Lucene search

K

VMware Workstation, VMware Fusion Security Vulnerabilities

osv
osv

linux-azure, linux-gke vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. (CVE-2022-38096) Zheng Wang discovered that the...

7.8CVSS

8.3AI Score

0.0005EPSS

2024-06-14 05:24 PM
rocky
rocky

fence-agents security update

An update is available for fence-agents. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The fence-agents packages provide a collection of scripts for handling.....

5.4CVSS

7AI Score

0.0004EPSS

2024-06-14 02:00 PM
1
rocky
rocky

fence-agents security and bug fix update

An update is available for fence-agents. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The fence-agents packages provide a collection of scripts for handling.....

6.1CVSS

6.8AI Score

0.001EPSS

2024-06-14 01:59 PM
1
rocky
rocky

krb5 security update

An update is available for krb5. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kerberos is a network authentication system, which can improve the security of.....

7AI Score

0.0004EPSS

2024-06-14 01:59 PM
nessus
nessus

Rocky Linux 8 : fence-agents (RLSA-2024:2968)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2968 advisory. * urllib3: Request body not stripped after redirect from 303 status changes request method to GET (CVE-2023-45803) * pycryptodome: side-channel...

6.1CVSS

6.1AI Score

0.001EPSS

2024-06-14 12:00 AM
2
nessus
nessus

AlmaLinux 9 : fence-agents (ALSA-2024:3820)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:3820 advisory. * jinja2: accepts keys containing non-attribute characters (CVE-2024-34064) Tenable has extracted the preceding description block directly from the AlmaLinux...

5.4CVSS

5.5AI Score

0.0004EPSS

2024-06-14 12:00 AM
2
nessus
nessus

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6817-3)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6817-3 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer...

7.8CVSS

8.5AI Score

0.0005EPSS

2024-06-14 12:00 AM
nessus
nessus

Rocky Linux 9 : fence-agents (RLSA-2024:3820)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3820 advisory. * jinja2: accepts keys containing non-attribute characters (CVE-2024-34064) Tenable has extracted the preceding description block directly from the Rocky Linux...

5.4CVSS

5.5AI Score

0.0004EPSS

2024-06-14 12:00 AM
1
talosblog
talosblog

Operation Celestial Force employs mobile and desktop malware to target Indian entities

By Gi7w0rm, Asheer Malhotra and Vitor Ventura. Cisco Talos is disclosing a new malware campaign called "Operation Celestial Force" running since at least 2018. It is still active today, employing the use of GravityRAT, an Android-based malware, along with a Windows-based malware loader we track...

7.2AI Score

2024-06-13 10:00 AM
1
ibm
ibm

Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to multiple issues due to VMware Tanzu Spring

Summary There are vulnerabilities in VMware Tanzu Spring Security and Framework used by Integrated Web Services in IBM Sterling Connect:Direct for Microsoft Windows. IBM Sterling Connect:Direct for Microsoft Windows has addressed the applicable CVEs. Vulnerability Details ** CVEID:...

8.2CVSS

7.5AI Score

0.0004EPSS

2024-06-12 09:25 AM
1
githubexploit
githubexploit

Exploit for CVE-2023-11518

POC Recreating CVE 2023-36802 Procedure to Recreate the...

7.5AI Score

EPSS

2024-06-12 06:19 AM
44
githubexploit
githubexploit

Exploit for Use After Free in Microsoft

POC Recreating CVE 2023-36802 Procedure to Recreate the...

7.8CVSS

7.3AI Score

0.001EPSS

2024-06-12 06:19 AM
13
thn
thn

Microsoft Issues Patches for 51 Flaws, Including Critical MSMQ Vulnerability

Microsoft has released security updates to address 51 flaws as part of its Patch Tuesday updates for June 2024. Of the 51 vulnerabilities, one is rated Critical and 50 are rated Important. This is in addition to 17 vulnerabilities resolved in the Chromium-based Edge browser over the past month....

9.8CVSS

8.7AI Score

0.05EPSS

2024-06-12 04:26 AM
37
redhatcve
redhatcve

CVE-2023-52739

In the Linux kernel, the following vulnerability has been resolved: Fix page corruption caused by racy check in __free_pages When we upgraded our kernel, we started seeing some page corruption like the following consistently: BUG: Bad page state in process ganesha.nfsd pfn:1304ca...

7.1AI Score

0.0004EPSS

2024-06-12 12:27 AM
photon
photon

Important Photon OS Security Update - PHSA-2024-5.0-0291

Updates of ['glib'] packages of Photon OS have been...

9.8CVSS

8.2AI Score

0.001EPSS

2024-06-12 12:00 AM
nessus
nessus

RHEL 9 : fence-agents (RHSA-2024:3820)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3820 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or...

5.4CVSS

5.8AI Score

0.0004EPSS

2024-06-12 12:00 AM
1
nessus
nessus

RHEL 8 : fence-agents (RHSA-2024:3811)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3811 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or...

5.4CVSS

5.8AI Score

0.0004EPSS

2024-06-12 12:00 AM
2
nessus
nessus

Oracle Linux 9 : fence-agents (ELSA-2024-3820)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3820 advisory. - bundled jinja2: fix CVE-2024-34064 Resolves: RHEL-36482 Tenable has extracted the preceding description block directly from the Oracle Linux security...

5.4CVSS

5.4AI Score

0.0004EPSS

2024-06-12 12:00 AM
1
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2024:1976-1)

The remote host is missing an update for...

8.8CVSS

7.5AI Score

0.001EPSS

2024-06-12 12:00 AM
ibm
ibm

Security Bulletin: Spring vulnerability in embedded components may affect IBM Business Automation Workflow - CVE-2024-22243

Summary IBM Business Automation Workflow is vulnerable to a open redirect attack. Vulnerability Details ** CVEID: CVE-2024-22243 DESCRIPTION: **VMware Tanzu Spring Framework could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability when using...

8.1CVSS

6.5AI Score

0.0004EPSS

2024-06-11 09:50 AM
ubuntu
ubuntu

Linux kernel (OEM) vulnerabilities

Releases Ubuntu 24.04 LTS Packages linux-oem-6.8 - Linux kernel for OEM systems Details Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this...

7.8CVSS

8.6AI Score

0.0005EPSS

2024-06-11 12:00 AM
1
photon
photon

Important Photon OS Security Update - PHSA-2024-4.0-0628

Updates of ['glib'] packages of Photon OS have been...

9.8CVSS

10AI Score

0.001EPSS

2024-06-11 12:00 AM
1
hp
hp

AMD SPI Lock Bypass June 2024 Security Update

AMD has informed HP of a potential weakness in AMD SPI protection features, which might allow arbitrary code execution. AMD is releasing firmware updates and HP is enabling AMD ROM Armor to mitigate these vulnerabilities. AMD has released updates to mitigate the potential vulnerability. HP has...

8AI Score

EPSS

2024-06-11 12:00 AM
1
nessus
nessus

RHEL 8 : fence-agents (RHSA-2024:3795)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3795 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or...

5.4CVSS

7.3AI Score

0.0004EPSS

2024-06-11 12:00 AM
1
openvas
openvas

Ubuntu: Security Advisory (USN-6817-2)

The remote host is missing an update for...

7.8CVSS

8.8AI Score

0.0005EPSS

2024-06-11 12:00 AM
oraclelinux
oraclelinux

fence-agents security update

[4.10.0-62.3] - bundled jinja2: fix CVE-2024-34064 Resolves: RHEL-36482 [4.10.0-62.2] - fence_eps: add fence_epsr2 for ePowerSwitch R2 and newer Resolves: RHEL-35273 [4.10.0-62.1] - ha-cloud-support: upgrade bundled pyroute2 libs to fix issue in gcp-vpc-move-route's stop-action Resolves:...

5.4CVSS

7.3AI Score

0.0004EPSS

2024-06-11 12:00 AM
3
redos
redos

ROS-20240611-05

The vulnerability of the Zabbix Workstation universal monitoring system server is related to errors in input data processing. of input data. Exploitation of the vulnerability could allow a remote attacker to execute an arbitrary code by injecting a specially crafted SQL query. arbitrary code by...

9.1CVSS

8.4AI Score

0.0004EPSS

2024-06-11 12:00 AM
1
almalinux
almalinux

Moderate: fence-agents security update

The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fix(es): jinja2: accepts keys containing non-attribute characters...

5.4CVSS

7AI Score

0.0004EPSS

2024-06-11 12:00 AM
1
cvelist
cvelist

CVE-2024-22261 SQL Injection in Harbor scan log API

SQL-Injection in Harbor allows priviledge users to leak the task...

2.7CVSS

0.0004EPSS

2024-06-10 11:25 PM
2
vulnrichment
vulnrichment

CVE-2024-22244 Harbor Open Redirect URL

Open Redirect in Harbor <=v2.8.4, <=v2.9.2, and <=v2.10.0 may redirect a user to a malicious...

4.3CVSS

6.8AI Score

0.001EPSS

2024-06-10 11:02 PM
1
cvelist
cvelist

CVE-2024-22244 Harbor Open Redirect URL

Open Redirect in Harbor <=v2.8.4, <=v2.9.2, and <=v2.10.0 may redirect a user to a malicious...

4.3CVSS

0.001EPSS

2024-06-10 11:02 PM
3
cvelist
cvelist

CVE-2024-22279 GoRouter Denial of Service Attack

Improper handling of requests in Routing Release > v0.273.0 and <= v0.297.0 allows an unauthenticated attacker to degrade the service availability of the Cloud Foundry deployment if performed at...

5.9CVSS

0.0005EPSS

2024-06-10 07:47 PM
8
vulnrichment
vulnrichment

CVE-2024-22279 GoRouter Denial of Service Attack

Improper handling of requests in Routing Release > v0.273.0 and <= v0.297.0 allows an unauthenticated attacker to degrade the service availability of the Cloud Foundry deployment if performed at...

5.9CVSS

7AI Score

0.0005EPSS

2024-06-10 07:47 PM
osv
osv

linux-oem-6.8 vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. (CVE-2022-38096) Zheng Wang discovered that the...

7.8CVSS

8.7AI Score

0.0005EPSS

2024-06-10 07:28 PM
2
wallarmlab
wallarmlab

CVE-2024-29849: Veeam discloses Critical Vulnerability that allows attackers to bypass user authentication on its Backup Enterprise Manager web interface

On May 21, 2024, Veeam revealed a severe flaw across its Veeam Backup Enterprise Manager (VBEM) web interface that enables an unauthenticated attacker to log into the web interface as any user. Officially designated as CVE-2024-29849, the vulnerability presents a major threat with a CVSS V3 rating....

9.8CVSS

10AI Score

0.0004EPSS

2024-06-10 04:52 PM
27
openvas
openvas

Ubuntu: Security Advisory (USN-6816-1)

The remote host is missing an update for...

7.8CVSS

8.7AI Score

0.0005EPSS

2024-06-10 12:00 AM
2
openvas
openvas

Ubuntu: Security Advisory (USN-6817-1)

The remote host is missing an update for...

7.8CVSS

8.7AI Score

0.0005EPSS

2024-06-10 12:00 AM
1
hp
hp

HP PC BIOS May 2024 Security Updates for Potential Stack Buffer Overflows

Potential vulnerabilities have been identified in the system BIOS for certain HP PC products, which might allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vulnerabilities. HP has identified affected platforms and corresponding SoftPaqs...

8AI Score

0.0004EPSS

2024-06-10 12:00 AM
3
hp
hp

Intel 2024.2 IPU - BIOS May 2024 Security Update

Intel has informed HP of potential security vulnerabilities in some Intel® Processors, which might allow information disclosure and/or denial of service. Intel is releasing microcode updates to mitigate the potential vulnerabilities. Intel has released updates to mitigate the potential...

4.7CVSS

6.9AI Score

0.0004EPSS

2024-06-10 12:00 AM
nessus
nessus

Ubuntu 24.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6817-2)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6817-2 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer...

7.8CVSS

8.9AI Score

0.0005EPSS

2024-06-10 12:00 AM
1
nessus
nessus

RHEL 7 : bind, bind-dyndb-ldap, and dhcp (RHSA-2024:3741)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3741 advisory. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named);.....

7.5CVSS

7.4AI Score

0.05EPSS

2024-06-10 12:00 AM
veeam
veeam

How to Enable Changed Block Tracking for Guest Cluster on vSphere with Tanzu

Changed Block Tracking is a VMware feature that tracks changes in virtual disks. Veeam Kasten for Kubernetes uses this feature in vSphere with Tanzu Guest Clusters to efficiently backup Persistent...

7AI Score

2024-06-10 12:00 AM
nessus
nessus

RHEL 7 : ipa (RHSA-2024:3760)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3760 advisory. Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and...

8.1CVSS

8.1AI Score

0.0004EPSS

2024-06-10 12:00 AM
osv
osv

linux-aws, linux-gcp vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. (CVE-2022-38096) Zheng Wang discovered that the...

7.8CVSS

8.8AI Score

0.0005EPSS

2024-06-07 06:49 PM
osv
osv

linux, linux-ibm, linux-lowlatency, linux-raspi vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. (CVE-2022-38096) Zheng Wang discovered that the...

7.8CVSS

8AI Score

0.0005EPSS

2024-06-07 06:18 PM
thn
thn

FBI Distributes 7,000 LockBit Ransomware Decryption Keys to Help Victims

The U.S. Federal Bureau of Investigation (FBI) has disclosed that it's in possession of more than 7,000 decryption keys associated with the LockBit ransomware operation to help victims get their data back at no cost. "We are reaching out to known LockBit victims and encouraging anyone who suspects....

7.7AI Score

2024-06-07 07:48 AM
1
photon
photon

Moderate Photon OS Security Update - PHSA-2024-4.0-0625

Updates of ['libvirt'] packages of Photon OS have been...

9.8CVSS

9.6AI Score

0.001EPSS

2024-06-07 12:00 AM
photon
photon

Moderate Photon OS Security Update - PHSA-2024-5.0-0286

Updates of ['libvirt'] packages of Photon OS have been...

9.8CVSS

9.6AI Score

0.001EPSS

2024-06-07 12:00 AM
1
nessus
nessus

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6817-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6817-1 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer...

7.8CVSS

8.9AI Score

0.0005EPSS

2024-06-07 12:00 AM
1
nessus
nessus

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6816-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6816-1 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer...

7.8CVSS

8.7AI Score

0.0005EPSS

2024-06-07 12:00 AM
Total number of security vulnerabilities33696