5.3CVSS
7.1AI Score
0.002EPSS
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix crash on racing fsync and size-extending write into prealloc We have been seeing crashes on duplicate keys in btrfs_set_item_key_safe(): BTRFS critical (device vdb): slot 4 key (450 108 8192) new key (450 108 8192) ...
6.9AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add error handle to avoid out-of-bounds if the sdma_v4_0_irq_id_to_seq return -EINVAL, the process should be stop to avoid out-of-bounds read, so directly return...
7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: x86/xen: Drop USERGS_SYSRET64 paravirt call commit afd30525a659ac0ae0904f0cb4a2ca75522c3123 upstream. USERGS_SYSRET64 is used to return from a syscall via SYSRET, but a Xen PV guest will nevertheless use the IRET hypercall, as...
6.8AI Score
0.0004EPSS
Debian dla-3851 : gunicorn - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3851 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3851-1 [email protected] ...
7.5CVSS
6.6AI Score
0.0004EPSS
Improper Certificate Validation vulnerability in LibreOffice "LibreOfficeKit" mode disables TLS certification verification LibreOfficeKit can be used for accessing LibreOffice functionality through C/C++. Typically this is used by third party components to reuse LibreOffice as a library to...
7.1AI Score
0.0004EPSS
Fedora 40 : libreswan (2024-05a6ab143e)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-05a6ab143e advisory. Update to 4.15 for CVE-2024-3652 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...
7.7AI Score
0.0004EPSS
Debian dla-3853 : tryton-server - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3853 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3853-1 [email protected] ...
6.9AI Score
Siemens Automation License Manager Remote Detection
The Siemens Automation License Manager is running on the remote...
7.4AI Score
Debian dla-3854 : tryton-client - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3854 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3854-1 [email protected] ...
7AI Score
Splunk Enterprise 9.0.0 < 9.0.10, 9.1.0 < 9.1.5, 9.2.0 < 9.2.2 (SVD-2024-0713)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-0713 advisory. In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and...
5.4CVSS
6.2AI Score
EPSS
Splunk Enterprise 9.0.0 < 9.0.10, 9.1.0 < 9.1.5, 9.2.0 < 9.2.2 (SVD-2024-0712)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-0712 advisory. In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and...
5.4CVSS
6.2AI Score
EPSS
Splunk Enterprise 9.0.0 < 9.0.10, 9.1.0 < 9.1.5, 9.2.0 < 9.2.2 (SVD-2024-0710)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-0710 advisory. In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.2.2403.100, an...
6.5CVSS
7.5AI Score
EPSS
Splunk Enterprise 9.0.0 < 9.0.10, 9.1.0 < 9.1.5, 9.2.0 < 9.2.2 (SVD-2024-0704)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-0704 advisory. In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 on Windows, an authenticated user could execute a specially...
8.8CVSS
7.8AI Score
EPSS
Splunk Enterprise 9.0.0 < 9.0.10, 9.1.0 < 9.1.5, 9.2.0 < 9.2.2 (SVD-2024-0703)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-0703 advisory. In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and...
8CVSS
7.8AI Score
EPSS
Debian dsa-5724 : openssh-client - security update
The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5724 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5724-1 [email protected] ...
8.1CVSS
8.3AI Score
EPSS
K000140222: OpenSSH server vulnerability CVE-2024-6387
Security Advisory Description A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler...
8.1CVSS
6.7AI Score
EPSS
7.8CVSS
8.9AI Score
EPSS
7.2AI Score
0.0004EPSS
7.1AI Score
0.0004EPSS
6.5CVSS
7.1AI Score
0.0005EPSS
7AI Score
0.0004EPSS
7.8CVSS
7.1AI Score
0.0004EPSS
6.7AI Score
0.0004EPSS
8.1CVSS
6.8AI Score
0.002EPSS
In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Assign ->num before accessing ->hws Commit f316cdff8d67 ("clk: Annotate struct clk_hw_onecell_data with __counted_by") annotated the hws member of 'struct clk_hw_onecell_data' with __counted_by, which informs t...
6.8AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() Syzbot reports a warning as follows: ============================================ WARNING: CPU: 0 PID: 5075 at fs/mbcache.c:419 mb_cache_destroy+0x224/0x290....
6.9AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net/9p: fix uninit-value in p9_client_rpc() Syzbot with the help of KMSAN reported the following error: BUG: KMSAN: uninit-value in trace_9p_client_res include/trace/events/9p.h:146 [inline] BUG: KMSAN: uninit-value in...
6.9AI Score
0.0004EPSS
Apache XML Security for C++ through 2.0.4 implements the XML Signature Syntax and Processing (XMLDsig) specification without protection against an SSRF payload in a KeyInfo element. NOTE: the supplier disputes this CVE Record on the grounds that they are implementing the specification "correctly".....
7.1AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on i_xattr_nid in sanity_check_inode() syzbot reports a kernel bug as below: F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4...
6.8AI Score
0.0004EPSS
GLSA-202407-06 : cryptography: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202407-06 (cryptography: Multiple Vulnerabilities) Multiple vulnerabilities have been discovered in cryptography. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description...
9.1CVSS
7.8AI Score
0.008EPSS
GLSA-202407-03 : Liferea: Remote Code Execution
The remote host is affected by the vulnerability described in GLSA-202407-03 (Liferea: Remote Code Execution) A vulnerability has been discovered in Liferea. Please review the CVE identifier referenced below for details. Tenable has extracted the preceding description block directly from the...
9.8CVSS
7.5AI Score
0.003EPSS
A scikit-learn Python library is installed on the remote host. Note that Nessus has relied upon on the application's self-reported version...
7.4AI Score
Fedora 39 : mingw-gstreamer1 / mingw-gstreamer1-plugins-bad-free / etc (2024-919bc7e512)
The remote Fedora 39 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-919bc7e512 advisory. Update to gstreamer-1.22.9. ---- Backport fix for CVE-2024-0444. Tenable has extracted the preceding description block directly from the Fedora...
7.8CVSS
7.4AI Score
0.0005EPSS
Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-1866)
The remote host is missing an update for the Huawei...
7.8CVSS
7.8AI Score
0.001EPSS
Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2024-1875)
The remote host is missing an update for the Huawei...
7.8CVSS
7.9AI Score
0.0005EPSS
6.7AI Score
EPSS
Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2024-1868)
The remote host is missing an update for the Huawei...
5.5CVSS
5.7AI Score
0.001EPSS
Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-1852)
The remote host is missing an update for the Huawei...
7.8CVSS
7.8AI Score
0.001EPSS
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1864)
The remote host is missing an update for the Huawei...
7.5CVSS
8.1AI Score
0.05EPSS
Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2024-1862)
The remote host is missing an update for the Huawei...
6.5CVSS
6.9AI Score
0.003EPSS
A Horovod Python library is installed on the remote host. Note that Nessus has relied upon on the application's self-reported version...
7.4AI Score
7.3AI Score
Splunk Enterprise 9.0.0 < 9.0.10, 9.1.0 < 9.1.5, 9.2.0 < 9.2.2 (SVD-2024-0715)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-0715 advisory. In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and...
5.4CVSS
7AI Score
EPSS
GLSA-202407-09 : OpenSSH: Remote Code Execution
The remote host is affected by the vulnerability described in GLSA-202407-09 (OpenSSH: Remote Code Execution) A vulnerability has been discovered in OpenSSH. Please review the CVE identifier referenced below for details. Tenable has extracted the preceding description block directly from the...
7.9AI Score
Splunk Enterprise 9.0.0 < 9.0.10, 9.1.0 < 9.1.5, 9.2.0 < 9.2.2 (SVD-2024-0714)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-0714 advisory. In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and...
5.4CVSS
6.2AI Score
EPSS
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-24:04.openssh Security Advisory The FreeBSD Project Topic: OpenSSH pre-authentication remote code execution Category: contrib Module: openssh Announced:...
8.1CVSS
8.5AI Score
EPSS
7.2AI Score
0.0004EPSS
7AI Score
0.0004EPSS
7AI Score
0.0004EPSS