7.5AI Score
7.8CVSS
7.9AI Score
0.0005EPSS
5.9CVSS
7.2AI Score
0.002EPSS
6.7CVSS
7.1AI Score
0.0004EPSS
9.8CVSS
7.2AI Score
0.001EPSS
8.1CVSS
7.4AI Score
0.001EPSS
8.1CVSS
7.1AI Score
0.001EPSS
9CVSS
7.4AI Score
0.087EPSS
5.3CVSS
7.1AI Score
0.002EPSS
7.8CVSS
7.1AI Score
0.001EPSS
6.7AI Score
EPSS
An issue was discovered in GitLab CE/EE affecting all versions starting from 9.2 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, with the processing logic for generating link in dependency files can lead to a regular expression DoS attack on the...
6.5CVSS
6.6AI Score
0.0004EPSS
Debian dla-3854 : tryton-client - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3854 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3854-1 [email protected] ...
7AI Score
adolph_dudu ratio-swiper v0.0.2 was discovered to contain a prototype pollution via the function extendDefaults. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary...
8.2AI Score
EPSS
Splunk Enterprise 9.0.0 < 9.0.10, 9.1.0 < 9.1.5, 9.2.0 < 9.2.2 (SVD-2024-0712)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-0712 advisory. In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and...
5.4CVSS
6.2AI Score
EPSS
Splunk Enterprise 9.0.0 < 9.0.10, 9.1.0 < 9.1.5, 9.2.0 < 9.2.2 (SVD-2024-0713)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-0713 advisory. In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and...
5.4CVSS
6.2AI Score
EPSS
Splunk Enterprise 9.0.0 < 9.0.10, 9.1.0 < 9.1.5, 9.2.0 < 9.2.2 (SVD-2024-0710)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-0710 advisory. In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.2.2403.100, an...
6.5CVSS
7.5AI Score
EPSS
Splunk Enterprise 9.0.0 < 9.0.10, 9.1.0 < 9.1.5, 9.2.0 < 9.2.2 (SVD-2024-0704)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-0704 advisory. In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 on Windows, an authenticated user could execute a specially...
8.8CVSS
7.8AI Score
EPSS
Splunk Enterprise 9.0.0 < 9.0.10, 9.1.0 < 9.1.5, 9.2.0 < 9.2.2 (SVD-2024-0703)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-0703 advisory. In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and...
8CVSS
7.8AI Score
EPSS
K000140222: OpenSSH server vulnerability CVE-2024-6387
Security Advisory Description A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler...
8.1CVSS
6.7AI Score
EPSS
7.4AI Score
Debian dsa-5724 : openssh-client - security update
The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5724 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5724-1 [email protected] ...
8.1CVSS
8.3AI Score
EPSS
Releases Ubuntu 24.04 LTS Ubuntu 23.10 Ubuntu 22.04 LTS Packages openssh - secure shell (SSH) for secure access to remote machines Details It was discovered that OpenSSH incorrectly handled signal management. A remote attacker could use this issue to bypass authentication and remotely access...
8.1CVSS
8.5AI Score
EPSS
7.1AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-1852)
The remote host is missing an update for the Huawei...
7.8CVSS
7.8AI Score
0.001EPSS
6.7AI Score
EPSS
7.8CVSS
8.9AI Score
EPSS
6.5CVSS
7.1AI Score
0.0005EPSS
7.1AI Score
0.0004EPSS
7AI Score
0.0004EPSS
6.7AI Score
0.0004EPSS
7.8CVSS
7.1AI Score
0.0004EPSS
7.2AI Score
0.0004EPSS
8.1CVSS
6.8AI Score
0.002EPSS
Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-1866)
The remote host is missing an update for the Huawei...
7.8CVSS
7.8AI Score
0.001EPSS
A vulnerability in the DNSSEC component of the DNS protocol implementation of the DNS server BIND is related to the algorithmic complexity and unrestricted resource allocation in the creation of a DNS zone. complexity and unrestricted resource allocation when creating a DNS zone. Exploitation of...
7.1AI Score
0.0005EPSS
Apache XML Security for C++ through 2.0.4 implements the XML Signature Syntax and Processing (XMLDsig) specification without protection against an SSRF payload in a KeyInfo element. NOTE: the supplier disputes this CVE Record on the grounds that they are implementing the specification "correctly".....
7.1AI Score
0.0004EPSS
Splunk Enterprise 9.0.0 < 9.0.10, 9.1.0 < 9.1.5, 9.2.0 < 9.2.2 (SVD-2024-0714)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-0714 advisory. In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and...
5.4CVSS
6.2AI Score
EPSS
Android Automotive OS Update Bulletin—July 2024
The Android Automotive OS (AAOS) Update Bulletin contains details of security vulnerabilities affecting the Android Automotive OS platform. The full AAOS update comprises the security patch level of 2024-07-05 or later from the July 2024 Android Security Bulletin in addition to all issues in this.....
8.1AI Score
Splunk Enterprise 9.0.0 < 9.0.10, 9.1.0 < 9.1.5, 9.2.0 < 9.2.2 (SVD-2024-0715)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-0715 advisory. In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and...
5.4CVSS
7AI Score
EPSS
7.1AI Score
0.0004EPSS
Important Photon OS Security Update - PHSA-2024-4.0-0642
Updates of ['openssh'] packages of Photon OS have been...
9.8CVSS
10AI Score
EPSS
[ASA-202407-1] openssh: authentication bypass
Arch Linux Security Advisory ASA-202407-1 Severity: High Date : 2024-07-01 CVE-ID : CVE-2024-6387 Package : openssh Type : authentication bypass Remote : Yes Link : https://security.archlinux.org/AVG-2855 Summary The package openssh before version 9.8p1-1 is vulnerable to authentication...
8.1CVSS
8.1AI Score
EPSS
7.2AI Score
0.0004EPSS
7AI Score
0.0004EPSS
7AI Score
0.0004EPSS
RHEL 8 : pki-core (RHSA-2024:4179)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4179 advisory. The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System. Security Fix(es): * dogtag ca:...
7.5CVSS
7.6AI Score
0.0004EPSS
6.7AI Score
0.0004EPSS
9.8CVSS
7.1AI Score
0.001EPSS
6.7AI Score
0.0004EPSS