openSUSE: Security Advisory for mariadb (SUSE-SU-2024:1985-1)
The remote host is missing an update for...
4.9CVSS
5.5AI Score
0.001EPSS
openSUSE: Security Advisory for kernel (SUSE-SU-2024:2005-1)
The remote host is missing an update for...
7.8CVSS
7.7AI Score
0.0004EPSS
openSUSE: Security Advisory for cups (SUSE-SU-2024:2003-1)
The remote host is missing an update for...
4.4CVSS
7.1AI Score
0.0004EPSS
openSUSE: Security Advisory for aws (SUSE-SU-2024:1984-1)
The remote host is missing an update for...
9.8CVSS
9.6AI Score
0.001EPSS
openSUSE: Security Advisory for tiff (SUSE-SU-2024:2028-1)
The remote host is missing an update for...
5.5CVSS
7.1AI Score
0.0004EPSS
Buffer Overflow Vulnerability in libcdio v2.1.0 allows an attacker to execute arbitrary code via a crafted ISO 9660 image...
7.4AI Score
0.0004EPSS
Metasploit Weekly Wrap-Up 06/14/2024
New module content (5) Telerik Report Server Auth Bypass Authors: SinSinology and Spencer McIntyre Type: Auxiliary Pull request: #19242 contributed by zeroSteiner Path: scanner/http/telerik_report_server_auth_bypass AttackerKB reference: CVE-2024-4358 Description: This adds an exploit for...
9.9CVSS
8.2AI Score
0.938EPSS
Directory Traversal vulnerability in Mgt-commerce CloudPanel v.2.0.0 thru v.2.4.0 allows a remote attacker to obtain sensitive information and execute arbitrary code via the service parameter of the load-logfiles...
7.7AI Score
0.0004EPSS
Directory Traversal vulnerability in Mgt-commerce CloudPanel v.2.0.0 thru v.2.4.0 allows a remote attacker to obtain sensitive information and execute arbitrary code via the service parameter of the load-logfiles...
0.0004EPSS
linux-azure, linux-azure-fde vulnerabilities
It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6270) It was discovered that the Atheros...
8CVSS
8.2AI Score
0.0004EPSS
rpm-ostree bug fix and enhancement update
An update is available for rpm-ostree. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The rpm-ostree tool binds together the RPM packaging model with the...
7.4AI Score
podman security and bug fix update
An update is available for podman. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The podman tool manages pods, container images, and containers. It is part of....
4.9CVSS
5.5AI Score
0.0005EPSS
An update is available for nodejs-nodemon, module.nodejs, nodejs, module.nodejs-nodemon, module.nodejs-packaging, nodejs-packaging. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each...
5.3CVSS
5.8AI Score
0.0004EPSS
An update is available for less. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The "less" utility is a text file browser that resembles "more", but allows...
7.3AI Score
0.0004EPSS
rteval bug fix and enhancement update
An update is available for rteval. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8.10....
6.8AI Score
python3.12-pip bug fix and enhancement update
An update is available for python3.12-pip. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
6.8AI Score
pixman bug fix and enhancement update
An update is available for pixman. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8.10....
6.8AI Score
container-tools:rhel8 security update
An update is available for libslirp, module.buildah, module.crun, buildah, fuse-overlayfs, udica, module.oci-seccomp-bpf-hook, module.netavark, module.runc, conmon, module.containers-common, python-podman, module.libslirp, module.aardvark-dns, module.fuse-overlayfs, runc, criu, aardvark-dns,...
8.6CVSS
6AI Score
0.002EPSS
gstreamer1-plugins-bad-free security update
An update is available for gstreamer1-plugins-bad-free. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GStreamer is a streaming media framework based on graphs....
8.8CVSS
8.9AI Score
0.0005EPSS
An update is available for module.pyusb, module.opendnssec, custodia, module.custodia, pyusb, module.python-kdcproxy, module.slapi-nis, opendnssec, python-yubico, slapi-nis, ipa-healthcheck, softhsm, module.python-qrcode, module.softhsm, module.ipa-healthcheck, python-qrcode, module.python-yubico,....
5.3CVSS
6.7AI Score
0.0004EPSS
pki-core:10.6 and pki-deps:10.6 security update
An update is available for module.slf4j, xerces-j2, javassist, xml-commons-resolver, xml-commons-apis, module.jackson-jaxrs-providers, module.xsom, apache-commons-lang, velocity, module.apache-commons-collections, jackson-core, module.stax-ex, module.jackson-core, pki-core,...
7.5CVSS
7.1AI Score
0.002EPSS
gstreamer1-plugins-good security update
An update is available for gstreamer1-plugins-good. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GStreamer is a streaming media framework based on graphs of.....
7.6CVSS
6.9AI Score
0.0005EPSS
gcc-toolset-13-gdb bug fix and enhancement update
An update is available for gcc-toolset-13-gdb. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...
6.8AI Score
An update is available for exempi. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Exempi provides a library for easy parsing of XMP metadata. Security...
6.5CVSS
6.7AI Score
0.001EPSS
An update is available for LibRaw. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list LibRaw is a library for reading RAW files obtained from digital photo cameras....
7.8CVSS
7.1AI Score
0.001EPSS
python39:3.9 and python39-devel:3.9 security update
An update is available for python-pluggy, module.python-iniconfig, module.python-psycopg2, module.python-more-itertools, module.python3x-pip, module.python3x-setuptools, python-requests, python-psutil, numpy, module.python-ply, module.python-psutil, module.python-pycparser, module.python-cffi,...
8.1CVSS
7.1AI Score
0.005EPSS
python39:3.9 and python39-devel:3.9 security update
An update is available for python-pluggy, module.python-iniconfig, module.python-psycopg2, module.python-more-itertools, module.python3x-pip, module.python3x-setuptools, python-requests, python-psutil, numpy, module.python-ply, module.python-psutil, module.python-pycparser, module.python-cffi,...
7.8CVSS
7.7AI Score
EPSS
idm:DL1 and idm:client security update
An update is available for custodia, module.custodia, pyusb, python-qrcode, module.slapi-nis, module.pyusb, module.softhsm, python-jwcrypto, python-kdcproxy, module.opendnssec, module.python-kdcproxy, module.ipa, ipa-healthcheck, softhsm, module.python-jwcrypto, ipa, opendnssec, python-yubico,...
6.8CVSS
6.8AI Score
0.0004EPSS
virt:rhel and virt-devel:rhel security and enhancement update
An update is available for module.swtpm, module.libtpms, module.libnbd, netcf, module.nbdkit, hivex, libiscsi, libtpms, module.sgabios, libguestfs-winsupport, virt-v2v, module.supermin, module.virt-v2v, module.libvirt-dbus, module.qemu-kvm, supermin, swtpm, libvirt-dbus, sgabios, qemu-kvm,...
7CVSS
7.4AI Score
0.002EPSS
virt:rhel and virt-devel:rhel security update
An update is available for module.swtpm, module.libtpms, module.libnbd, netcf, module.nbdkit, hivex, libiscsi, libtpms, module.sgabios, libguestfs-winsupport, virt-v2v, module.supermin, module.virt-v2v, module.libvirt-dbus, module.qemu-kvm, supermin, swtpm, libvirt-dbus, sgabios, qemu-kvm,...
6.2CVSS
6.8AI Score
0.001EPSS
An update is available for python-jinja2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The python-jinja2 package contains Jinja2, a template engine written...
6.1CVSS
6.6AI Score
0.001EPSS
shared-mime-info bug fix and enhancement update
An update is available for shared-mime-info. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky.....
6.8AI Score
An update is available for tuned. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The tuned packages provide a service that tunes system settings according to a....
7.2AI Score
numactl bug fix and enhancement update
An update is available for numactl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux...
6.8AI Score
tuned bug fix and enhancement update
An update is available for tuned. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8.10.....
6.8AI Score
Snipe-IT allows users to promote or demote themselves or other users
Users with "User:edit" and "Self:api" permissions can promote or demote themselves or other users by performing changes to the group's memberships via API call.This issue affects snipe-it: from v4.6.17 through...
7.6CVSS
6.8AI Score
0.0004EPSS
Users with "User:edit" and "Self:api" permissions can promote or demote themselves or other users by performing changes to the group's memberships via API call.This issue affects snipe-it: from v4.6.17 through...
7.6CVSS
6.9AI Score
0.0004EPSS
curl: Denial of Service in curl Request - HTTP headers eat all memory
Summary: Curl's unrestricted header storage lets malicious servers overwhelm memory, leading to out of Memory ( DOS) . When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit on how many....
7AI Score
curl: Incorrect Encoding Conversion in hostname results in indeterminate SSRF vulnerabilities
Summary: Best-Fit is a character mapping strategy designed to resolve the issue when characters in the source code page lack a direct equivalent in the target code page. During the conversion of characters from a Unicode code page to a non-Unicode code page, if a corresponding character cannot be.....
9.8CVSS
7.2AI Score
0.973EPSS
[SECURITY] Fedora 39 Update: cyrus-imapd-3.8.3-1.fc39
The Cyrus IMAP (Internet Message Access Protocol) server provides access to personal mail, system-wide bulletin boards, news-feeds, calendar and contac ts through the IMAP, JMAP, NNTP, CalDAV and CardDAV protocols. The Cyrus IMAP server is a scalable enterprise groupware system designed for use...
6.5CVSS
7.1AI Score
0.0005EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix division by zero in setup_dsc_config When slice_height is 0, the division by slice_height in the calculation of the number of slices will cause a division by zero driver crash. This leaves the kernel in a...
6.4AI Score
0.0004EPSS
[SECURITY] Fedora 40 Update: cyrus-imapd-3.8.3-1.fc40
The Cyrus IMAP (Internet Message Access Protocol) server provides access to personal mail, system-wide bulletin boards, news-feeds, calendar and contac ts through the IMAP, JMAP, NNTP, CalDAV and CardDAV protocols. The Cyrus IMAP server is a scalable enterprise groupware system designed for use...
6.5CVSS
7.1AI Score
0.0005EPSS
Missing Authorization vulnerability in BBS e-Theme BBS e-Popup.This issue affects BBS e-Popup: from n/a through...
6.5CVSS
0.0004EPSS
Missing Authorization vulnerability in BBS e-Theme BBS e-Popup.This issue affects BBS e-Popup: from n/a through...
6.5CVSS
6.5AI Score
0.0004EPSS
Rocky Linux 8 : python39:3.9 and python39-devel:3.9 (RLSA-2024:2985)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2985 advisory. * pypa-setuptools: Regular Expression Denial of Service (ReDoS) in package_index.py (CVE-2022-40897) * python-cryptography: memory corruption via...
8.1CVSS
7.6AI Score
0.005EPSS
SolarWinds Serv-U < 15.4.2 HF 2 Directory Traversal
SolarWinds Serv-U versions prior to 15.4.2 HF 2 is vulnerable to a directory traversal allowing an unauthenticated attacker to access sensitive files via a specially crafted...
7.2AI Score
7.4AI Score
Apple TV < 19K53 Multiple Vulnerabilities (HT212980)
According to its banner, the version of Apple TV on the remote device is prior to 19K53. It is therefore affected by multiple vulnerabilities as described in the...
8.8CVSS
7.2AI Score
0.007EPSS
Rocky Linux 8 : python-jinja2 (RLSA-2024:3102)
The remote Rocky Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2024:3102 advisory. * jinja2: HTML attribute injection when passing user input as keys to xmlattr filter (CVE-2024-22195) Tenable has extracted the preceding description block...
6.1CVSS
6.6AI Score
0.001EPSS
Linux kernel (Azure) vulnerabilities
Releases Ubuntu 22.04 LTS Packages linux-azure - Linux kernel for Microsoft Azure Cloud systems linux-azure-fde - Linux kernel for Microsoft Azure CVM cloud systems Details It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a...
8CVSS
8.4AI Score
0.0004EPSS