9.8CVSS
9.2AI Score
0.245EPSS
Summary IBM has released the below fix for IBM Db2® on Cloud Pak for Data and Db2 Warehouse® on Cloud Pak for Data in response to multiple vulnerabilities found in multiple components. Vulnerability Details ** CVEID: CVE-2023-30447 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes Db2...
8.8CVSS
8.6AI Score
EPSS
[2.34-60.0.3.7] - CVE-2023-4527: Stack read overflow in getaddrinfo in no-aaa mode (#2234716). - CVE-2203-4806: potential use-after-free in getaddrinfo. - CVE-2023-4813: potential use-after-free in gaih_inet. Reviewed by: Jose E....
7.8CVSS
8AI Score
0.014EPSS
Oracle Linux 8 : glibc (ELSA-2023-5455)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-5455 advisory. A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa...
7.8CVSS
7.9AI Score
0.014EPSS
Oracle Linux 9 : glibc (ELSA-2023-5453)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-5453 advisory. A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash....
7.8CVSS
8AI Score
0.014EPSS
[SECURITY] [DLA 3601-1] thunderbird security update
Debian LTS Advisory DLA-3601-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 05, 2023 https://wiki.debian.org/LTS Package : thunderbird Version : 1:115.3.1-1~deb10u1 CVE...
9.8CVSS
9.4AI Score
0.245EPSS
[2.28-225.0.4] - CVE-2023-4911: tunables: Terminate immediately if end of input is reached Reviewed by: Jose E....
7.8CVSS
8AI Score
0.014EPSS
8.8CVSS
9AI Score
EPSS
8.8CVSS
8.8AI Score
0.002EPSS
Oracle Linux 8 : glibc (ELSA-2023-12853)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-12853 advisory. A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could...
7.8CVSS
8.2AI Score
0.014EPSS
9.8CVSS
9.2AI Score
0.245EPSS
Debian DLA-3601-1 : thunderbird - LTS security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3601 advisory. A compromised content process could have provided malicious data in a PathRecording resulting in an out- of-bounds write, leading to a potentially...
9.8CVSS
9AI Score
0.245EPSS
An update is available for glibc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The glibc packages provide the standard C libraries (libc), POSIX thread...
7.8CVSS
7.8AI Score
0.014EPSS
AlmaLinux 8 : glibc (ALSA-2023:5455)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5455 advisory. A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode...
7.8CVSS
8AI Score
0.014EPSS
[2.34-60.0.3] - CVE-2023-4911: tunables: Terminate immediately if end of input is reached Reviewed by: Jose E....
7.8CVSS
8AI Score
0.014EPSS
Oracle Linux 9 : glibc (ELSA-2023-12854)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-12854 advisory. A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could...
7.8CVSS
8.2AI Score
0.014EPSS
Rocky Linux 8 : glibc (RLSA-2023:5455)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:5455 advisory. A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode...
7.8CVSS
8AI Score
0.014EPSS
AlmaLinux 9 : glibc (ALSA-2023:5453)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5453 advisory. A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode...
7.8CVSS
8AI Score
0.014EPSS
jobzentrale-sl-fl.de Cross Site Scripting vulnerability OBB-3722461
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.1AI Score
(RHSA-2023:5476) Important: glibc security update
The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): ....
6.8AI Score
0.014EPSS
(RHSA-2023:5455) Important: glibc security update
The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security...
6.9AI Score
0.014EPSS
(RHSA-2023:5454) Important: glibc security update
The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): ....
8.4AI Score
0.014EPSS
(RHSA-2023:5453) Important: glibc security update
The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security...
6.9AI Score
0.014EPSS
[2.28-225.0.4] - CVE-2023-4911: tunables: Terminate immediately if end of input is reached Reviewed by: Jose E....
7.8CVSS
8AI Score
0.014EPSS
RHEL 9 : glibc (RHSA-2023:5453)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5453 advisory. glibc: Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) glibc: potential use-after-free in getaddrinfo()...
7.8CVSS
8.5AI Score
0.014EPSS
Important: glibc security update
The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): ....
7.8CVSS
7.8AI Score
0.014EPSS
Oracle Linux 9 : glibc (ELSA-2023-12850)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-12850 advisory. A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could...
7.8CVSS
8.2AI Score
0.014EPSS
Important: glibc security update
The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): ....
7.8CVSS
7.8AI Score
0.014EPSS
Oracle Linux 8 : glibc (ELSA-2023-12851)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-12851 advisory. A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could...
7.8CVSS
8.2AI Score
0.014EPSS
RHEL 9 : glibc (RHSA-2023:5454)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5454 advisory. glibc: buffer overflow in ld.so leading to privilege escalation (CVE-2023-4911) Note that Nessus has not tested for this issue but has instead...
7.8CVSS
8.6AI Score
0.014EPSS
[2.34-60.0.3] - CVE-2023-4911: tunables: Terminate immediately if end of input is reached Reviewed by: Jose E....
7.8CVSS
8AI Score
0.014EPSS
RHEL 8 : glibc (RHSA-2023:5455)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5455 advisory. glibc: Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) glibc: potential use-after-free in getaddrinfo()...
7.8CVSS
8.5AI Score
0.014EPSS
RHEL 8 : glibc (RHSA-2023:5476)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5476 advisory. glibc: buffer overflow in ld.so leading to privilege escalation (CVE-2023-4911) Note that Nessus has not tested for this issue but has instead...
7.8CVSS
8.6AI Score
0.014EPSS
No zero address check in PrimeLiquidityProvider.sol:sweepTokens
Lines of code Vulnerability details Impact Possible loss of funds due to sending them to the address(0), the developer's assumption is that safeTransfer is checking for to_ not being the address(0). In reality, it doesn’t implement such a check and we can see from the implementation of the...
7.2AI Score
9.8CVSS
9.2AI Score
0.245EPSS
[SECURITY] [DSA 5513-1] thunderbird security update
Debian Security Advisory DSA-5513-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 03, 2023 https://www.debian.org/security/faq Package : thunderbird CVE ID : CVE-2023-5176 CVE-2023-5171...
9.8CVSS
7.3AI Score
0.001EPSS
Releases Ubuntu 23.04 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages thunderbird - Mozilla Open Source mail and newsgroup client Details Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker...
9.8CVSS
10AI Score
0.245EPSS
Amazon Linux 2023 : compat-libpthread-nonshared, glibc, glibc-all-langpacks (ALAS2023-2023-359)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-359 advisory. A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via...
7.8CVSS
7.9AI Score
0.014EPSS
Ubuntu 20.04 LTS : Firefox vulnerabilities (USN-6404-1)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6404-1 advisory. A compromised content process could have provided malicious data in a PathRecording resulting in an out- of-bounds write, leading to a potentially...
9.8CVSS
9.3AI Score
0.245EPSS
Debian DSA-5513-1 : thunderbird - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5513 advisory. A compromised content process could have provided malicious data in a PathRecording resulting in an out- of-bounds write, leading to a potentially...
9.8CVSS
9.5AI Score
0.001EPSS
Releases Ubuntu 20.04 LTS Packages firefox - Mozilla Open Source web browser Details Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive...
9.8CVSS
9.9AI Score
0.245EPSS
Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : Thunderbird vulnerabilities (USN-6405-1)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6405-1 advisory. During the worker lifecycle, a use-after-free condition could have occured, which could have led to a potentially exploitable crash. This...
9.8CVSS
9.5AI Score
0.245EPSS
8.8CVSS
9.2AI Score
0.245EPSS
8.8CVSS
9.2AI Score
0.245EPSS
9.8CVSS
9.4AI Score
0.001EPSS
[SECURITY] [DLA 3591-1] firefox-esr security update
Debian LTS Advisory DLA-3591-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort September 30, 2023 https://wiki.debian.org/LTS Package : firefox-esr Version : 115.3.1esr-1~deb10u1 CVE...
8.8CVSS
9.5AI Score
0.245EPSS
Debian DSA-5509-1 : firefox-esr - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5509 advisory. Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap...
8.8CVSS
9.3AI Score
0.245EPSS
Debian DLA-3591-1 : firefox-esr - LTS security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3591 advisory. Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap...
8.8CVSS
9.3AI Score
0.245EPSS
[SECURITY] [DSA 5510-1] libvpx security update
Debian Security Advisory DSA-5510-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 29, 2023 https://www.debian.org/security/faq Package : libvpx CVE ID : CVE-2023-5217 Debian Bug :...
8.8CVSS
7.8AI Score
0.245EPSS
[SECURITY] [DSA 5509-1] firefox-esr security update
Debian Security Advisory DSA-5509-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 29, 2023 https://www.debian.org/security/faq Package : firefox-esr CVE ID : CVE-2023-5217 A buffer...
8.8CVSS
9.5AI Score
0.245EPSS