Lucene search

K

OMGF | Host Google Fonts Locally Security Vulnerabilities

openvas
openvas

SUSE: Security Advisory (SUSE-SU-2024:2089-1)

The remote host is missing an update for...

6.7AI Score

EPSS

2024-06-20 12:00 AM
openvas
openvas

Ubuntu: Security Advisory (USN-6841-1)

The remote host is missing an update for...

5.3CVSS

7.1AI Score

0.001EPSS

2024-06-20 12:00 AM
nessus
nessus

SUSE SLES15 Security Update : openssl-3 (SUSE-SU-2024:2088-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2088-1 advisory. - CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers. (bsc#1225551) Tenable has extracted the preceding description block directly.....

6.7AI Score

EPSS

2024-06-20 12:00 AM
nessus
nessus

SUSE SLES15 Security Update : openssl-1_1 (SUSE-SU-2024:2089-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2089-1 advisory. - CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers. (bsc#1225551) Tenable has extracted the preceding description block directly.....

6.6AI Score

EPSS

2024-06-20 12:00 AM
nessus
nessus

SUSE SLES15 Security Update : kernel RT (Live Patch 1 for SLE 15 SP5) (SUSE-SU-2024:2094-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2094-1 advisory. This update for the Linux Kernel 5.14.21-150500_13_5 fixes several issues. The following security issues were fixed: - CVE-2023-52628: Fixed...

7.5AI Score

0.0005EPSS

2024-06-20 12:00 AM
1
osv
osv

putty - security update

Bulletin has no...

5.9CVSS

7.2AI Score

0.002EPSS

2024-06-20 12:00 AM
ubuntucve
ubuntucve

CVE-2021-47597

In the Linux kernel, the following vulnerability has been resolved: inet_diag: fix kernel-infoleak for UDP sockets KMSAN reported a kernel-infoleak [1], that can exploited by unpriv users. After analysis it turned out UDP was not initializing r->idiag_expires. Other users of inet_sk_diag_fill()....

6.9AI Score

0.0004EPSS

2024-06-20 12:00 AM
nessus
nessus

Fedora 39 : libvirt (2024-c2e7b82022)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-c2e7b82022 advisory. Fix crash in event loop (CVE-2024-4418) Fix I/O stall when multiple threads issue RPC calls Fix leak of GSource object Fix leak of udev...

6.2CVSS

6.8AI Score

0.0004EPSS

2024-06-20 12:00 AM
almalinux
almalinux

Important: ghostscript security update

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix(es): ghostscript: OPVP device arbitrary code execution via custom Driver library...

7.3AI Score

EPSS

2024-06-20 12:00 AM
2
osv
osv

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.12.1. Security Fix(es): thunderbird: Use-after-free in networking (CVE-2024-5702) thunderbird: Use-after-free in JavaScript object transplant (CVE-2024-5688) thunderbird: External...

8AI Score

0.0004EPSS

2024-06-20 12:00 AM
1
nessus
nessus

SUSE SLES15 Security Update : kernel RT (Live Patch 11 for SLE 15 SP5) (SUSE-SU-2024:2100-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2100-1 advisory. This update for the Linux Kernel 5.14.21-150500_13_38 fixes several issues. The following security issues were fixed: - CVE-2024-26852: Fixed...

7CVSS

7.5AI Score

0.0004EPSS

2024-06-20 12:00 AM
nessus
nessus

IBM WebSphere Application Server 8.5.x < 8.5.5.26 / 9.x < 9.0.5.21 Identity Spoofing (7158031)

The version of IBM WebSphere Application Server running on the remote host is affected by an identity spoofing vulnerability as referenced in the 7158031 advisory. IBM WebSphere Application Server is vulnerable to identity spoofing by an authenticated user due to improper signature...

8.8CVSS

6.8AI Score

0.0004EPSS

2024-06-20 12:00 AM
1
nessus
nessus

Atlassian Jira 9.5.x < 9.12.8 Information Disclosure

According to its self-reported version number, the Atlassian Jira application running on the remote host is prior to 9.4.21, 9.5.x prior to 9.12.8 or 9.13.x prior to 9.16.0. It is, therefore, affected by an information disclosure vulnerability. Note that the scanner has not tested for these issues....

7AI Score

2024-06-20 12:00 AM
3
nessus
nessus

Oracle Linux 8 : ghostscript (ELSA-2024-4000)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4000 advisory. [9.27-13] - CVE-2024-33871 ghostscript: OPVP device arbitrary code execution via custom Driver library Tenable has extracted the preceding description block...

7.1AI Score

EPSS

2024-06-20 12:00 AM
2
nessus
nessus

AlmaLinux 8 : ghostscript (ALSA-2024:4000)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4000 advisory. * ghostscript: OPVP device arbitrary code execution via custom Driver library (CVE-2024-33871) Tenable has extracted the preceding description block directly from...

7.3AI Score

EPSS

2024-06-20 12:00 AM
1
nessus
nessus

Oracle Linux 9 : ghostscript (ELSA-2024-3999)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3999 advisory. [9.54.0-16] - RHEL-39110 fix regression discovered in OPVP device [9.54.0-15] - RHEL-39110 CVE-2024-33871 ghostscript: OPVP device arbitrary code execution via...

7.2AI Score

EPSS

2024-06-20 12:00 AM
1
nessus
nessus

SUSE SLED15 / SLES15 Security Update : python-Werkzeug (SUSE-SU-2024:1624-2)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1624-2 advisory. - CVE-2024-34069: Fixed a remote code execution through debugger when interacting with attacker controlled domain...

7.5CVSS

7.9AI Score

0.0004EPSS

2024-06-20 12:00 AM
1
nessus
nessus

Debian dsa-5717 : libapache2-mod-php8.2 - security update

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5717 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5717-1 [email protected] ...

5.3CVSS

5.1AI Score

0.001EPSS

2024-06-20 12:00 AM
3
nessus
nessus

RHEL 8 : Release of openshift-serverless-clients kn 1.33.0 security update & s (Important) (RHSA-2024:4023)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:4023 advisory. Red Hat OpenShift Serverless Client kn 1.33.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.33.0. The kn CLI is...

6.9AI Score

0.0004EPSS

2024-06-20 12:00 AM
1
nessus
nessus

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gdk-pixbuf (SUSE-SU-2024:2076-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2076-1 advisory. gdk-pixbuf was updated to version 2.42.12: - Security issues fixed: * CVE-2022-48622: Fixed...

7.8CVSS

7.9AI Score

0.001EPSS

2024-06-20 12:00 AM
2
nessus
nessus

RHEL 8 : ghostscript (RHSA-2024:4000)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4000 advisory. The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap...

7.2AI Score

EPSS

2024-06-20 12:00 AM
2
openvas
openvas

Mageia: Security Advisory (MGASA-2024-0228)

The remote host is missing an update for...

4.7CVSS

7.1AI Score

0.0004EPSS

2024-06-20 12:00 AM
1
openvas
openvas

Foxit Reader Multiple Vulnerabilities (June 2024)

Foxit Reader is prone to multiple ...

7.8CVSS

7.9AI Score

0.001EPSS

2024-06-20 12:00 AM
ubuntucve
ubuntucve

CVE-2024-36979

In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious rcu usage[1] in bridge's mst code. While fixing it I noticed that nothing prevents a vlan to be freed while walking the list from the same path (br forward...

6.8AI Score

0.0004EPSS

2024-06-20 12:00 AM
nessus
nessus

Debian dla-3839 : pterm - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3839 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3839-1 [email protected] ...

5.9CVSS

6.4AI Score

0.002EPSS

2024-06-20 12:00 AM
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2024:2088-1)

The remote host is missing an update for...

6.7AI Score

EPSS

2024-06-20 12:00 AM
nessus
nessus

RHEL 7 : thunderbird (RHSA-2024:4016)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:4016 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.12.1. Security Fix(es): *...

7.7AI Score

0.0004EPSS

2024-06-20 12:00 AM
nessus
nessus

SUSE SLES12 Security Update : libarchive (SUSE-SU-2024:2081-1)

The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2081-1 advisory. - CVE-2024-20696: Fixed heap based out-of-bounds write (bsc#1225971). Tenable has extracted the preceding description block directly from...

7.3CVSS

7.3AI Score

0.003EPSS

2024-06-20 12:00 AM
nessus
nessus

SUSE SLES15 Security Update : kernel RT (Live Patch 8 for SLE 15 SP5) (SUSE-SU-2024:2099-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2099-1 advisory. This update for the Linux Kernel 5.14.21-150500_13_27 fixes several issues. The following security issues were fixed: - CVE-2023-6931: Fixed...

7.8CVSS

7AI Score

0.0004EPSS

2024-06-20 12:00 AM
nessus
nessus

SUSE SLES15 / openSUSE 15 : Feature update for rabbitmq-server313, erlang26, elixir115 (SUSE-SU-SUSE-FU-2024:2078-1)

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-SUSE-FU-2024:2078-1 advisory. rabbitmq-server was implemented with a parallel versioned RPM package at version 3.13.1 (jsc#PED-8414): -...

7.5CVSS

8AI Score

0.001EPSS

2024-06-20 12:00 AM
1
nessus
nessus

Oracle Linux 7 : thunderbird (ELSA-2024-4016)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-4016 advisory. [115.12.1-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build [115.12.1-1] - Update...

6.9AI Score

0.0004EPSS

2024-06-20 12:00 AM
1
nessus
nessus

Oracle Linux 9 : thunderbird (ELSA-2024-4002)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-4002 advisory. [115.12.1-1.0.1] - Add Oracle prefs [115.12.1] - Add OpenELA debranding [115.12.1-1] - Update to 115.12.1 build1 [115.12.0-2] - Update to 115.12.0...

6.9AI Score

0.0004EPSS

2024-06-20 12:00 AM
1
nessus
nessus

RHEL 9 : thunderbird (RHSA-2024:4004)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:4004 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.12.1. Security Fix(es): *...

7.7AI Score

0.0004EPSS

2024-06-20 12:00 AM
1
nessus
nessus

Atlassian Jira 9.13.x < 9.16.0 Information Disclosure

According to its self-reported version number, the Atlassian Jira application running on the remote host is prior to 9.4.21, 9.5.x prior to 9.12.8 or 9.13.x prior to 9.16.0. It is, therefore, affected by an information disclosure vulnerability. Note that the scanner has not tested for these issues....

7AI Score

2024-06-20 12:00 AM
4
nessus
nessus

SUSE SLES15 Security Update : kernel RT (Live Patch 13 for SLE 15 SP5) (SUSE-SU-2024:2101-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2101-1 advisory. This update for the Linux Kernel 5.14.21-150500_13_47 fixes several issues. The following security issues were fixed: - CVE-2024-26852: Fixed...

7.1AI Score

0.0004EPSS

2024-06-20 12:00 AM
1
nessus
nessus

AlmaLinux 9 : thunderbird (ALSA-2024:4002)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:4002 advisory. * thunderbird: Use-after-free in networking (CVE-2024-5702) * thunderbird: Use-after-free in JavaScript object transplant (CVE-2024-5688) * thunderbird:...

7.7AI Score

0.0004EPSS

2024-06-20 12:00 AM
2
nessus
nessus

Yoast SEO Plugin for WordPress < 22.7 Cross-Site Scripting

The WordPress Yoast SEO Plugin installed on the remote host is affected by a stored Cross-Site Scripting (XSS) vulnerability. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version...

6.2AI Score

2024-06-20 12:00 AM
3
nessus
nessus

RHEL 8 : thunderbird (RHSA-2024:4001)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:4001 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.12.1. Security Fix(es): *...

7.7AI Score

0.0004EPSS

2024-06-20 12:00 AM
1
nessus
nessus

RHEL 9 : thunderbird (RHSA-2024:4015)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:4015 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.12.1. Security Fix(es): *...

7.7AI Score

0.0004EPSS

2024-06-20 12:00 AM
1
nessus
nessus

AlmaLinux 9 : ghostscript (ALSA-2024:3999)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:3999 advisory. * ghostscript: OPVP device arbitrary code execution via custom Driver library (CVE-2024-33871) Tenable has extracted the preceding description block directly from...

7.3AI Score

EPSS

2024-06-20 12:00 AM
1
openvas
openvas

Mageia: Security Advisory (MGASA-2024-0229)

The remote host is missing an update for...

8.4CVSS

7.1AI Score

0.0004EPSS

2024-06-20 12:00 AM
nessus
nessus

Atlassian Jira < 9.4.21 Information Disclosure

According to its self-reported version number, the Atlassian Jira application running on the remote host is prior to 9.4.21, 9.5.x prior to 9.12.8 or 9.13.x prior to 9.16.0. It is, therefore, affected by an information disclosure vulnerability. Note that the scanner has not tested for these issues....

7AI Score

2024-06-20 12:00 AM
2
ubuntucve
ubuntucve

CVE-2021-47588

In the Linux kernel, the following vulnerability has been resolved: sit: do not call ipip6_dev_free() from sit_init_net() ipip6_dev_free is sit dev-&gt;priv_destructor, already called by register_netdevice() if something goes wrong. Alternative would be to make ipip6_dev_free() robust against...

7AI Score

0.0004EPSS

2024-06-20 12:00 AM
ubuntucve
ubuntucve

CVE-2022-48763

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Forcibly leave nested virt when SMM state is toggled Forcibly leave nested virtualization operation if userspace toggles SMM state via KVM_SET_VCPU_EVENTS or KVM_SYNC_X86_EVENTS. If userspace forces the vCPU out of SMM...

6.7AI Score

0.0004EPSS

2024-06-20 12:00 AM
nessus
nessus

SUSE SLES15 Security Update : podman (SUSE-SU-2024:2090-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2090-1 advisory. - Update to version 4.9.5 - CVE-2024-3727: Fixed a flaw that allowed attackers to trigger unexpected authenticated registry...

8.3CVSS

8.7AI Score

0.0004EPSS

2024-06-20 12:00 AM
oraclelinux
oraclelinux

ghostscript security update

[9.54.0-16] - RHEL-39110 fix regression discovered in OPVP device [9.54.0-15] - RHEL-39110 CVE-2024-33871 ghostscript: OPVP device arbitrary code execution via custom Driver...

7.7AI Score

EPSS

2024-06-20 12:00 AM
nessus
nessus

RHEL 8 : thunderbird (RHSA-2024:4018)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:4018 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.12.1. Security Fix(es): *...

7.7AI Score

0.0004EPSS

2024-06-20 12:00 AM
nessus
nessus

SUSE SLES12 Security Update : libzypp, zypper (SUSE-SU-2024:2080-1)

The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2080-1 advisory. - CVE-2017-9271: Fixed proxy credentials written to log files (bsc#1050625). The following non-security bugs were fixed: - clean: Do not...

3.3CVSS

7.1AI Score

0.0004EPSS

2024-06-20 12:00 AM
nessus
nessus

SUSE SLES15 Security Update : libarchive (SUSE-SU-2024:2082-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2082-1 advisory. - CVE-2024-20696: Fixed heap based out-of-bounds write (bsc#1225971). Tenable has extracted the preceding description block directly from...

7.3CVSS

7.2AI Score

0.003EPSS

2024-06-20 12:00 AM
nessus
nessus

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : opencc (SUSE-SU-2024:2102-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2102-1 advisory. - CVE-2018-16982: Check offset bounds in BinaryDict::NewFromFile method. (bsc#1108310) Tenable has...

5.5CVSS

7AI Score

0.001EPSS

2024-06-20 12:00 AM
1
Total number of security vulnerabilities663267