OMGF | Host Google Fonts Locally Security Vulnerabilities
8.8CVSS
6.3AI Score
0.001EPSS
4.3CVSS
6.8AI Score
0.0005EPSS
5.5CVSS
5.3AI Score
0.0004EPSS
6.4AI Score
0.0004EPSS
7.2AI Score
mariadb, mariadb-10.6 vulnerability
A security issue was discovered in MariaDB and this update includes new upstream MariaDB versions to fix the issue. MariaDB has been updated to 10.6.18 in Ubuntu 22.04 LTS and to 10.11.8 in Ubuntu 23.10 and Ubuntu 24.04 LTS. In addition to security fixes, the updated packages contain bug fixes,...
4.9CVSS
6.7AI Score
0.0005EPSS
Zyxel NAS326 Firmware < V5.21(AAZF.17)C0 - Command Injection
The command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST...
9.8CVSS
7.8AI Score
0.937EPSS
An uncontrolled resource consumption vulnerability exists in the upload-link endpoint of mintplex-labs/anything-llm. This vulnerability allows attackers to cause a denial of service (DOS) by shutting down the server through sending invalid upload requests. Specifically, the server can be made to...
6.5CVSS
6.9AI Score
0.0004EPSS
org.keycloak, keycloak-core is vulnerable to Credential Leakage. The vulnerability is due to a lack of proper validation and enforcement when administrators change the LDAP Connection URL without requiring re-entry of the currently configured LDAP bind credentials. The vulnerability allows an...
2.7CVSS
6.5AI Score
0.0004EPSS
Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,.....
7.5AI Score
0.0004EPSS
8.8AI Score
0.0004EPSS
Heap-buffer-overflow in spvtools::disassemble::InstructionDisassembler::EmitInstruction
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69549 Crash type: Heap-buffer-overflow READ 1 Crash state: spvtools::disassemble::InstructionDisassembler::EmitInstruction spvtools::DisassembleInstruction...
7.2AI Score
openSUSE: Security Advisory for ghostscript (SUSE-SU-2024:1590-2)
The remote host is missing an update for...
7.1AI Score
0.0004EPSS
openSUSE: Security Advisory for MozillaFirefox (SUSE-SU-2024:2061-1)
The remote host is missing an update for...
6.9AI Score
0.0004EPSS
openSUSE: Security Advisory for less (SUSE-SU-2024:2060-1)
The remote host is missing an update for...
7.1AI Score
0.0004EPSS
7.2AI Score
0.0004EPSS
In the module "Bulk Export products to Google Merchant-Google Shopping" (bagoogleshopping) up to version 1.0.26 from Buy Addons for PrestaShop, a guest can perform SQL injection...
0.0004EPSS
SUSE SLES15 Security Update : podman (SUSE-SU-2024:2050-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2050-1 advisory. - Update to version 4.9.5 - CVE-2024-3727: Fixed a flaw that allowed attackers to trigger unexpected authenticated registry...
8.3CVSS
8AI Score
0.0004EPSS
9CVSS
9.2AI Score
0.001EPSS
AlmaLinux 8 : flatpak (ALSA-2024:3961)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:3961 advisory. * flatpak: sandbox escape via RequestBackground portal (CVE-2024-32462) Tenable has extracted the preceding description block directly from the AlmaLinux security...
8.4CVSS
8.5AI Score
0.0004EPSS
openSUSE: Security Advisory for gdcm (openSUSE-SU-2024:0167-1)
The remote host is missing an update for...
8.1CVSS
7.1AI Score
0.001EPSS
Debian dla-3836 : thunderbird - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3836 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3836-1 [email protected] ...
7.2AI Score
0.0004EPSS
Nextcloud Server is prone to an improper access control ...
8.1CVSS
7AI Score
0.0004EPSS
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : PHP vulnerability (USN-6841-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6841-1 advisory. It was discovered that PHP could early return in the filter_var function resulting in invalid user information being treated as...
5.3CVSS
5.7AI Score
0.001EPSS
Foxit Reader Privilege Escalation Vulnerability (June 2024)
Foxit Reader is prone to a privilege escalation...
8.2CVSS
8.4AI Score
0.0004EPSS
Debian dla-3837 : libndp-dbg - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3837 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3837-1 [email protected] ...
7.4CVSS
7AI Score
0.0004EPSS
7.8CVSS
8AI Score
0.001EPSS
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : Thunderbird vulnerabilities (USN-6840-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6840-1 advisory. Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a...
8AI Score
0.0004EPSS
Ubuntu 22.04 LTS / 23.10 / 24.04 LTS : MariaDB vulnerability (USN-6839-1)
The remote Ubuntu 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6839-1 advisory. A security issue was discovered in MariaDB and this update includes new upstream MariaDB versions to fix the issue. MariaDB has been...
4.9CVSS
7AI Score
0.0005EPSS
SUSE SLES15 Security Update : booth (SUSE-SU-2024:2062-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:2062-1 advisory. - CVE-2024-3049: Fixed a vulnerability where a specially crafted hash can lead to invalid HMAC being accepted by Booth server. (bsc#1226032) ...
5.9CVSS
5.7AI Score
0.001EPSS
AlmaLinux 8 : container-tools:rhel8 bug fix and enhancement update (Medium) (ALSA-2024:3968)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:3968 advisory. * podman: jose-go: improper handling of highly compressed data (CVE-2024-28180) * buildah: jose-go: improper handling of highly compressed data...
4.9CVSS
5.9AI Score
0.0005EPSS
RHEL 6 : vertx-core (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support (CVE-2024-1300) Note that...
5.4CVSS
6.9AI Score
0.0004EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : openssl-1_1 (SUSE-SU-2024:2059-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2059-1 advisory. - CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers. (bsc#1225551) Tenable has extracted the...
6.6AI Score
EPSS
SUSE SLED15 / SLES15 Security Update : python-Werkzeug (SUSE-SU-2024:1591-2)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:1591-2 advisory. - CVE-2024-34069: Fixed a remote code execution through debugger when interacting with attacker controlled domain...
7.5CVSS
7.8AI Score
0.0004EPSS
5.6CVSS
5.7AI Score
0.0004EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : openssl-3 (SUSE-SU-2024:2066-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2066-1 advisory. Security issues fixed: - CVE-2024-4603: Check DSA parameters for excessive sizes before...
6.9AI Score
EPSS
8.8CVSS
6.7AI Score
0.0004EPSS
CentOS 7 : bind, bind-dyndb-ldap, and dhcp (RHSA-2024:3741)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3741 advisory. The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS...
7.5CVSS
8AI Score
0.05EPSS
openSUSE: Security Advisory for webkit2gtk3 (SUSE-SU-2024:2065-1)
The remote host is missing an update for...
6.7AI Score
0.0004EPSS
CentOS 7 : ipa (RHSA-2024:3760)
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3760 advisory. A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client's session key. This key is different for each new...
8.1CVSS
6.8AI Score
0.0004EPSS
AlmaLinux 8 : firefox (ALSA-2024:3954)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:3954 advisory. * firefox: Use-after-free in networking (CVE-2024-5702) * firefox: Use-after-free in JavaScript object transplant (CVE-2024-5688) * firefox: External...
7.6AI Score
0.0004EPSS
Fedora: Security Advisory for kitty (FEDORA-2024-15039ba9f9)
The remote host is missing an update for...
5.5CVSS
5.5AI Score
0.0004EPSS
openSUSE: Security Advisory for mariadb (SUSE-SU-2024:2032-1)
The remote host is missing an update for...
4.9CVSS
7.4AI Score
0.0005EPSS
openSUSE: Security Advisory for php8 (SUSE-SU-2024:2038-1)
The remote host is missing an update for...
5.3CVSS
5.4AI Score
0.001EPSS
openSUSE: Security Advisory for booth (SUSE-SU-2024:2063-1)
The remote host is missing an update for...
5.9CVSS
5.8AI Score
0.001EPSS
A vulnerability in the userinfo URI subcomponent of the GNU Wget download manager is related to an insecure behavior whereby in which data that should be in the userinfo subcomponent is misinterpreted as being part of the host subcomponent. Exploitation of the vulnerability could allow an attacker....
6.7AI Score
0.0004EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : openssl-1_1 (SUSE-SU-2024:2051-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2051-1 advisory. - CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers. (bsc#1225551) Tenable has extracted the...
6.6AI Score
EPSS
openSUSE: Security Advisory for booth (SUSE-SU-2024:2062-1)
The remote host is missing an update for...
5.9CVSS
5.8AI Score
0.001EPSS
openSUSE 15 Security Update : gdcm (openSUSE-SU-2024:0167-1)
The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2024:0167-1 advisory. - CVE-2024-22373: Fixed out-of-bounds write vulnerability in JPEG2000Codec::DecodeByStreamsCommon (boo#1223398). Tenable has extracted the preceding...
8.1CVSS
7.1AI Score
0.001EPSS
8.3CVSS
8.5AI Score
0.0004EPSS