SUSE SLES12 Security Update : libarchive (SUSE-SU-2024:2081-1)
The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2081-1 advisory. - CVE-2024-20696: Fixed heap based out-of-bounds write (bsc#1225971). Tenable has extracted the preceding description block directly from...
7.3CVSS
7.3AI Score
0.003EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gdk-pixbuf (SUSE-SU-2024:2076-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2076-1 advisory. gdk-pixbuf was updated to version 2.42.12: - Security issues fixed: * CVE-2022-48622: Fixed...
7.8CVSS
7.9AI Score
0.001EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : opencc (SUSE-SU-2024:2102-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2102-1 advisory. - CVE-2018-16982: Check offset bounds in BinaryDict::NewFromFile method. (bsc#1108310) Tenable has...
5.5CVSS
7AI Score
0.001EPSS
SUSE SLES15 Security Update : kernel RT (Live Patch 13 for SLE 15 SP5) (SUSE-SU-2024:2101-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2101-1 advisory. This update for the Linux Kernel 5.14.21-150500_13_47 fixes several issues. The following security issues were fixed: - CVE-2024-26852: Fixed...
7.1AI Score
0.0004EPSS
SUSE SLES15 Security Update : podman (SUSE-SU-2024:2090-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2090-1 advisory. - Update to version 4.9.5 - CVE-2024-3727: Fixed a flaw that allowed attackers to trigger unexpected authenticated registry...
8.3CVSS
8.7AI Score
0.0004EPSS
SUSE SLES12 Security Update : libzypp, zypper (SUSE-SU-2024:2080-1)
The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2080-1 advisory. - CVE-2017-9271: Fixed proxy credentials written to log files (bsc#1050625). The following non-security bugs were fixed: - clean: Do not...
3.3CVSS
7.1AI Score
0.0004EPSS
SUSE SLES15 Security Update : libarchive (SUSE-SU-2024:2082-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2082-1 advisory. - CVE-2024-20696: Fixed heap based out-of-bounds write (bsc#1225971). Tenable has extracted the preceding description block directly from...
7.3CVSS
7.2AI Score
0.003EPSS
SUSE SLES15 Security Update : kernel RT (Live Patch 6 for SLE 15 SP5) (SUSE-SU-2024:2096-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:2096-1 advisory. This update for the Linux Kernel 5.14.21-150500_13_21 fixes one issue. The following security issue was fixed: - CVE-2024-26852: Fixed use-after-free...
6.9AI Score
0.0004EPSS
SUSE SLES15 Security Update : kernel RT (Live Patch 10 for SLE 15 SP5) (SUSE-SU-2024:2092-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2092-1 advisory. This update for the Linux Kernel 5.14.21-150500_13_35 fixes several issues. The following security issues were fixed: - CVE-2024-26852: Fixed...
7CVSS
7.7AI Score
EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gdk-pixbuf (SUSE-SU-2024:2077-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2077-1 advisory. gdk-pixbuf was updated to version 2.42.12: - Security issues fixed: * CVE-2022-48622: Fixed heap...
7.8CVSS
8AI Score
0.001EPSS
cmillonario.com Cross Site Scripting vulnerability OBB-3936715
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
copsonic.com Cross Site Scripting vulnerability OBB-3936713
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
supper.paris Cross Site Scripting vulnerability OBB-3936711
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
courbanize.com Cross Site Scripting vulnerability OBB-3936710
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
acappella.com.my Cross Site Scripting vulnerability OBB-3936705
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
antipest.com.my Cross Site Scripting vulnerability OBB-3936704
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
saujanavilla.com Cross Site Scripting vulnerability OBB-3936703
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
bakeroni.com Cross Site Scripting vulnerability OBB-3936702
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
netallianz.com Cross Site Scripting vulnerability OBB-3936701
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
damas-suites.com Cross Site Scripting vulnerability OBB-3936700
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
docs.shinobi.video Cross Site Scripting vulnerability OBB-3936699
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
avkrealestate.com Cross Site Scripting vulnerability OBB-3936697
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
auenland-records.com Cross Site Scripting vulnerability OBB-3936696
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
archetype.co.uk Cross Site Scripting vulnerability OBB-3936694
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
news.kiwistand.com Open Redirect vulnerability OBB-3936693
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
In the Linux kernel, the following vulnerability has been resolved: sch_cake: do not call cake_destroy() from cake_init() qdiscs are not supposed to call their own destroy() method from init(), because core stack already does that. syzbot was able to trigger use after free:...
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: sch_cake: do not call cake_destroy() from cake_init() qdiscs are not supposed to call their own destroy() method from init(), because core stack already does that. syzbot was able to trigger use after free:...
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: sch_cake: do not call cake_destroy() from cake_init() qdiscs are not supposed to call their own destroy() method from init(), because core stack already does that. syzbot was able to trigger use after free: ...
7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix type in min_t to avoid stack OOB Change min_t() to use type "u32" instead of type "int" to avoid stack out of bounds. With min_t() type "int" the values get sign extended and the larger value gets used...
7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() In resp_mode_select() sanity check the block descriptor len to avoid UAF. BUG: KASAN: use-after-free in resp_mode_select+0xa4c/0xb40...
6.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() In resp_mode_select() sanity check the block descriptor len to avoid UAF. BUG: KASAN: use-after-free in resp_mode_select+0xa4c/0xb40...
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() In resp_mode_select() sanity check the block descriptor len to avoid UAF. BUG: KASAN: use-after-free in resp_mode_select+0xa4c/0xb40...
6.9AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix type in min_t to avoid stack OOB Change min_t() to use type "u32" instead of type "int" to avoid stack out of bounds. With min_t() type "int" the values get sign extended and the larger value gets used...
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix type in min_t to avoid stack OOB Change min_t() to use type "u32" instead of type "int" to avoid stack out of bounds. With min_t() type "int" the values get sign extended and the larger value gets used...
0.0004EPSS
UNC3886 Uses Fortinet, VMware 0-Days and Stealth Tactics in Long-Term Spying
The China-nexus cyber espionage actor linked to the zero-day exploitation of security flaws in Fortinet, Ivanti, and VMware devices has been observed utilizing multiple persistence mechanisms in order to maintain unfettered access to compromised environments. "Persistence mechanisms encompassed...
9.8CVSS
8AI Score
0.321EPSS
CVE-2021-47598 sch_cake: do not call cake_destroy() from cake_init()
In the Linux kernel, the following vulnerability has been resolved: sch_cake: do not call cake_destroy() from cake_init() qdiscs are not supposed to call their own destroy() method from init(), because core stack already does that. syzbot was able to trigger use after free:...
0.0004EPSS
CVE-2021-47580 scsi: scsi_debug: Fix type in min_t to avoid stack OOB
In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix type in min_t to avoid stack OOB Change min_t() to use type "u32" instead of type "int" to avoid stack out of bounds. With min_t() type "int" the values get sign extended and the larger value gets used...
0.0004EPSS
CVE-2021-47580 scsi: scsi_debug: Fix type in min_t to avoid stack OOB
In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix type in min_t to avoid stack OOB Change min_t() to use type "u32" instead of type "int" to avoid stack out of bounds. With min_t() type "int" the values get sign extended and the larger value gets used...
6.8AI Score
0.0004EPSS
CVE-2021-47576 scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select()
In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() In resp_mode_select() sanity check the block descriptor len to avoid UAF. BUG: KASAN: use-after-free in resp_mode_select+0xa4c/0xb40...
0.0004EPSS
colormemine.com Cross Site Scripting vulnerability OBB-3936685
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
coachtube.com Cross Site Scripting vulnerability OBB-3936684
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
cloudbooksapp.com Cross Site Scripting vulnerability OBB-3936682
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
epm.first-global.com Cross Site Scripting vulnerability OBB-3936677
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
iltelaiopovolaro.it Cross Site Scripting vulnerability OBB-3936676
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
ilgiornaleditalia.it Cross Site Scripting vulnerability OBB-3936674
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
cornerstone.com Cross Site Scripting vulnerability OBB-3936673
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
contentworld.com Cross Site Scripting vulnerability OBB-3936668
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
hrinfodesk.com Cross Site Scripting vulnerability OBB-3936665
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
htfine-chem.com Cross Site Scripting vulnerability OBB-3936664
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
ophis.fr Cross Site Scripting vulnerability OBB-3936663
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score