podman security and bug fix update
An update is available for podman. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The podman tool manages pods, container images, and containers. It is part of....
4.9CVSS
5.5AI Score
0.0005EPSS
An update is available for nodejs-nodemon, module.nodejs, nodejs, module.nodejs-nodemon, module.nodejs-packaging, nodejs-packaging. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each...
5.3CVSS
5.8AI Score
0.0004EPSS
An update is available for less. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The "less" utility is a text file browser that resembles "more", but allows...
7.3AI Score
0.0004EPSS
rteval bug fix and enhancement update
An update is available for rteval. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8.10....
6.8AI Score
pixman bug fix and enhancement update
An update is available for pixman. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8.10....
6.8AI Score
container-tools:rhel8 security update
An update is available for libslirp, module.buildah, module.crun, buildah, fuse-overlayfs, udica, module.oci-seccomp-bpf-hook, module.netavark, module.runc, conmon, module.containers-common, python-podman, module.libslirp, module.aardvark-dns, module.fuse-overlayfs, runc, criu, aardvark-dns,...
8.6CVSS
6AI Score
0.002EPSS
gstreamer1-plugins-bad-free security update
An update is available for gstreamer1-plugins-bad-free. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GStreamer is a streaming media framework based on graphs....
8.8CVSS
8.9AI Score
0.0005EPSS
An update is available for module.pyusb, module.opendnssec, custodia, module.custodia, pyusb, module.python-kdcproxy, module.slapi-nis, opendnssec, python-yubico, slapi-nis, ipa-healthcheck, softhsm, module.python-qrcode, module.softhsm, module.ipa-healthcheck, python-qrcode, module.python-yubico,....
5.3CVSS
6.7AI Score
0.0004EPSS
python3.12-pip bug fix and enhancement update
An update is available for python3.12-pip. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
6.8AI Score
pki-core:10.6 and pki-deps:10.6 security update
An update is available for module.slf4j, xerces-j2, javassist, xml-commons-resolver, xml-commons-apis, module.jackson-jaxrs-providers, module.xsom, apache-commons-lang, velocity, module.apache-commons-collections, jackson-core, module.stax-ex, module.jackson-core, pki-core,...
7.5CVSS
7.1AI Score
0.002EPSS
gstreamer1-plugins-good security update
An update is available for gstreamer1-plugins-good. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GStreamer is a streaming media framework based on graphs of.....
7.6CVSS
6.9AI Score
0.0005EPSS
An update is available for exempi. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Exempi provides a library for easy parsing of XMP metadata. Security...
6.5CVSS
6.7AI Score
0.001EPSS
python39:3.9 and python39-devel:3.9 security update
An update is available for python-pluggy, module.python-iniconfig, module.python-psycopg2, module.python-more-itertools, module.python3x-pip, module.python3x-setuptools, python-requests, python-psutil, numpy, module.python-ply, module.python-psutil, module.python-pycparser, module.python-cffi,...
8.1CVSS
7.1AI Score
0.005EPSS
gcc-toolset-13-gdb bug fix and enhancement update
An update is available for gcc-toolset-13-gdb. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...
6.8AI Score
An update is available for LibRaw. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list LibRaw is a library for reading RAW files obtained from digital photo cameras....
7.8CVSS
7.1AI Score
0.001EPSS
virt:rhel and virt-devel:rhel security update
An update is available for module.swtpm, module.libtpms, module.libnbd, netcf, module.nbdkit, hivex, libiscsi, libtpms, module.sgabios, libguestfs-winsupport, virt-v2v, module.supermin, module.virt-v2v, module.libvirt-dbus, module.qemu-kvm, supermin, swtpm, libvirt-dbus, sgabios, qemu-kvm,...
6.2CVSS
6.8AI Score
0.001EPSS
idm:DL1 and idm:client security update
An update is available for custodia, module.custodia, pyusb, python-qrcode, module.slapi-nis, module.pyusb, module.softhsm, python-jwcrypto, python-kdcproxy, module.opendnssec, module.python-kdcproxy, module.ipa, ipa-healthcheck, softhsm, module.python-jwcrypto, ipa, opendnssec, python-yubico,...
6.8CVSS
6.8AI Score
0.0004EPSS
virt:rhel and virt-devel:rhel security and enhancement update
An update is available for module.swtpm, module.libtpms, module.libnbd, netcf, module.nbdkit, hivex, libiscsi, libtpms, module.sgabios, libguestfs-winsupport, virt-v2v, module.supermin, module.virt-v2v, module.libvirt-dbus, module.qemu-kvm, supermin, swtpm, libvirt-dbus, sgabios, qemu-kvm,...
7CVSS
7.4AI Score
0.002EPSS
python39:3.9 and python39-devel:3.9 security update
An update is available for python-pluggy, module.python-iniconfig, module.python-psycopg2, module.python-more-itertools, module.python3x-pip, module.python3x-setuptools, python-requests, python-psutil, numpy, module.python-ply, module.python-psutil, module.python-pycparser, module.python-cffi,...
7.8CVSS
7.7AI Score
EPSS
An update is available for python-jinja2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The python-jinja2 package contains Jinja2, a template engine written...
6.1CVSS
6.6AI Score
0.001EPSS
shared-mime-info bug fix and enhancement update
An update is available for shared-mime-info. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky.....
6.8AI Score
An update is available for tuned. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The tuned packages provide a service that tunes system settings according to a....
7.2AI Score
numactl bug fix and enhancement update
An update is available for numactl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux...
6.8AI Score
tuned bug fix and enhancement update
An update is available for tuned. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8.10.....
6.8AI Score
Snipe-IT allows users to promote or demote themselves or other users
Users with "User:edit" and "Self:api" permissions can promote or demote themselves or other users by performing changes to the group's memberships via API call.This issue affects snipe-it: from v4.6.17 through...
7.6CVSS
6.8AI Score
0.0004EPSS
Users with "User:edit" and "Self:api" permissions can promote or demote themselves or other users by performing changes to the group's memberships via API call.This issue affects snipe-it: from v4.6.17 through...
7.6CVSS
6.9AI Score
0.0004EPSS
curl: Denial of Service in curl Request - HTTP headers eat all memory
Summary: Curl's unrestricted header storage lets malicious servers overwhelm memory, leading to out of Memory ( DOS) . When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit on how many....
7AI Score
curl: Incorrect Encoding Conversion in hostname results in indeterminate SSRF vulnerabilities
Summary: Best-Fit is a character mapping strategy designed to resolve the issue when characters in the source code page lack a direct equivalent in the target code page. During the conversion of characters from a Unicode code page to a non-Unicode code page, if a corresponding character cannot be.....
9.8CVSS
7.2AI Score
0.973EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix division by zero in setup_dsc_config When slice_height is 0, the division by slice_height in the calculation of the number of slices will cause a division by zero driver crash. This leaves the kernel in a...
6.4AI Score
0.0004EPSS
Missing Authorization vulnerability in BBS e-Theme BBS e-Popup.This issue affects BBS e-Popup: from n/a through...
6.5CVSS
0.0004EPSS
Missing Authorization vulnerability in BBS e-Theme BBS e-Popup.This issue affects BBS e-Popup: from n/a through...
6.5CVSS
6.5AI Score
0.0004EPSS
SolarWinds Serv-U < 15.4.2 HF 2 Directory Traversal
SolarWinds Serv-U versions prior to 15.4.2 HF 2 is vulnerable to a directory traversal allowing an unauthenticated attacker to access sensitive files via a specially crafted...
7.2AI Score
7.4AI Score
Ubuntu 22.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6821-4)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6821-4 advisory. It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability....
8CVSS
8.2AI Score
0.0004EPSS
Directory Traversal vulnerability in Mgt-commerce CloudPanel v.2.0.0 thru v.2.4.0 allows a remote attacker to obtain sensitive information and execute arbitrary code via the service parameter of the load-logfiles...
0.0004EPSS
Rocky Linux 8 : idm:DL1 and idm:client (RLSA-2024:3267)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3267 advisory. * JWCrypto: denail of service Via specifically crafted JWE (CVE-2023-6681) * python-jwcrypto: malicious JWE token can cause denial of service...
6.8CVSS
7AI Score
0.0004EPSS
Rocky Linux 8 : python39:3.9 and python39-devel:3.9 (RLSA-2024:2985)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2985 advisory. * pypa-setuptools: Regular Expression Denial of Service (ReDoS) in package_index.py (CVE-2022-40897) * python-cryptography: memory corruption via...
8.1CVSS
7.6AI Score
0.005EPSS
Rocky Linux 8 : python-jinja2 (RLSA-2024:3102)
The remote Rocky Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2024:3102 advisory. * jinja2: HTML attribute injection when passing user input as keys to xmlattr filter (CVE-2024-22195) Tenable has extracted the preceding description block...
6.1CVSS
6.6AI Score
0.001EPSS
9.8CVSS
7.4AI Score
0.005EPSS
Linux kernel (Azure) vulnerabilities
Releases Ubuntu 22.04 LTS Packages linux-azure - Linux kernel for Microsoft Azure Cloud systems linux-azure-fde - Linux kernel for Microsoft Azure CVM cloud systems Details It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a...
8CVSS
8.4AI Score
0.0004EPSS
Apple TV < 19K53 Multiple Vulnerabilities (HT212980)
According to its banner, the version of Apple TV on the remote device is prior to 19K53. It is therefore affected by multiple vulnerabilities as described in the...
8.8CVSS
7.2AI Score
0.007EPSS
5.5CVSS
7.4AI Score
0.002EPSS
AlmaLinux 9 : podman (ALSA-2024:3826)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:3826 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods....
4.9CVSS
5.9AI Score
0.0005EPSS
7.4AI Score
SUSE SLES12 Security Update : php8 (SUSE-SU-2024:2027-1)
The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2027-1 advisory. - CVE-2024-5458: Fixed an issue that allows to bypass filters in filter_var FILTER_VALIDATE_URL. (bsc#1226073) Tenable has extracted the...
5.3CVSS
9.5AI Score
0.001EPSS
Apple TV < 15.5 Multiple Vulnerabilities (HT213254)
According to its banner, the version of Apple TV on the remote device is prior to 15.5. It is therefore affected by multiple vulnerabilities as described in the...
9.8CVSS
9AI Score
0.016EPSS
7.1AI Score
0.0004EPSS
Rocky Linux 8 : idm:DL1 (RLSA-2024:3044)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3044 advisory. * freeipa: specially crafted HTTP requests potentially lead to denial of service (CVE-2024-1481) Tenable has extracted the preceding description block directly...
5.3CVSS
6.8AI Score
0.0004EPSS
7.4AI Score
9.8CVSS
7.4AI Score
0.919EPSS