugin hosting service......
7.3CVSS
7.1AI Score
RHEL 8 : Red Hat OpenStack Platform 17.1 (python-urllib3) (RHSA-2024:2734)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2734 advisory. Python HTTP module with connection pooling and file POST abilities. Security Fix(es): * Request body not stripped after redirect from 303 status...
6.5AI Score
CentOS 8 : gmp (CESA-2024:3214)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2024:3214 advisory. GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading...
6.9AI Score
LAquis SCADA LGX Report Table Save Path Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of.....
7.8CVSS
6.9AI Score