Delta Electronics Wplsoft, Ispsoft, And Pmsoft Security Vulnerabilities
SDL_ttf: Arbitrary Memory Write
Background SDL_ttf is a wrapper around the FreeType and Harfbuzz libraries, allowing you to use TrueType fonts to render text in SDL applications. Description A vulnerability has been discovered in SDL_ttf. Please review the CVE identifier referenced below for details. Impact SDL_ttf was...
7.8CVSS
7.4AI Score
0.001EPSS
4.4CVSS
7.1AI Score
0.0004EPSS
8.8CVSS
8.8AI Score
0.0004EPSS
5.3CVSS
7.1AI Score
0.0004EPSS
8.8CVSS
8.8AI Score
0.0004EPSS
An issue was discovered in GitLab CE/EE affecting all versions starting from 12.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows for an attacker to cause a denial of service using a crafted OpenAPI...
5.5CVSS
6.4AI Score
0.0004EPSS
nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. There is a missing limit for accepted NTS-KE connections. This allows an unauthenticated remote attacker to crash ntpd-rs when an NTS-KE server is configured. Non NTS-KE server configurations, such...
7.5CVSS
7.2AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix notifier list entry init struct v4l2_async_notifier has several list_head members, but only waiting_list and done_list are initialized. notifier_entry was kept 'zeroed' leading to an uninitialized list_head.....
7.1AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: Revert "xsk: Support redirect to any socket bound to the same umem" This reverts commit 2863d665ea41282379f108e4da6c8a2366ba66db. This patch introduced a potential kernel crash when multiple napi instances redirect to the same...
6.8AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: media: mgb4: Fix double debugfs remove Fixes an error where debugfs_remove_recursive() is called first on a parent directory and then again on a child which causes a kernel panic. [hverkuil: added Fixes/Cc...
6.9AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: io_uring: check for non-NULL file pointer in io_file_can_poll() In earlier kernels, it was possible to trigger a NULL pointer dereference off the forced async preparation path, if no file had been assigned. The trace leading to...
6.9AI Score
0.0004EPSS
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows private job artifacts can be accessed by any...
6.5CVSS
6.5AI Score
0.001EPSS
7.5AI Score
Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2024-1861)
The remote host is missing an update for the Huawei...
7.8CVSS
7.9AI Score
0.0005EPSS
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2024-1856)
The remote host is missing an update for the Huawei...
7.4AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for iSulad (EulerOS-SA-2024-1858)
The remote host is missing an update for the Huawei...
7CVSS
7AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for iSulad (EulerOS-SA-2024-1872)
The remote host is missing an update for the Huawei...
7CVSS
7AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1859)
The remote host is missing an update for the Huawei...
8CVSS
8.2AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for docker-runc (EulerOS-SA-2024-1867)
The remote host is missing an update for the Huawei...
6.3CVSS
6.5AI Score
0.0004EPSS
6.7AI Score
0.0004EPSS
Welotec Industrial Routers Improper Access Control (CVE-2023-1083)
An unauthenticated remote attacker who is aware of a MQTT topic name can send and receive messages, including GET/SET configuration commands, reboot commands and firmware updates. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
9.8CVSS
7.7AI Score
0.001EPSS
GLSA-202407-08 : GNU Emacs, Org Mode: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202407-08 (GNU Emacs, Org Mode: Multiple Vulnerabilities) Multiple vulnerabilities have been discovered in GNU Emacs. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding...
9.8CVSS
7.7AI Score
0.002EPSS
RHEL 8 : libreswan (RHSA-2024:4200)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:4200 advisory. Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both...
7.1AI Score
0.0004EPSS
Debian dla-3852 : ovmf - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3852 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3852-1 [email protected] ...
6.7CVSS
6.6AI Score
0.0004EPSS
OpenSSH: Remote Code Execution
Background OpenSSH is a free application suite consisting of server and clients that replace tools like telnet, rlogin, rcp and ftp with more secure versions offering additional functionality. Description A vulnerability has been discovered in OpenSSH. Please review the CVE identifier referenced...
8.1CVSS
8AI Score
EPSS
The version of OpenSSH installed on the remote host is prior to 9.8. It is, therefore, affected by a vulnerability as referenced in the release-9.8 advisory. This release contains fixes for two security problems, one critical and one minor. 1) Race condition in sshd(8) A critical...
8AI Score
GLSA-202407-04 : Pixman: Heap Buffer Overflow
The remote host is affected by the vulnerability described in GLSA-202407-04 (Pixman: Heap Buffer Overflow) A vulnerability has been discovered in Pixman. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from the...
8.8CVSS
7.4AI Score
0.003EPSS
GLSA-202407-05 : SSSD: Command Injection
The remote host is affected by the vulnerability described in GLSA-202407-05 (SSSD: Command Injection) A vulnerability has been discovered in SSSD. Please review the CVE identifier referenced below for details. Tenable has extracted the preceding description block directly from the Gentoo...
8.8CVSS
7.6AI Score
0.001EPSS
A NumPy Python library is installed on the remote host. Note that Nessus has relied upon on the application's self-reported version...
7.4AI Score
7.4AI Score
7.4AI Score
7.5AI Score
Huawei EulerOS: Security Advisory for docker-runc (EulerOS-SA-2024-1853)
The remote host is missing an update for the Huawei...
6.3CVSS
6.5AI Score
0.0004EPSS
7.8CVSS
7.9AI Score
0.0005EPSS
Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-1855)
The remote host is missing an update for the Huawei...
5.3CVSS
5.6AI Score
0.0005EPSS
7AI Score
0.0004EPSS
7.1AI Score
0.0004EPSS
8.1CVSS
8.2AI Score
0.0004EPSS
6.7AI Score
0.0004EPSS
7.5CVSS
7.2AI Score
0.003EPSS
7.1AI Score
0.0004EPSS
8.8CVSS
7.1AI Score
0.001EPSS
Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2024-1876)
The remote host is missing an update for the Huawei...
6.5CVSS
6.9AI Score
0.003EPSS
7.5AI Score
7.8CVSS
7.9AI Score
0.0005EPSS
5.9CVSS
7.2AI Score
0.002EPSS
6.7CVSS
7.1AI Score
0.0004EPSS
9.8CVSS
7.2AI Score
0.001EPSS
8.1CVSS
7.4AI Score
0.001EPSS
8.1CVSS
7.1AI Score
0.001EPSS