5.6CVSS
5.7AI Score
0.0004EPSS
openSUSE: Security Advisory for openssl (SUSE-SU-2024:2059-1)
The remote host is missing an update for...
6.7AI Score
EPSS
openSUSE: Security Advisory for libaom (SUSE-SU-2024:2056-1)
The remote host is missing an update for...
7.1AI Score
0.0004EPSS
7.3CVSS
7.3AI Score
0.003EPSS
openSUSE 15 Security Update : gdcm (openSUSE-SU-2024:0167-1)
The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2024:0167-1 advisory. - CVE-2024-22373: Fixed out-of-bounds write vulnerability in JPEG2000Codec::DecodeByStreamsCommon (boo#1223398). Tenable has extracted the preceding...
8.1CVSS
7.1AI Score
0.001EPSS
SUSE SLES12 Security Update : python-requests (SUSE-SU-2024:2068-1)
The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2068-1 advisory. - CVE-2024-35195: Fixed cert verification regardless of changes to the value of verify (bsc#1224788). Tenable has extracted the preceding...
5.6CVSS
6.9AI Score
0.0004EPSS
7.3CVSS
7.3AI Score
0.003EPSS
openSUSE: Security Advisory for booth (SUSE-SU-2024:2040-1)
The remote host is missing an update for...
5.9CVSS
5.8AI Score
0.001EPSS
AlmaLinux 9 : firefox (ALSA-2024:3955)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:3955 advisory. * firefox: Use-after-free in networking (CVE-2024-5702) * firefox: Use-after-free in JavaScript object transplant (CVE-2024-5688) * firefox: External...
7.6AI Score
0.0004EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libaom (SUSE-SU-2024:2056-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2056-1 advisory. - CVE-2024-5171: Fixed heap buffer overflow in img_alloc_helper() caused by integer overflow ...
7.5AI Score
0.0004EPSS
SUSE SLES15 / openSUSE 15 Security Update : booth (SUSE-SU-2024:2063-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2063-1 advisory. - CVE-2024-3049: Fixed a vulnerability where a specially crafted hash can lead to invalid HMAC being accepted by Booth server....
5.9CVSS
5.7AI Score
0.001EPSS
8.3CVSS
8.5AI Score
0.0004EPSS
Oracle Linux 8 : container-tools:ol8 (ELSA-2024-3968)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3968 advisory. aardvark-dns [2:1.10.0-1] - update to https://github.com/containers/aardvark-dns/releases/tag/v1.10.0 - Related: Jira:RHEL-2110 [2:1.9.0-1] -...
4.9CVSS
7.5AI Score
0.0005EPSS
[2.17-326.0.9.3] - Forward-port Oracle patches to 2.17-326.3 Reviewed-by: Jose E. Marchesi Oracle history: June-22-2023 Cupertino Miranda - 2.17-326.0.9 - OraBug 35517820 Reworked previous patch for OraBug 35318841 and removed free() of stack allocations. Reviewed-by: Jose E....
6.8AI Score
0.0005EPSS
openSUSE: Security Advisory for booth (SUSE-SU-2024:2042-1)
The remote host is missing an update for...
5.9CVSS
5.8AI Score
0.001EPSS
Ubuntu 22.04 LTS : Linux kernel (HWE) vulnerabilities (USN-6818-4)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6818-4 advisory. Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer...
7.8CVSS
7.2AI Score
0.001EPSS
3.3CVSS
7.1AI Score
0.0004EPSS
SUSE SLED12 / SLES12 Security Update : ntfs-3g_ntfsprogs (SUSE-SU-2024:2074-1)
The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2074-1 advisory. - CVE-2023-52890: Fixed use-after-free in 'ntfs_uppercase_mbs' in unistr.c (bsc#1226007). Tenable has extracted the...
7.2AI Score
0.0004EPSS
Fedora 40 : composer (2024-9ed24c98cd)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-9ed24c98cd advisory. Version 2.7.7 2024-06-10 * Security: Fixed command injection via malicious git branch name (GHSA-47f6-5gq3-vx9c / CVE-2024-35241 ) *...
8.8CVSS
9.3AI Score
0.0004EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : less (SUSE-SU-2024:2060-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:2060-1 advisory. - CVE-2024-32487: Fixed OS command injection via a newline character in the file name. (bsc#1222849) ...
7.5AI Score
0.0004EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaThunderbird (SUSE-SU-2024:2073-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2073-1 advisory. - Update to version 115.12.0 ESR (bsc#1226027) - CVE-2024-5702: Use-after-free in networking -.....
7.7AI Score
0.0004EPSS
openSUSE: Security Advisory for bouncycastle (SUSE-SU-2024:1539-2)
The remote host is missing an update for...
7.1AI Score
0.0004EPSS
openSUSE: Security Advisory for openssl (SUSE-SU-2024:2066-1)
The remote host is missing an update for...
6.7AI Score
EPSS
openSUSE: Security Advisory for python (SUSE-SU-2024:2064-1)
The remote host is missing an update for...
7.5CVSS
7.6AI Score
0.001EPSS
7.8CVSS
7.1AI Score
0.001EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-Authlib (SUSE-SU-2024:2064-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:2064-1 advisory. - Update to version 1.3.1 - CVE-2024-37568: Fixed algorithm confusion with asymmetric public keys....
7.5CVSS
7AI Score
0.001EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaFirefox (SUSE-SU-2024:2061-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2061-1 advisory. - Update to version 115.12.0 ESR (bsc#1226027) - CVE-2024-5702: Use-after-free in networking -.....
7.7AI Score
0.0004EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : bouncycastle (SUSE-SU-2024:1539-2)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1539-2 advisory. Update to version 1.78.1, including fixes for: - CVE-2024-30171: Fixed timing side-channel attacks...
6.6AI Score
0.0004EPSS
7.1AI Score
0.0004EPSS
Ubuntu 20.04 LTS : Git vulnerability (USN-6793-2)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6793-2 advisory. USN-6793-1 fixed vulnerabilities in Git. The CVE-2024-32002 was pending further investigation. This update fixes the problem. Original advisory details: It...
9CVSS
9.6AI Score
0.002EPSS
Oracle Linux 7 : glibc (ELSA-2024-12444)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12444 advisory. [2.17-326.0.9.3] - Forward-port Oracle patches to 2.17-326.3 Reviewed-by: Jose E. Marchesi <[email protected]> Oracle history: ...
9.8CVSS
9.7AI Score
0.009EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : webkit2gtk3 (SUSE-SU-2024:2065-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2065-1 advisory. - Update to version 2.44.2 - CVE-2024-27834: Fixed a vulnerability where an attacker with...
6.9AI Score
0.0004EPSS
openSUSE: Security Advisory for php8 (SUSE-SU-2024:2039-1)
The remote host is missing an update for...
5.3CVSS
5.4AI Score
0.001EPSS
openSUSE: Security Advisory for openssl (SUSE-SU-2024:2051-1)
The remote host is missing an update for...
6.7AI Score
EPSS
openSUSE: Security Advisory for podman (SUSE-SU-2024:2050-1)
The remote host is missing an update for...
8.3CVSS
7.4AI Score
0.0004EPSS
Debian dsa-5716 : chromium - security update
The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5716 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5716-1 [email protected] ...
8.8CVSS
9.7AI Score
0.001EPSS
Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this...
8.8CVSS
0.001EPSS
Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this...
8.8CVSS
7.8AI Score
0.001EPSS
Actiontec WCB6200Q Multipart Boundary Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this...
8.8CVSS
7.8AI Score
0.001EPSS
Actiontec WCB6200Q Multipart Boundary Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this...
8.8CVSS
0.001EPSS
Actiontec WCB6200Q uh_tcp_recv_header Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The...
8.8CVSS
0.001EPSS
Actiontec WCB6200Q uh_tcp_recv_content Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The...
8.8CVSS
7.8AI Score
0.001EPSS
Actiontec WCB6200Q uh_tcp_recv_content Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The...
8.8CVSS
0.001EPSS
USN-6793-1 fixed vulnerabilities in Git. The CVE-2024-32002 was pending further investigation. This update fixes the problem. Original advisory details: It was discovered that Git incorrectly handled certain submodules. An attacker could possibly use this issue to execute arbitrary code. This...
9CVSS
7.6AI Score
0.002EPSS
This High severity Information Disclosure vulnerability was introduced in versions 9.4.0, 9.12.0, and 9.15.0 of Jira Core Data Center. This Information Disclosure vulnerability, with a CVSS Score of 7.4, allows an unauthenticated attacker to view sensitive information via an Information...
7.4CVSS
0.0004EPSS
This High severity Information Disclosure vulnerability was introduced in versions 9.4.0, 9.12.0, and 9.15.0 of Jira Core Data Center. This Information Disclosure vulnerability, with a CVSS Score of 7.4, allows an unauthenticated attacker to view sensitive information via an Information...
7.4CVSS
7.2AI Score
0.0004EPSS
This High severity Information Disclosure vulnerability was introduced in versions 9.4.0, 9.12.0, and 9.15.0 of Jira Core Data Center. This Information Disclosure vulnerability, with a CVSS Score of 7.4, allows an unauthenticated attacker to view sensitive information via an Information...
7.4CVSS
6.4AI Score
0.0004EPSS
This High severity Information Disclosure vulnerability was introduced in versions 9.4.0, 9.12.0, and 9.15.0 of Jira Core Data Center. This Information Disclosure vulnerability, with a CVSS Score of 7.4, allows an unauthenticated attacker to view sensitive information via an Information...
7.4CVSS
0.0004EPSS
Minder affected by denial of service from maliciously configured Git repository
Minder's Git provider is vulnerable to a denial of service from a maliciously configured GitHub repository. The Git provider clones users repositories using the github.com/go-git/go-git/v5 library on these lines:...
5.7CVSS
6.4AI Score
0.0004EPSS
Minder affected by denial of service from maliciously configured Git repository
Minder's Git provider is vulnerable to a denial of service from a maliciously configured GitHub repository. The Git provider clones users repositories using the github.com/go-git/go-git/v5 library on these lines:...
5.7CVSS
6.7AI Score
0.0004EPSS