SCALANCE X307-2 EEC (2x 230V, Coated) Security Vulnerabilities

CVE-2023-0215 affecting package cloud-hypervisor 22.0-2

CVE-2023-0215 affecting package cloud-hypervisor 22.0-2. This CVE either no longer is or was never...

CVE-2022-3697 affecting package ansible 2.9.27-2

CVE-2022-3697 affecting package ansible 2.9.27-2. No patch is available...

CVE-2022-21628 affecting package openjdk8 1.8.0.332-2

CVE-2022-21628 affecting package openjdk8 1.8.0.332-2. No patch is available...

CVE-2022-41715 affecting package golang 1.17.13-2

CVE-2022-41715 affecting package golang 1.17.13-2. No patch is available...

CVE-2022-2879 affecting package golang 1.17.13-2

CVE-2022-2879 affecting package golang 1.17.13-2. No patch is available...

CVE-2022-21541 affecting package openjdk8 1.8.0.332-2

CVE-2022-21541 affecting package openjdk8 1.8.0.332-2. No patch is available...

CVE-2022-46908 affecting package sqlite 3.34.1-2

CVE-2022-46908 affecting package sqlite 3.34.1-2. This CVE either no longer is or was never...

CVE-2023-0286 affecting package cloud-hypervisor 22.0-2

CVE-2023-0286 affecting package cloud-hypervisor 22.0-2. This CVE either no longer is or was never...

CVE-2023-21830 affecting package openjdk8 1.8.0.332-2

CVE-2023-21830 affecting package openjdk8 1.8.0.332-2. No patch is available...

CVE-2023-21843 affecting package openjdk8 1.8.0.332-2

CVE-2023-21843 affecting package openjdk8 1.8.0.332-2. No patch is available...

CVE-2022-21619 affecting package openjdk8 1.8.0.332-2

CVE-2022-21619 affecting package openjdk8 1.8.0.332-2. No patch is available...

CVE-2022-2880 affecting package golang 1.17.13-2

CVE-2022-2880 affecting package golang 1.17.13-2. No patch is available...

CVE-2022-38126 affecting package binutils 2.36.1-2

CVE-2022-38126 affecting package binutils 2.36.1-2. This CVE either no longer is or was never...

CVE-2022-34169 affecting package openjdk8 1.8.0.332-2

CVE-2022-34169 affecting package openjdk8 1.8.0.332-2. No patch is available...

CVE-2022-4304 affecting package cloud-hypervisor 22.0-2

CVE-2022-4304 affecting package cloud-hypervisor 22.0-2. This CVE either no longer is or was never...

CVE-2022-38128 affecting package binutils 2.36.1-2

CVE-2022-38128 affecting package binutils 2.36.1-2. This CVE either no longer is or was never...

CVE-2021-34141 affecting package numpy 1.16.6-2

CVE-2021-34141 affecting package numpy 1.16.6-2. This CVE either no longer is or was never...

CVE-2022-38127 affecting package binutils 2.36.1-2

CVE-2022-38127 affecting package binutils 2.36.1-2. This CVE either no longer is or was never...

CVE-2022-21540 affecting package openjdk8 1.8.0.332-2

CVE-2022-21540 affecting package openjdk8 1.8.0.332-2. No patch is available...

CVE-2022-4450 affecting package cloud-hypervisor 22.0-2

CVE-2022-4450 affecting package cloud-hypervisor 22.0-2. This CVE either no longer is or was never...

CVE-2022-21624 affecting package openjdk8 1.8.0.332-2

CVE-2022-21624 affecting package openjdk8 1.8.0.332-2. No patch is available...

CVE-2022-27664 affecting package golang 1.17.13-2

CVE-2022-27664 affecting package golang 1.17.13-2. No patch is available...

CVE-2021-41495 affecting package numpy 1.16.6-2

CVE-2021-41495 affecting package numpy 1.16.6-2. No patch is available...

CVE-2020-8563 affecting package kubernetes-1.18.19 1.18.19-2

CVE-2020-8563 affecting package kubernetes-1.18.19 1.18.19-2. No patch is available...

CVE-2018-25032 affecting package openjdk8 for versions less than 1.8.0.332-2

CVE-2018-25032 affecting package openjdk8 for versions less than 1.8.0.332-2. A patched version of the package is...

CVE-2022-41722 affecting package golang 1.17.13-2

CVE-2022-41722 affecting package golang 1.17.13-2. No patch is available...

CVE-2022-41724 affecting package golang 1.17.13-2

CVE-2022-41724 affecting package golang 1.17.13-2. No patch is available...

CVE-2022-43410 affecting package mercurial 5.4-2

CVE-2022-43410 affecting package mercurial 5.4-2. No patch is available...

CVE-2022-21626 affecting package openjdk8 1.8.0.332-2

CVE-2022-21626 affecting package openjdk8 1.8.0.332-2. No patch is available...

CVE-2023-44487 affecting package prometheus-adapter for versions less than 0.10.0-2

CVE-2023-44487 affecting package prometheus-adapter for versions less than 0.10.0-2. A patched version of the package is...

CVE-2023-44487 affecting package kata-containers-cc for versions less than 0.6.1-2

CVE-2023-44487 affecting package kata-containers-cc for versions less than 0.6.1-2. A patched version of the package is...

CVE-2023-48795 affecting package nmap for versions less than 7.93-2

CVE-2023-48795 affecting package nmap for versions less than 7.93-2. A patched version of the package is...

CVE-2023-39325 affecting package golang for versions less than 1.20.7-2

CVE-2023-39325 affecting package golang for versions less than 1.20.7-2. A patched version of the package is...

CVE-2023-45853 affecting package cloud-hypervisor for versions less than 32.0-2

CVE-2023-45853 affecting package cloud-hypervisor for versions less than 32.0-2. A patched version of the package is...

CVE-2024-3123 CHANGING Mobile One Time Password - Arbitrary File Upload

CHANGING Mobile One Time Password's uploading function in a hidden page does not filter file type properly. Remote attackers with administrator privilege can exploit this vulnerability to upload and run malicious file to execute system...

CVE-2024-3122 CHANGING Mobile One Time Password - Arbitrary File Reading

CHANGING Mobile One Time Password does not properly filter parameters for the file download functionality, allowing remote attackers with administrator privilege to read arbitrary file on the...

Exploit for Improper Preservation of Permissions in Mobyproject Moby

CVE-2021-41091 This exploit offers an in-depth look at the...

Fedora 40 : mingw-poppler (2024-94068499c9)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-94068499c9 advisory. Backport fix for CVE-2024-6239. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

tryton-server - security update

Bulletin has no...

Exploit for Code Injection in Apache Rocketmq

CVE-2023-33246-mitigation This project is a Maven-based...

FreeBSD : electron29 -- multiple vulnerabilities (0e73964d-053a-481a-bf1c-202948d68484)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 0e73964d-053a-481a-bf1c-202948d68484 advisory. Electron developers report: This update fixes the following vulnerabilities: Tenable has...

FreeBSD : frr - Multiple vulnerabilities (07f0ea8c-356a-11ef-ac6d-a0423f48a938)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 07f0ea8c-356a-11ef-ac6d-a0423f48a938 advisory. [email protected] reports: In FRRouting (FRR) through 9.1, there are multiples vulnerabilities. ...

Exploit for CVE-2024-34102

🚨 CVE-2024-34102 Exploit Script 🚨 Description This...

CVE-2024-37371

In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length...

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Open Container Initiative runc

Summary Multiple vulnerabilities in Open Container Initiative runc used by IBM InfoSphere Information Server were addressed. Vulnerability Details ** CVEID: CVE-2024-21626 DESCRIPTION: **Open Container Initiative runc could allow a remote attacker to bypass security restrictions, caused by an...

CVE-2024-38533

ZKsync Era is a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. There is possible invalid stack access due to the addresses used to access the stack not properly being converted to cells. This issue has been patched in version...

CVE-2024-38533

ZKsync Era is a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. There is possible invalid stack access due to the addresses used to access the stack not properly being converted to cells. This issue has been patched in version...

CVE-2024-37370

In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the...

CVE-2024-38533 ZKsync Era invalid stack addressing conversion

ZKsync Era is a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. There is possible invalid stack access due to the addresses used to access the stack not properly being converted to cells. This issue has been patched in version...

CVE-2024-29040

This repository hosts source code implementing the Trusted Computing Group's (TCG) TPM2 Software Stack (TSS). The JSON Quote Info returned by Fapi_Quote has to be deserialized by Fapi_VerifyQuote to the TPM Structure TPMS_ATTEST. For the field TPM2_GENERATED magic of this structure any number can.....