7.5AI Score
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1759)
The remote host is missing an update for the Huawei...
7.5CVSS
6.9AI Score
0.001EPSS
EulerOS 2.0 SP12 : kernel (EulerOS-SA-2024-1741)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() Including...
7.8CVSS
7.8AI Score
EPSS
8.4CVSS
6.7AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1712)
The remote host is missing an update for the Huawei...
7.5CVSS
7.1AI Score
0.05EPSS
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1723)
The remote host is missing an update for the Huawei...
7.5CVSS
7.1AI Score
0.05EPSS
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1736)
The remote host is missing an update for the Huawei...
7.5CVSS
6.9AI Score
0.001EPSS
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1734)
The remote host is missing an update for the Huawei...
8CVSS
7AI Score
EPSS
Huawei EulerOS: Security Advisory for libuv (EulerOS-SA-2024-1717)
The remote host is missing an update for the Huawei...
7.3CVSS
6.7AI Score
0.001EPSS
EulerOS 2.0 SP12 : libuv (EulerOS-SA-2024-1743)
According to the versions of the libuv package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libuv is a multi-platform support library with a focus on asynchronous I/O. The uv_getaddrinfo function in src/unix/getaddrinfo.c (and its...
7.3CVSS
6.5AI Score
0.001EPSS
EulerOS 2.0 SP12 : bind (EulerOS-SA-2024-1736)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect domain; is configured,...
7.5CVSS
7AI Score
0.001EPSS
6.2CVSS
6.7AI Score
0.0005EPSS
8.4CVSS
6.7AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for libuv (EulerOS-SA-2024-1728)
The remote host is missing an update for the Huawei...
7.3CVSS
6.7AI Score
0.001EPSS
8.4CVSS
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: regmap: maple: Fix cache corruption in regcache_maple_drop() When keeping the upper end of a cache block entry, the entry[] array must be indexed by the offset from the base register of the block, i.e. max - mas.index. The code...
7.6AI Score
0.0004EPSS
7.8CVSS
7AI Score
0.001EPSS
In the Linux kernel, the following vulnerability has been resolved: fs/9p: fix uninitialized values during inode evict If an iget fails due to not being able to retrieve information from the server then the inode structure is only partially initialized. When the inode gets evicted, references to...
7AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1735)
The remote host is missing an update for the Huawei...
8CVSS
7AI Score
EPSS
EulerOS 2.0 SP12 : libuv (EulerOS-SA-2024-1766)
According to the versions of the libuv package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libuv is a multi-platform support library with a focus on asynchronous I/O. The uv_getaddrinfo function in src/unix/getaddrinfo.c (and its...
7.3CVSS
6.5AI Score
0.001EPSS
9CVSS
6.7AI Score
0.002EPSS
6.2CVSS
6.7AI Score
0.0005EPSS
EulerOS 2.0 SP12 : bind (EulerOS-SA-2024-1759)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect domain; is configured,...
7.5CVSS
7AI Score
0.001EPSS
7.8CVSS
7.1AI Score
0.001EPSS
Summary This Security Bulletin addresses security vulnerabilities related to HTTP responses that would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting, and possibly obtain sensitive information (CVE-2022-43841, CVE-2024-24795, CVE-2023-38709)....
4CVSS
6.5AI Score
0.0004EPSS
MinIO information disclosure vulnerability
Impact If-Modified-Since If-Unmodified-Since Headers when used with anonymous requests by sending a random object name requests you can figure out if the object exists or not on the server on a specific bucket and also gain access to some amount of information such as Last-Modified (of the...
5.3CVSS
6.2AI Score
0.0004EPSS
MinIO information disclosure vulnerability
Impact If-Modified-Since If-Unmodified-Since Headers when used with anonymous requests by sending a random object name requests you can figure out if the object exists or not on the server on a specific bucket and also gain access to some amount of information such as Last-Modified (of the...
5.3CVSS
6.9AI Score
0.0004EPSS
Protect and Elevate Your DNS with Akamai Shield NS53
Learn how Akamai Shield NS53 can protect your capital investment into on-premises DNS infrastructure and significantly improve...
7.3AI Score
Summary This fix upgrades to Node.js 18.20.3 and Websphere Liberty 24.0.0.5. Node.js is used by all IBM Answer Retrieval for Watson Discovery user interfaces. Websphere Liberty is used by the IBM Answer Retrieval for Watson Discovery swagger microservice. There are two categories of...
7.5CVSS
8.3AI Score
EPSS
(RHSA-2024:3464) Important: glibc security update
The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security...
8.7AI Score
0.0005EPSS
EulerOS Virtualization 2.11.1 : bind (EulerOS-SA-2024-1712)
According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It...
7.5CVSS
7.3AI Score
0.05EPSS
EulerOS Virtualization 2.11.0 : kernel (EulerOS-SA-2024-1735)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation...
8CVSS
7.2AI Score
EPSS
EulerOS Virtualization 2.11.0 : libuv (EulerOS-SA-2024-1728)
According to the versions of the libuv package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libuv is a multi-platform support library with a focus on asynchronous I/O. The uv_getaddrinfo function in...
7.3CVSS
6.5AI Score
0.001EPSS
EulerOS Virtualization 2.11.1 : libuv (EulerOS-SA-2024-1717)
According to the versions of the libuv package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libuv is a multi-platform support library with a focus on asynchronous I/O. The uv_getaddrinfo function in...
7.3CVSS
6.9AI Score
0.001EPSS
EulerOS Virtualization 2.11.0 : bind (EulerOS-SA-2024-1723)
According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It...
7.5CVSS
7.4AI Score
0.05EPSS
EulerOS Virtualization 2.11.1 : kernel (EulerOS-SA-2024-1734)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation...
8CVSS
7.2AI Score
EPSS
RHEL 8 : glibc (RHSA-2024:3464)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3464 advisory. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the...
8.3AI Score
0.0005EPSS
idm:DL1 and idm:client security update
bind-dyndb-ldap custodia ipa [4.9.13-9.0.1] - Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674] [9.4.13-9] - dcerpc: invalidate forest trust intfo cache when filtering out realm domains Resolves: RHEL-28559 - Backport latests test fixes in python3-tests ipatests: add xfail for...
6.8CVSS
6.7AI Score
0.0004EPSS
Summary IBM has released the below fix for IBM Db2® on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data in response to multiple vulnerabilities found in multiple components. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details ** CVEID:...
10CVSS
9.3AI Score
EPSS
MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. If-Modified-Since and If-Unmodified-Since headers when used with anonymous requests by sending a random object name requests can be used to determine if an object exists or not on the server on a...
5.3CVSS
5.1AI Score
0.0004EPSS
MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. If-Modified-Since and If-Unmodified-Since headers when used with anonymous requests by sending a random object name requests can be used to determine if an object exists or not on the server on a...
5.3CVSS
6.5AI Score
0.0004EPSS
MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. If-Modified-Since and If-Unmodified-Since headers when used with anonymous requests by sending a random object name requests can be used to determine if an object exists or not on the server on a...
5.3CVSS
7AI Score
0.0004EPSS
CVE-2024-36107 Information disclosure in minio
MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. If-Modified-Since and If-Unmodified-Since headers when used with anonymous requests by sending a random object name requests can be used to determine if an object exists or not on the server on a...
5.3CVSS
5.1AI Score
0.0004EPSS
7.5CVSS
7.3AI Score
0.013EPSS
(RHSA-2024:3426) Important: varnish:6 security update
Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Security Fix(es): varnish:6: HTTP/2 Broken Window Attack may result in denial of service...
6.8AI Score
0.0004EPSS
(RHSA-2024:3423) Important: glibc security update
The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security...
7.2AI Score
0.0005EPSS
(RHSA-2024:3411) Important: glibc security update
The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security...
7.2AI Score
0.0005EPSS
(RHSA-2024:3392) Important: pcp security update
Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Security Fix(es): pcp:.....
7.2AI Score
0.0004EPSS
Campbell Scientific CSI Web Server
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Campbell Scientific Equipment: CSI Web Server Vulnerabilities: Path Traversal, Weak Encoding for Password 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...
8.1AI Score
0.0004EPSS
silverstripe/framework is vulnerable to Denial Of Service (DoS). The vulnerability is due to missing XML size checks, which allows an attacker to significantly degrade the performance of the site through a Quadratic Blowup...
6.8AI Score