Oracle Linux 8 : virt:ol / and / virt-devel:rhel (ELSA-2024-2962)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2962 advisory. hivex libguestfs [1.44.0-9.0.2] - libguestfs.spec: Add btrfs-progs RPM to appliance [Orabug: 35634755] [1.44.0-9.0.1] - Replace upstream...
7.8AI Score
Oracle Linux 8 : qt5-qtbase (ELSA-2024-3056)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3056 advisory. [5.15.3-7] - Fix CVE-2024-25580: potential buffer overflow when reading KTX images Resolves: RHEL-25725 [5.15.3-6] - Fix incorrect integer...
7.3AI Score
Oracle Linux 8 : 389-ds:1.4 (ELSA-2024-3047)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3047 advisory. [1.4.3.39-3] - Bump version to 1.4.3.39-3 - Resolves: RHEL-19240 - RFE Add PROXY protocol support to 389-ds-base via confiuration item - similar to Postfix ...
7.2AI Score
Oracle Linux 8 : container-tools:ol8 (ELSA-2024-2988)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2988 advisory. The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type...
7.1AI Score
Oracle Linux 8 : python39:3.9 / and / python39-devel:3.9 (ELSA-2024-2985)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2985 advisory. mod_wsgi [4.7.1-7] - Bump release for rebuild Resolves: rhbz#2213595 [4.7.1-6] - Remove rpath Resolves: rhbz#2213837 [4.7.1-5] - Core...
7.2AI Score
Amazon Linux 2023 : oci-add-hooks (ALAS2023-2024-632)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-632 advisory. A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP...
7AI Score
Oracle Linux 8 : freeglut (ELSA-2024-3120)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3120 advisory. [3.0.0-9] - Fix CVE-2024-24258 and CVE-2024-24259 Resolves: https://issues.redhat.com/browse/RHEL-25175 Resolves:...
7.1AI Score
7.4AI Score
Oracle Linux 8 : xorg-x11-server-Xwayland (ELSA-2024-2996)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-2996 advisory. [21.1.3-15] Fix for CVE-2023-6816, CVE-2024-0229, CVE-2024-21885, CVE-2024-21886, CVE-2024-0408, CVE-2024-0409 [21.1.3-14] - Fix for...
7AI Score
The version of MariaDB installed on the remote host is prior to 11.4.2. It is, therefore, affected by a vulnerability as referenced in the mariadb-1142-release-notes advisory. Vulnerability in the MySQL Server product of Oracle MySQL (component: Client: mysqldump). Supported versions that are...
5.7AI Score
Oracle Linux 8 : webkit2gtk3 (ELSA-2024-2982)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2982 advisory. [2.42.5-1] - Update to 2.42.5 Resolves: RHEL-3961 [2.42.4-1] - Update to 2.42.4 Resolves: RHEL-3961 Resolves: RHEL-19365 [2.42.3-1]...
7.5AI Score
Oracle Linux 8 : Image / builder / components (ELSA-2024-2961)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-2961 advisory. osbuild [110-1] - New upstream release [109-1] - New upstream release [106-1] - New upstream release [105-1] - New upstream release [104-2] - Fix unit...
6.7AI Score
Oracle Linux 8 : idm:DL1 (ELSA-2024-3044)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3044 advisory. bind-dyndb-ldap [11.6-4] - Modify empty zone conflicts under exclusive mode Resolves: rhbz#2126877 [11.6-3] - Rebuild against bind 9.11.36 - Resolves:...
7.8AI Score
Oracle Linux 8 : python27:2.7 (ELSA-2024-2987)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2987 advisory. babel [2.5.1-10] - Fix CVE-2021-20095 Resolves: rhbz#1955615 [2.5.1-9] - Bumping due to problems with modular RPM upgrade path - Resolves:...
7.2AI Score
Oracle Linux 8 : frr (ELSA-2024-2981)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2981 advisory. [7.5.1-22.0.1] - Fix POSTIN scriptlet [Orabug: 34712485] - Resolves: RHEL-15916 - Flowspec overflow in bgpd/bgp_flowspec.c - Resolves: RHEL-15919 - Out.....
7.5AI Score
Oracle Linux 8 : zziplib (ELSA-2024-3127)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3127 advisory. [0.13.68-13] - Fix CVE-2020-18770 Previous patch contained segfault bug Resolves: RHEL-14966 [0.13.68-12] - Add the gating tests from the 8.8.0...
6.8AI Score
Oracle Linux 8 : linux-firmware (ELSA-2024-3178)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3178 advisory. [20240415-999.32.git5da74b16.el8] - Rebase to latest upstream [Orabug: 36482906] Tenable has extracted the preceding description block directly from...
6.9AI Score
Oracle Linux 8 : libsndfile (ELSA-2024-3030)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3030 advisory. [1.0.28-14] - fix integer overflows causing CVE-2022-33065 (#RHEL-3750) Tenable has extracted the preceding description block directly from the Oracle Linux...
6.7AI Score
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3392 advisory. Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance...
7.1AI Score
libigl readOFF stack-based buffer overflow vulnerabilities
Talos Vulnerability Report TALOS-2023-1784 libigl readOFF stack-based buffer overflow vulnerabilities May 28, 2024 CVE Number CVE-2023-35950,CVE-2023-35953,CVE-2023-35952,CVE-2023-35951,CVE-2023-35949 SUMMARY Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp...
8.5AI Score
Oracle Linux 8 : libXpm (ELSA-2024-2974)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2974 advisory. [3.5.12-11] - Drop hardening patches from previous version to keep ABI compatibility [3.5.12-10] - CVE-2023-43786 libX11: stack exhaustion from...
7.2AI Score
Oracle Linux 8 : pmix (ELSA-2024-3008)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3008 advisory. [2.2.5-3] - Add gating test - Resolves: RHEL-3692 [2.2.5-2] - Fix CVE-2023-41915 - Resolves: RHEL-3692 Tenable has extracted the preceding description block...
6.7AI Score
7.4AI Score
Oracle Linux 8 : xorg-x11-server (ELSA-2024-2995)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2995 advisory. [1.20.4-24] - Fix use after free related to CVE-2024-21886 [1.20.11-21] - CVE fix for: CVE-2023-6816, CVE-2024-0229, CVE-2024-21885,...
7.1AI Score
Oracle Linux 8 : gstreamer1-plugins-good (ELSA-2024-3089)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3089 advisory. [1.16.1-4] - CVE-2023-37327: integer overflow leading to heap overwrite in FLAC image tag handling - Resolves: RHEL-19469 Tenable has extracted the...
7AI Score
Oracle Linux 8 : pki-core:10.6 / and / pki-deps:10.6 (ELSA-2024-3061)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3061 advisory. apache-commons-collections apache-commons-lang apache-commons-net bea-stax fasterxml-oss-parent [49-1] - Rebase to upstream version 49 ...
7.2AI Score
Oracle Linux 8 : poppler (ELSA-2024-2979)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-2979 advisory. [21.01.0-11] - Fix crashes in FoFiType1C - Rebuild for inclusion of poppler-glib-doc in CRB - Resolves: RHEL-4255, RHEL-4273 [21.01.0-10] - Check XRef's Catalog.....
7.3AI Score
RHEL 9 : rpm-ostree (RHSA-2024:3401)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3401 advisory. The rpm-ostree tool binds together the RPM packaging model with the OSTree model of bootable file system trees. It provides commands that can be...
7.2AI Score
Oracle Linux 8 : fence-agents (ELSA-2024-2968)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2968 advisory. [4.2.1-129] - bundled urllib3: fix CVE-2023-45803 Resolves: RHEL-18132 - bundled pycryptodome: fix CVE-2023-52323 Resolves: RHEL-20915 -...
7AI Score
Oracle Linux 8 : tigervnc (ELSA-2024-3067)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3067 advisory. [1.13.1-8] - Fix copy/paste error in the DeviceStateNotify Resolves: RHEL-20530 [1.13.1-7] - Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer...
7.3AI Score
Oracle Linux 8 : python-jinja2 (ELSA-2024-3102)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-3102 advisory. [2.10.1-4] - Security fix for CVE-2024-22195 Resolves: RHEL-21347 [2.10.1-3] - Fix CVE-2020-28493: ReDOS vulnerability due to the sub-pattern Resolves:...
6.8AI Score
SUSE SLES15 Security Update : apache2 (SUSE-SU-2024:1788-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1788-1 advisory. - CVE-2023-38709: Fixed faulty input validation inside the HTTP response splitting code (bsc#1222330). - CVE-2024-24795: Fixed...
7.5AI Score
Oracle Linux 8 : python3.11 (ELSA-2024-3062)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3062 advisory. [3.11.7-1.0.1] - Update rpm-macros description [Orabug: 36024572] [3.11.7-1] - Rebase to 3.11.7 Resolves: RHEL-21915 [3.11.5-2] - Security fix for...
6.6AI Score
Oracle Linux 8 : gmp (ELSA-2024-3214)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3214 advisory. [1:6.1.2-11] - Fix: CVE-2021-43618 Resolves: RHEL-23055 Tenable has extracted the preceding description block directly from the Oracle Linux security...
6.9AI Score
7.4AI Score
0.0004EPSS
Oracle Linux 8 : edk2 (ELSA-2024-3017)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3017 advisory. [20220126gitbb1bba3d77-13] - edk2-EmbeddedPkg-Hob-Integer-Overflow-in-CreateHob.patch [RHEL-21158] -...
6AI Score
Oracle Linux 8 : perl-CPAN (ELSA-2024-3094)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-3094 advisory. [2.18-399] - Fix tests to run in correct order [2.18-398] - Fix CVE-2023-31484 - Package tests [2.18-397] - Rebuilt for...
7AI Score
Amazon Linux 2023 : amazon-ecr-credential-helper (ALAS2023-2024-631)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-631 advisory. A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP...
7AI Score
Oracle Linux 8 : python-pillow (ELSA-2024-3005)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3005 advisory. [5.1.1-20] - Security fix for CVE-2023-50447 Resolves: RHEL-22240 [5.1.1-19] - Security fix for CVE-2023-44271 Resolves: RHEL-15460 Tenable has...
6.6AI Score
Oracle Linux 8 : squashfs-tools (ELSA-2024-3139)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-3139 advisory. [4.3-21] - CVE-2021-41072 squashfs-tools: additional write outside destination directory exploit fix CVE-2021-40153 squashfs-tools: unvalidated...
7.3AI Score
Oracle Linux 8 : python3.11-cryptography (ELSA-2024-3105)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-3105 advisory. [37.0.2-6] - Security fix for CVE-2023-49083 - Resolves: RHEL-19831 Tenable has extracted the preceding description block directly from the Oracle Linux...
6.4AI Score
Oracle Linux 8 : gstreamer1-plugins-bad-free (ELSA-2024-3060)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3060 advisory. [1.16.1-4.0.1] - Update origin URL [Orabug: 36209826] [1.16.1-4] - Patch CVE-2023-40474: Integer overflow - Patch CVE-2023-40475: Integer overflow -...
7.1AI Score
Oracle Linux 8 : perl-Convert-ASN1 (ELSA-2024-3049)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-3049 advisory. [0.27-18] - Fix unsafe decoding in indef case (CVE-2013-7488) Tenable has extracted the preceding description block directly from the Oracle Linux security...
6.8AI Score
Oracle Linux 8 : vorbis-tools (ELSA-2024-3095)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-3095 advisory. [1:1.4.0-29] - fix out-of-bounds read in oggenc (CVE-2023-43361) Tenable has extracted the preceding description block directly from the Oracle Linux security...
6.7AI Score
Oracle Linux 8 : exempi (ELSA-2024-3066)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3066 advisory. [2.4.5-4] - Fix CVE-2020-18652 - Resolves: RHEL-5416 [2.4.5-3] - Fix CVE-2020-18651 - Resolves: RHEL-5415 Tenable has extracted the preceding...
7.1AI Score
OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. Prior to version 7.6.0, attackers can exploit a path traversal vulnerability to read and delete files and folders from an arbitrary,...
6.3AI Score
8.6AI Score
0.001EPSS
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries payload, and the...
7.5AI Score
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries payload, and the...
5.9CVSS
8.1AI Score
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries payload, and the...
7.5AI Score