Lucene search

K

OMICARD EDM 's SMS Security Vulnerabilities

nessus
nessus

SUSE SLES15 / openSUSE 15 Security Update : cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer (SUSE-SU-2024:1989-1)

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1989-1 advisory. - Bump github.com/containers/image/v5 (bsc#1224119, CVE-2024-3727) - Remove SLE15 SP4 from the distro check (end of general...

8.3CVSS

8.3AI Score

0.0004EPSS

2024-06-12 12:00 AM
nessus
nessus

RHEL 9 : kernel-rt (RHSA-2024:3854)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3854 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...

7.8CVSS

7.9AI Score

0.001EPSS

2024-06-12 12:00 AM
nessus
nessus

SUSE SLES15 / openSUSE 15 Security Update : aws-nitro-enclaves-cli (SUSE-SU-2024:1984-1)

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1984-1 advisory. - CVE-2023-50711: Fixed out of bounds memory accesses in embedded vmm-sys-util (bsc#1218501). Tenable has extracted the...

9.8CVSS

7AI Score

0.001EPSS

2024-06-12 12:00 AM
nessus
nessus

RHEL 9 : ruby (RHSA-2024:3838)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3838 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

8.8CVSS

8.1AI Score

EPSS

2024-06-12 12:00 AM
nessus
nessus

RHEL 8 : kernel (RHSA-2024:3859)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3859 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: KVM: SEV-ES / SEV-SNP...

5.6CVSS

8.1AI Score

0.001EPSS

2024-06-12 12:00 AM
openvas
openvas

Microsoft Windows Multiple Vulnerabilities (KB5039225)

This host is missing a critical security update according to Microsoft...

9.8CVSS

7.2AI Score

0.003EPSS

2024-06-12 12:00 AM
20
openvas
openvas

Microsoft Windows Multiple Vulnerabilities (KB5039212)

This host is missing an important security update according to Microsoft...

9.8CVSS

7.2AI Score

0.003EPSS

2024-06-12 12:00 AM
16
nessus
nessus

Amazon Linux 2 : postgresql (ALAS-2024-2567)

The version of postgresql installed on the remote host is prior to 9.2.24-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2567 advisory. While modifying certain SQL array values, missing overflow checks let authenticated database users write arbitrary bytes to...

8.8CVSS

9.1AI Score

0.015EPSS

2024-06-12 12:00 AM
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2024:1978-1)

The remote host is missing an update for...

7.8CVSS

7.5AI Score

0.0004EPSS

2024-06-12 12:00 AM
nessus
nessus

SUSE SLED12 / SLES12 Security Update : webkit2gtk3 (SUSE-SU-2024:1976-1)

The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1976-1 advisory. - Update to version 2.44.2 (bsc#1225071) - CVE-2024-27834: Fixed a vulnerability where an attacker with...

8.8CVSS

7.6AI Score

0.001EPSS

2024-06-12 12:00 AM
openvas
openvas

Ubuntu: Security Advisory (USN-6821-3)

The remote host is missing an update for...

8CVSS

7.5AI Score

0.0004EPSS

2024-06-12 12:00 AM
nessus
nessus

SUSE SLED15 / SLES15 Security Update : bind (SUSE-SU-2024:1982-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1982-1 advisory. - CVE-2023-4408: Fixed denial of service during DNS message parsing with different names (bsc#1219851) -...

7.5CVSS

7.6AI Score

0.05EPSS

2024-06-12 12:00 AM
nessus
nessus

Amazon Linux 2 : thunderbird (ALAS-2024-2561)

The version of thunderbird installed on the remote host is prior to 115.11.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2561 advisory. A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the...

9.1AI Score

0.0004EPSS

2024-06-12 12:00 AM
openvas
openvas

Slackware: Security Advisory (SSA:2024-163-01)

The remote host is missing an update for...

7.5AI Score

0.0004EPSS

2024-06-12 12:00 AM
openvas
openvas

Slackware: Security Advisory (SSA:2024-163-02)

The remote host is missing an update for...

4.4CVSS

7.5AI Score

0.0004EPSS

2024-06-12 12:00 AM
1
openvas
openvas

Ubuntu: Security Advisory (USN-6827-1)

The remote host is missing an update for...

5.5CVSS

7.5AI Score

0.0004EPSS

2024-06-12 12:00 AM
1
openvas
openvas

Ubuntu: Security Advisory (USN-6828-1)

The remote host is missing an update for...

8CVSS

7.5AI Score

EPSS

2024-06-12 12:00 AM
2
openvas
openvas

Microsoft Outlook 2016 Remote Code Execution Vulnerability (KB5002600)

This host is missing an important security update according to Microsoft...

8.8CVSS

7.2AI Score

0.001EPSS

2024-06-12 12:00 AM
2
openvas
openvas

Microsoft Office 2016 Multiple Remote Code Execution Vulnerabilities (KB5002591)

This host is missing an important security update according to Microsoft...

7.8CVSS

7.2AI Score

0.001EPSS

2024-06-12 12:00 AM
2
nessus
nessus

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel-firmware-nvidia-gspx-G06, nvidia-open-driver-G06-signed (SUSE-SU-2024:1990-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1990-1 advisory. Security Update 550.90.07: - CVE-2024-0090: Fixed out of bounds write (bsc#1223356). -...

7.8CVSS

7AI Score

0.0004EPSS

2024-06-12 12:00 AM
openvas
openvas

Ubuntu: Security Advisory (USN-6819-2)

The remote host is missing an update for...

7.8CVSS

7.5AI Score

0.001EPSS

2024-06-12 12:00 AM
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2024:1976-1)

The remote host is missing an update for...

8.8CVSS

7.5AI Score

0.001EPSS

2024-06-12 12:00 AM
nessus
nessus

RHEL 8 : protobuf-c (RHSA-2024:3812)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3812 advisory. The protobuf-c packages provide C bindings for Google's Protocol Buffers. Security Fix(es): * protobuf-c: unsigned integer overflow in...

5.5CVSS

7AI Score

0.0004EPSS

2024-06-12 12:00 AM
nessus
nessus

SUSE SLES12 Security Update : unrar (SUSE-SU-2024:1975-1)

The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1975-1 advisory. - CVE-2024-33899: Fixed a denial of service via ANSI escape squences. (bsc#1225661) Tenable has extracted the preceding description block...

7.4AI Score

0.0004EPSS

2024-06-12 12:00 AM
nessus
nessus

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : poppler (SUSE-SU-2024:1980-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1980-1 advisory. - CVE-2024-4141: Fixed out-of-bounds array write (bsc#1223375). Tenable has extracted the preceding...

2.9CVSS

7.1AI Score

0.0004EPSS

2024-06-12 12:00 AM
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2024:1991-1)

The remote host is missing an update for...

7.5CVSS

7.5AI Score

0.05EPSS

2024-06-12 12:00 AM
nessus
nessus

RHEL 8 / 9 : OpenShift Container Platform 4.15.17 (RHSA-2024:3676)

The remote Redhat Enterprise Linux 8 / 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3676 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private...

8.1CVSS

8.3AI Score

0.0004EPSS

2024-06-12 12:00 AM
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2024:1982-1)

The remote host is missing an update for...

7.5CVSS

7.5AI Score

0.05EPSS

2024-06-12 12:00 AM
nessus
nessus

RHEL 9 : kernel (RHSA-2024:3855)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3855 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: KVM: SVM: improper check...

7.8CVSS

7.7AI Score

0.001EPSS

2024-06-12 12:00 AM
nessus
nessus

RHEL 9 : c-ares (RHSA-2024:3842)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3842 advisory. The c-ares C library defines asynchronous DNS (Domain Name System) requests and provides name resolving API. Security Fix(es): * c-ares: Out of...

4.4CVSS

5.6AI Score

0.0004EPSS

2024-06-12 12:00 AM
nessus
nessus

Oracle Linux 9 : containernetworking-plugins (ELSA-2024-3831)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-3831 advisory. - rebuild for CVE-2023-45290 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

7.1AI Score

0.0004EPSS

2024-06-12 12:00 AM
nessus
nessus

SUSE SLES15 / openSUSE 15 Security Update : rmt-server (SUSE-SU-2024:1974-1)

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1974-1 advisory. - Update to version 2.17 - CVE-2024-28103: Fixed Permissions-Policy that was only served on responses with an HTML related...

9.8CVSS

7.2AI Score

0.001EPSS

2024-06-12 12:00 AM
2
nessus
nessus

SUSE SLES15 Security Update : glibc (SUSE-SU-2024:1977-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1977-1 advisory. - nscd: Release read lock after resetting timeout - nscd: Fix use-after-free in addgetnetgrentX (BZ #23520) - CVE-2024-33599; nscd:....

8.3AI Score

0.0005EPSS

2024-06-12 12:00 AM
openvas
openvas

Microsoft Windows Multiple Vulnerabilities (KB5039217)

This host is missing an important security update according to Microsoft...

9.8CVSS

7.2AI Score

0.003EPSS

2024-06-12 12:00 AM
16
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2024:1979-1)

The remote host is missing an update for...

7.8CVSS

7.5AI Score

0.001EPSS

2024-06-12 12:00 AM
nessus
nessus

SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1979-1)

The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1979-1 advisory. The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security bugfixes. The following security bugs were...

7.8CVSS

7.9AI Score

0.001EPSS

2024-06-12 12:00 AM
krebs
krebs

Patch Tuesday, June 2024 “Recall” Edition

Microsoft today released updates to fix more than 50 security vulnerabilities in Windows and related software, a relatively light Patch Tuesday this month for Windows users. The software giant also responded to a torrent of negative feedback on a new feature of Redmond's flagship operating system.....

9.8CVSS

8.9AI Score

0.003EPSS

2024-06-11 10:57 PM
205
ibm
ibm

Security Bulletin: IBM Rational Developer for i is vulnerable to leaked credentials due to a flaw in follow-redirects (CVE-2024-28849).

Summary IBM Rational Developer for i contains Code Coverage functionality which has a browser interface. The browser interface utilizes follow-redirects which could allow a remote attacker to obtain credentials (CVE-2024-28849). This bulletin identifies the steps to take to address the...

6.5CVSS

6.9AI Score

0.0004EPSS

2024-06-11 09:24 PM
4
ibm
ibm

Security Bulletin: Vulnerabilities in axios affect IBM Voice Gateway

Summary Security Vulnerabilities in axios affect IBM Voice Gateway. The vulnerabilities have been addressed. Vulnerability Details ** IBM X-Force ID: 294242 DESCRIPTION: **Node.js Axios module is vulnerable to a denial of service, caused by a prototype pollution in the formDataToJSON function. By.....

8.1AI Score

2024-06-11 08:00 PM
2
ibm
ibm

Security Bulletin: IBM® Db2® is vulnerable to a denial of service as a trap may occur when selecting from certain types of tables. (CVE-2023-29267)

Summary IBM® Db2® is vulnerable to a denial of service as a trap may occur when selecting from certain types of tables. Vulnerability Details ** CVEID: CVE-2023-29267 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as a trap...

5.3CVSS

6.7AI Score

0.0004EPSS

2024-06-11 07:48 PM
2
cve
cve

CVE-2024-35213

An improper input validation vulnerability in the SGI Image Codec of QNX SDP version(s) 6.6, 7.0, and 7.1 could allow an attacker to potentially cause a denial-of-service condition or execute code in the context of the image processing...

9CVSS

9.1AI Score

0.0004EPSS

2024-06-11 07:16 PM
23
nvd
nvd

CVE-2024-35213

An improper input validation vulnerability in the SGI Image Codec of QNX SDP version(s) 6.6, 7.0, and 7.1 could allow an attacker to potentially cause a denial-of-service condition or execute code in the context of the image processing...

9CVSS

0.0004EPSS

2024-06-11 07:16 PM
5
cvelist
cvelist

CVE-2024-35213 Vulnerability in SGI Image Codec Impacts BlackBerry QNX Software Development Platform (SDP)

An improper input validation vulnerability in the SGI Image Codec of QNX SDP version(s) 6.6, 7.0, and 7.1 could allow an attacker to potentially cause a denial-of-service condition or execute code in the context of the image processing...

9CVSS

0.0004EPSS

2024-06-11 06:37 PM
3
qualysblog
qualysblog

Microsoft and Adobe Patch Tuesday, June 2024 Security Update Review

Microsoft's June Patch Tuesday is here, bringing fixes for vulnerabilities impacting its multiple products. This month's release highlights the ongoing battle against cybersecurity threats, from critical updates to important fixes. Let's dive into the crucial insights from Microsoft's Patch...

9.8CVSS

9.3AI Score

0.003EPSS

2024-06-11 06:18 PM
15
cve
cve

CVE-2024-5851

A vulnerability classified as problematic has been found in playSMS up to 1.4.7. Affected is an unknown function of the file /index.php?app=main&inc=feature_schedule&op=list of the component SMS Schedule Handler. The manipulation of the argument name/message leads to basic cross site scripting. It....

3.5CVSS

4AI Score

0.0004EPSS

2024-06-11 06:15 PM
29
osv
osv

CVE-2024-5851

A vulnerability classified as problematic has been found in playSMS up to 1.4.7. Affected is an unknown function of the file /index.php?app=main&inc=feature_schedule&op=list of the component SMS Schedule Handler. The manipulation of the argument name/message leads to basic cross site scripting. It....

3.5CVSS

6.6AI Score

0.0004EPSS

2024-06-11 06:15 PM
1
cve
cve

CVE-2024-4190

Stored Cross-Site Scripting (XSS) vulnerabilities have been identified in OpenText ArcSight Logger. The vulnerabilities could be remotely...

8.1CVSS

6.2AI Score

0.0004EPSS

2024-06-11 06:15 PM
27
nvd
nvd

CVE-2024-4190

Stored Cross-Site Scripting (XSS) vulnerabilities have been identified in OpenText ArcSight Logger. The vulnerabilities could be remotely...

8.1CVSS

0.0004EPSS

2024-06-11 06:15 PM
2
nvd
nvd

CVE-2024-5851

A vulnerability classified as problematic has been found in playSMS up to 1.4.7. Affected is an unknown function of the file /index.php?app=main&inc=feature_schedule&op=list of the component SMS Schedule Handler. The manipulation of the argument name/message leads to basic cross site scripting. It....

3.5CVSS

0.0004EPSS

2024-06-11 06:15 PM
2
cvelist
cvelist

CVE-2024-4190 OpenText ArcSight Logger Stored XSS

Stored Cross-Site Scripting (XSS) vulnerabilities have been identified in OpenText ArcSight Logger. The vulnerabilities could be remotely...

8.1CVSS

0.0004EPSS

2024-06-11 05:48 PM
6
Total number of security vulnerabilities371899