Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : Ruby vulnerabilities (USN-6838-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6838-1 advisory. It was discovered that Ruby RDoc incorrectly parsed certain YAML files. If a user or automated system were tricked...
8.1AI Score
EPSS
Debian dla-3830 : libvpx-dev - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3830 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3830-1 [email protected] ...
6.6AI Score
0.0004EPSS
Debian dsa-5712 : ffmpeg - security update
The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5712 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5712-1 [email protected] ...
8AI Score
0.0004EPSS
Debian dsa-5713 : libndp-dbg - security update
The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5713 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5713-1 [email protected] ...
8.1CVSS
7.9AI Score
0.0004EPSS
Debian dsa-5711 : thunderbird - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5711 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5711-1 [email protected] ...
7.5AI Score
0.0004EPSS
Debian dla-3828 : atril - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3828 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3828-1 [email protected] ...
9.6CVSS
9.1AI Score
0.005EPSS
Debian dla-3829 : libmilter-dev - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3829 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3829-1 [email protected] ...
5.3CVSS
6.7AI Score
0.002EPSS
Debian dsa-5710 : chromium - security update
The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5710 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5710-1 [email protected] ...
8.8CVSS
9.3AI Score
0.001EPSS
Ubuntu 22.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6821-4)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6821-4 advisory. It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability....
8CVSS
8.2AI Score
0.0004EPSS
Ubuntu 22.04 LTS : Linux kernel (NVIDIA) vulnerabilities (USN-6818-3)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6818-3 advisory. Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer...
7.8CVSS
7.2AI Score
0.001EPSS
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6817-3)
The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6817-3 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer...
7.8CVSS
8.5AI Score
0.0005EPSS
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2019-1)
The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2019-1 advisory. The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes. The following...
9.8CVSS
8.4AI Score
0.005EPSS
Debian dla-3827 : libcolorcorrect5 - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3827 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3827-1 [email protected] ...
6.4AI Score
EPSS
Security Bulletin: AIX is affected by information disclosure due to Python (CVE-2024-28757)
Summary Vulnerability in Python could allow a remote attacker to obtain sensitive information (CVE-2024-28757). Python is used by AIX as part of Ansible node management automation. Vulnerability Details ** CVEID: CVE-2024-28757 DESCRIPTION: **libexpat could allow a remote attacker to obtain...
6.8AI Score
0.0004EPSS
AIX is affected by information disclosure due to Python (CVE-2024-28757)
IBM SECURITY ADVISORY First Issued: Thu Jun 13 15:37:38 CDT 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/python_advisory9.asc Security Bulletin: AIX is affected by information disclosure due to Python (CVE-2024-28757)...
7.3AI Score
0.0004EPSS
Mitsubishi Electric MELSEC-Q/L Series (Update B)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC-Q/L Series Vulnerabilities: Incorrect Pointer Scaling, Integer Overflow or Wraparound 2. RISK EVALUATION Successful exploitation of these vulnerabilities...
9.8CVSS
10AI Score
0.0004EPSS
Mitsubishi Electric Multiple Products (Update G)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: Multiple products Vulnerability: Predictable Exact Value from Previous Values 2. RISK EVALUATION Successful exploitation of this vulnerability could be used to...
9.8CVSS
9.7AI Score
0.006EPSS
Operation Celestial Force employs mobile and desktop malware to target Indian entities
By Gi7w0rm, Asheer Malhotra and Vitor Ventura. Cisco Talos is disclosing a new malware campaign called "Operation Celestial Force" running since at least 2018. It is still active today, employing the use of GravityRAT, an Android-based malware, along with a Windows-based malware loader we track...
7.2AI Score
Debian dla-3826 : cups - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3826 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3826-1 [email protected] ...
4.4CVSS
4.7AI Score
0.0004EPSS
Ubuntu 16.04 LTS / 18.04 LTS : H2 vulnerabilities (USN-6834-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6834-1 advisory. It was discovered that H2 was vulnerable to deserialization of untrusted data. An attacker could possibly use this issue to execute...
9.8CVSS
10AI Score
0.518EPSS
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : VTE vulnerability (USN-6833-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6833-1 advisory. Siddharth Dushantha discovered that VTE incorrectly handled large window resize escape sequences. An attacker could possibly...
7.5AI Score
0.0004EPSS
The vulnerability of the RelinquishDCMInfo() function of the dcm.c component of the ImageMagick console graphic editor is related to memory usage after its release. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data, as well as cause a denial....
7.1CVSS
7.3AI Score
0.001EPSS
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6832-1 advisory. Jingzhou Fu discovered that Virtuoso Open-Source Edition incorrectly handled certain crafted...
7.5CVSS
8.1AI Score
0.001EPSS
Debian dla-3825 : firefox-esr - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3825 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3825-1 [email protected] ...
7.6AI Score
0.0004EPSS
7.4AI Score
0.0004EPSS
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2008-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2008-1 advisory. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were...
9.8CVSS
8.8AI Score
EPSS
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-115.11.1-i686-1_slack15.0.txz: Upgraded. This release contains security fixes and improvements. ...
7.3AI Score
0.0004EPSS
Debian dsa-5709 : firefox-esr - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5709 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5709-1 [email protected] ...
7.2AI Score
0.0004EPSS
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : libndp vulnerability (USN-6830-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6830-1 advisory. It was discovered that libndp incorrectly handled certain malformed IPv6 router advertisement packets. A local attacker could...
8.1CVSS
8AI Score
0.0004EPSS
Slackware Linux 15.0 / current mozilla-thunderbird Multiple Vulnerabilities (SSA:2024-164-01)
The version of mozilla-thunderbird installed on the remote host is prior to 115.11.1 / 127.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-164-01 advisory. New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security...
7.6AI Score
0.0004EPSS
7.5AI Score
0.0004EPSS
Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6819-3)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6819-3 advisory. Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer...
7.8CVSS
7.4AI Score
0.001EPSS
Ubuntu 20.04 LTS / 22.04 LTS : matio vulnerability (USN-6829-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6829-1 advisory. It was discovered that matio incorrectly handled certain malformed files. An attacker could possibly use this issue to cause a denial of service. ...
5.5CVSS
5.7AI Score
0.001EPSS
4.4CVSS
7.5AI Score
0.0004EPSS
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-6831-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6831-1 advisory. It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer dereference vulnerability. A...
7.8CVSS
7.8AI Score
0.0005EPSS
New cups packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/cups-2.4.9-i586-1_slack15.0.txz: Upgraded. This update fixes bugs and a security issue: When starting the cupsd server with a...
4.4CVSS
7.3AI Score
0.0004EPSS
[slackware-security] mozilla-firefox
New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-firefox-115.12.0esr-i686-1_slack15.0.txz: Upgraded. This update contains security fixes and improvements. For...
7AI Score
0.0004EPSS
Update 22.13 for Microsoft Dynamics 365 Business Central (on-premises) 2023 Release Wave 1 (Application Build 22.13.64344, Platform Build 22.0.64336) Overview This update replaces previously released updates. You should always install the latest update. This update also fixes vulnerabilities. For.....
8.8CVSS
8.8AI Score
0.001EPSS
Update 24.1 for Microsoft Dynamics 365 Business Central (on-premises) 2024 Release Wave 1 (Application Build 24.1.19498, Platform Build 24.0.19487) Overview This update replaces previously released updates. You should always install the latest update. This update also fixes vulnerabilities. For...
8.8CVSS
8.9AI Score
0.001EPSS
Azure File Sync Agent v17.3 Release - June 2024 (Security-only update)
Azure File Sync Agent v17.3 Release - June 2024 (Security-only update) This article describes the improvements and issues that are fixed in the Azure File Sync Agent v17.3 release that is dated June 2024. Additionally, this article contains installation instructions for this release. Improvements.....
4.4CVSS
6.7AI Score
0.0005EPSS
Azure File Sync Agent v18.1 Release - June 2024 (Security-only update)
Azure File Sync Agent v18.1 Release - June 2024 (Security-only update) This article describes the improvements and issues that are fixed in the Azure File Sync Agent v18.1 release that is dated June 2024. Additionally, this article contains installation instructions for this release. Improvements.....
4.4CVSS
6.7AI Score
0.0005EPSS
Update 23.7 for Microsoft Dynamics 365 Business Central (on-premises) 2023 Release Wave 2 (Application Build 23.7.18957, Platform Build 23.0.18933) Overview This update replaces previously released updates. You should always install the latest update. This update also fixes vulnerabilities. For...
8.8CVSS
8.8AI Score
0.001EPSS
Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2024-163-01)
The version of mozilla-firefox installed on the remote host is prior to 115.12.0esr / 127.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-163-01 advisory. New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. ...
6.8AI Score
0.0004EPSS
Ubuntu 23.10 : Linux kernel vulnerabilities (USN-6819-2)
The remote Ubuntu 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6819-2 advisory. Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference...
7.8CVSS
8.1AI Score
0.001EPSS
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 : mod_jk vulnerability (USN-6826-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 host has a package installed that is affected by a vulnerability as referenced in the USN-6826-1 advisory. Karl von Randow discovered that mod_jk was vulnerable to an authentication bypass. If the configuration did not...
7.5CVSS
7.2AI Score
0.001EPSS
Debian dsa-5707 : libvlc-bin - security update
The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5707 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5707-1 [email protected] ...
7.3AI Score
Slackware Linux 15.0 / current cups Vulnerability (SSA:2024-163-02)
The version of cups installed on the remote host is prior to 2.4.9. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-163-02 advisory. New cups packages are available for Slackware 15.0 and -current to fix a security issue. Tenable has extracted the preceding description.....
4.4CVSS
4.8AI Score
0.0004EPSS
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6827-1 advisory. It was discovered that LibTIFF incorrectly handled memory when performing certain cropping...
5.5CVSS
8.6AI Score
0.0004EPSS
Ubuntu 22.04 LTS : Linux kernel (NVIDIA) vulnerabilities (USN-6820-2)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6820-2 advisory. It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability....
8CVSS
10AI Score
0.0004EPSS
Debian dsa-5708 : cyrus-admin - security update
The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5708 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5708-1 [email protected] ...
6.5CVSS
6.7AI Score
0.0005EPSS