OMGF | Host Google Fonts Locally Security Vulnerabilities
SUSE SLES15 Security Update : gdk-pixbuf (SUSE-SU-2024:1842-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1842-1 advisory. - CVE-2022-48622: Fixed files rejection with multiple anih chunks (bsc#1219276). Tenable has extracted the preceding description block...
6.6AI Score
Ubuntu 22.04 LTS / 23.10 / 24.04 LTS : PostgreSQL vulnerability (USN-6802-1)
The remote Ubuntu 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6802-1 advisory. Lukas Fittl discovered that PostgreSQL incorrectly performed authorization in the built-in pg_stats_ext and pg_stats_ext_exprs views. An...
6.9AI Score
Huawei EulerOS: Security Advisory for libuv (EulerOS-SA-2024-1766)
The remote host is missing an update for the Huawei...
6.7AI Score
0.001EPSS
Google Chrome < 125.0.6422.141 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 125.0.6422.141. It is, therefore, affected by multiple vulnerabilities as referenced in the 2024_05_stable-channel-update-for-desktop_30 advisory. Heap buffer overflow in WebRTC. (CVE-2024-5493) Use after free in Dawn....
8.1AI Score
EulerOS 2.0 SP12 : xorg-x11-server (EulerOS-SA-2024-1758)
According to the versions of the xorg-x11-server package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash...
8.2AI Score
In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies syzbot reported unsafe calls to copy_from_sockptr() [1] Use copy_safe_from_sockptr() instead. [1] BUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset...
7AI Score
6.7AI Score
0.0004EPSS
EulerOS 2.0 SP12 : libssh2 (EulerOS-SA-2024-1742)
According to the versions of the libssh2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
7.8AI Score
EulerOS 2.0 SP12 : python-jinja2 (EulerOS-SA-2024-1749)
According to the versions of the python-jinja2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. It is...
6.8AI Score
EulerOS 2.0 SP12 : kernel (EulerOS-SA-2024-1764)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() Including...
7.7AI Score
Oracle Linux 9 : less (ELSA-2024-3513)
The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-3513 advisory. [590-4] - Fix CVE-2024-32487 - Resolves: RHEL-33773 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note.....
6.3AI Score
openSUSE 15 Security Update : gifsicle (openSUSE-SU-2024:0146-1)
The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2024:0146-1 advisory. Update to version 1.95: - CVE-2023-46009: Fixed floating point exception vulnerability via resize_stream at src/xform.c (boo#1216403) Tenable has...
7.5AI Score
SUSE SLES15 / openSUSE 15 Security Update : libxml2 (SUSE-SU-2024:0461-2)
The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0461-2 advisory. - CVE-2024-25062: Fixed use-after-free in XMLReader (bsc#1219576). Tenable has extracted the preceding description block...
7AI Score
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : openssl-1_1 (SUSE-SU-2024:1808-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1808-1 advisory. - CVE-2024-2511: Fixed unconstrained session cache growth in TLSv1.3 (bsc#1222548). Tenable has...
7AI Score
Oracle Linux 8 : grafana (ELSA-2024-3265)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3265 advisory. [9.2.10-16] - Check OrdID is correct before deleting snapshot - fix CVE-2024-1313 - fix CVE-2024-1394 Tenable has extracted the preceding description...
7.3AI Score
EulerOS 2.0 SP12 : docker-runc (EulerOS-SA-2024-1762)
According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an...
7.6AI Score
Veritas NetBackup Improper Access Control (VTS24-004)
The version of Veritas NetBackup installed on the remote host is 9.1.0.1, 10.0, 10.0.0.1, 10.1, 10.1.1, 10.2, 10.2.0.1, 10.3, or 10.3.0.1. It is, therefore, affected by a vulnerability as referenced in the VTS24-004 advisory. A vulnerability was discovered in the Alta Recovery Vault feature of...
6.8AI Score
Google Chrome < 125.0.6422.141 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 125.0.6422.141. It is, therefore, affected by multiple vulnerabilities as referenced in the 2024_05_stable-channel-update-for-desktop_30 advisory. Heap buffer overflow in WebRTC. (CVE-2024-5493) Use after free in...
8.4AI Score
SUSE SLES12 Security Update : python3 (SUSE-SU-2024:1843-1)
The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1843-1 advisory. - CVE-2024-0450: Fixed detecting the vulnerability of 'quoted-overlap' zipbomb (bsc#1221854). Tenable has extracted the preceding...
6.5AI Score
RHEL 9 : less (RHSA-2024:3513)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3513 advisory. The less utility is a text file browser that resembles more, but allows users to move backwards in the file as well as forwards. Since less does...
7AI Score
Oracle Linux 8 : git-lfs (ELSA-2024-3346)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-3346 advisory. [3.4.1-2] - Rebuild with new Golang - Resolves: RHEL-32543, RHEL-28377, RHEL-28399, RHEL-28423 [3.4.1-1] - Update to version 3.4.1 - Resolves:...
7AI Score
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1741)
The remote host is missing an update for the Huawei...
6.8AI Score
0.003EPSS
RHEL 8 : OpenShift Container Platform 4.12.58 (RHSA-2024:3351)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3351 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private...
7AI Score
EulerOS 2.0 SP12 : systemd (EulerOS-SA-2024-1779)
According to the versions of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they...
7.1AI Score
Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-1763)
The remote host is missing an update for the Huawei...
7AI Score
0.008EPSS
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2024-1769)
The remote host is missing an update for the Huawei...
6.9AI Score
0.002EPSS
Huawei EulerOS: Security Advisory for less (EulerOS-SA-2024-1727)
The remote host is missing an update for the Huawei...
6.7AI Score
0.0004EPSS
6.7AI Score
0.0005EPSS
Huawei EulerOS: Security Advisory for libuv (EulerOS-SA-2024-1743)
The remote host is missing an update for the Huawei...
6.7AI Score
0.001EPSS
Moderate: nghttp2 security update
libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 (HTTP/2) protocol in C. Security Fix(es): nghttp2: CONTINUATION frames DoS (CVE-2024-28182) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related...
6.5AI Score
0.0004EPSS
7.1AI Score
Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2024-1753)
The remote host is missing an update for the Huawei...
7.1AI Score
0.008EPSS
7.5AI Score
6.8AI Score
0.001EPSS
6.8AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Track decrypted status in vmbus_gpadl In CoCo VMs it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned and the resulting memory.....
7AI Score
FreeBSD : chromium -- security fix (6926d038-1db4-11ef-9f97-a8a1599412c6)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 6926d038-1db4-11ef-9f97-a8a1599412c6 advisory. Chrome Releases reports: This update includes 1 security fix: Tenable has extracted the preceding...
6.4AI Score
Huawei EulerOS: Security Advisory for edk2 (EulerOS-SA-2024-1733)
The remote host is missing an update for the Huawei...
7.1AI Score
0.006EPSS
Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2024-1715)
The remote host is missing an update for the Huawei...
6.7AI Score
0.0005EPSS
Huawei EulerOS: Security Advisory for ncurses (EulerOS-SA-2024-1719)
The remote host is missing an update for the Huawei...
6.7AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2024-1731)
The remote host is missing an update for the Huawei...
7AI Score
0.003EPSS
Huawei EulerOS: Security Advisory for python-pycryptodome (EulerOS-SA-2024-1775)
The remote host is missing an update for the Huawei...
6.7AI Score
0.001EPSS
Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2024-1779)
The remote host is missing an update for the Huawei...
6.7AI Score
0.001EPSS
Huawei EulerOS: Security Advisory for linux-sgx (EulerOS-SA-2024-1782)
The remote host is missing an update for the Huawei...
6.9AI Score
0.002EPSS
Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2024-1754)
The remote host is missing an update for the Huawei...
6.9AI Score
0.001EPSS
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2024-1751)
The remote host is missing an update for the Huawei...
7AI Score
0.003EPSS
Huawei EulerOS: Security Advisory for pam (EulerOS-SA-2024-1747)
The remote host is missing an update for the Huawei...
6.7AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for ncurses (EulerOS-SA-2024-1745)
The remote host is missing an update for the Huawei...
6.7AI Score
0.001EPSS
Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2024-1774)
The remote host is missing an update for the Huawei...
7AI Score
0.003EPSS
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1759)
The remote host is missing an update for the Huawei...
6.9AI Score
0.001EPSS