Ubuntu 20.04 LTS : Linux kernel (Intel IoTG) vulnerabilities (USN-6828-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6828-1 advisory. Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use-...
8CVSS
8.9AI Score
EPSS
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel (AWS) vulnerabilities (USN-6821-3)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6821-3 advisory. It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free...
8CVSS
8.6AI Score
0.0004EPSS
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : MySQL vulnerabilities (USN-6823-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6823-1 advisory. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these...
5.3CVSS
5.6AI Score
0.001EPSS
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 : GIFLIB vulnerabilities (USN-6824-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6824-1 advisory. It was discovered that GIFLIB incorrectly handled certain GIF files. An attacker could possibly use this ...
8.8CVSS
7.8AI Score
0.004EPSS
Ubuntu 24.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6817-2)
The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6817-2 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer...
7.8CVSS
8.9AI Score
0.0005EPSS
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6821-2)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6821-2 advisory. It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free...
8CVSS
8.1AI Score
0.0004EPSS
Ubuntu 22.04 LTS / 23.10 : Node.js vulnerabilities (USN-6822-1)
The remote Ubuntu 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6822-1 advisory. It was discovered that Node.js incorrectly handled certain inputs when it is using the policy mechanism. If a user or an automated system were...
9.8CVSS
8.9AI Score
0.001EPSS
Ubuntu 23.10 : Linux kernel (ARM laptop) vulnerabilities (USN-6818-2)
The remote Ubuntu 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6818-2 advisory. Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference...
7.8CVSS
7.5AI Score
0.001EPSS
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : ADOdb vulnerabilities (USN-6825-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6825-1 advisory. It was discovered that the PDO driver in ADOdb was incorrectly handling string quotes. A remote attacker could...
9.1CVSS
7.4AI Score
0.006EPSS
CVE-2024-4956 POC - CVE-2024–4956 - Nexus Repository Manager...
7.5CVSS
6.8AI Score
0.013EPSS
Check Point Security Gateways Information Disclosure -...
8.6CVSS
8.6AI Score
0.945EPSS
Exploit for Authentication Bypass by Spoofing in Telerik Report Server 2024
Telerik Report Server Authentication Bypass - CVE-2024-4358...
9.8CVSS
9.9AI Score
0.938EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
Exploiting-CVE-2021-44228-Log4Shell-in-a-Banking-Environment...
10CVSS
10AI Score
0.976EPSS
9.8CVSS
10AI Score
0.967EPSS
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6820-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6820-1 advisory. It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free...
8CVSS
8.6AI Score
0.0004EPSS
9.8CVSS
8.1AI Score
0.973EPSS
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-6821-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6821-1 advisory. It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability....
8CVSS
8.8AI Score
0.0004EPSS
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6817-1)
The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6817-1 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer...
7.8CVSS
8.9AI Score
0.0005EPSS
Ubuntu 22.04 LTS / 23.10 : Linux kernel vulnerabilities (USN-6819-1)
The remote Ubuntu 22.04 LTS / 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6819-1 advisory. Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer...
7.8CVSS
8.7AI Score
0.001EPSS
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6816-1)
The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6816-1 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer...
7.8CVSS
8.7AI Score
0.0005EPSS
Fedora: Security Advisory for rust-uu_vdir (FEDORA-2024-40ee18b2e7)
The remote host is missing an update for...
7.5AI Score
Ubuntu 22.04 LTS / 23.10 : Linux kernel vulnerabilities (USN-6818-1)
The remote Ubuntu 22.04 LTS / 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6818-1 advisory. Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer...
7.8CVSS
8.4AI Score
0.001EPSS
New php packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: extra/php81/php81-8.1.29-i586-1_slack15.0.txz: Upgraded. This update fixes bugs and security issues: Bypass of CVE-2012-1823, Argument Injection in...
9.8CVSS
7.7AI Score
0.973EPSS
CVE-2024-28995 SolarWinds Serv-U L Directory Transversal Vulnerability
SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host...
8.6CVSS
6.6AI Score
0.343EPSS
CVE-2024-28995 SolarWinds Serv-U L Directory Transversal Vulnerability
SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host...
8.6CVSS
8.4AI Score
0.343EPSS
Slackware Linux 15.0 / current php81 Multiple Vulnerabilities (SSA:2024-158-01)
The version of php81 installed on the remote host is prior to 8.1.29 / 8.3.8. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-158-01 advisory. New php packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the...
9.8CVSS
8.8AI Score
0.973EPSS
Ubuntu 24.04 LTS : AOM vulnerability (USN-6815-1)
The remote Ubuntu 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6815-1 advisory. Xiantong Hou discovered that AOM did not properly handle certain malformed media files. If an application using AOM opened a specially crafted file, a remote...
8AI Score
0.0004EPSS
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6810-1 advisory. It was discovered that the Hotspot component of OpenJDK 8 incorrectly handled certain exceptions with ...
3.7CVSS
5.6AI Score
0.001EPSS
Ubuntu 20.04 LTS / 22.04 LTS : QEMU regression (USN-6567-2)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6567-2 advisory. USN-6567-1 fixed vulnerabilities QEMU. The fix for CVE-2023-2861 was too restrictive and introduced a behaviour change leading to a regression in...
8.8CVSS
7.8AI Score
0.002EPSS
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 : OpenJDK 17 vulnerabilities (USN-6812-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6812-1 advisory. It was discovered that the Hotspot component of OpenJDK 17 incorrectly handled certain exceptions with specially...
3.7CVSS
5.7AI Score
0.001EPSS
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 : OpenJDK 11 vulnerabilities (USN-6811-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6811-1 advisory. It was discovered that the Hotspot component of OpenJDK 11 incorrectly handled certain exceptions with specially...
3.7CVSS
5.7AI Score
0.001EPSS
8CVSS
8.1AI Score
EPSS
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : OpenJDK 21 vulnerabilities (USN-6813-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6813-1 advisory. It was discovered that the Hotspot component of OpenJDK 21 incorrectly handled certain exceptions with specially crafted long...
3.7CVSS
5.7AI Score
0.001EPSS
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : libvpx vulnerability (USN-6814-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6814-1 advisory. Xiantong Hou discovered that libvpx did not properly handle certain malformed media files. If an application using libvpx...
8AI Score
0.0004EPSS
[slackware-security] Slackware 15.0 kernel
New kernel packages are available for Slackware 15.0 to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/linux-5.15.160/*: Upgraded. These updates fix various bugs and security issues. Be sure to upgrade your initrd after upgrading the kernel...
8CVSS
7.9AI Score
EPSS
Denial of Service via Zip/Decompression Bomb sent over HTTP or gRPC
Summary An unsafe decompression vulnerability allows unauthenticated attackers to crash the collector via excessive memory consumption. Details The OpenTelemetry Collector handles compressed HTTP requests by recognizing the Content-Encoding header, rewriting the HTTP request body, and allowing...
8.2CVSS
8.3AI Score
0.001EPSS
Denial of Service via Zip/Decompression Bomb sent over HTTP or gRPC
Summary An unsafe decompression vulnerability allows unauthenticated attackers to crash the collector via excessive memory consumption. Details The OpenTelemetry Collector handles compressed HTTP requests by recognizing the Content-Encoding header, rewriting the HTTP request body, and allowing...
8.2CVSS
8.3AI Score
0.001EPSS
Security Bulletin: AIX is vulnerable to denial of service due to ISC BIND
Summary UPDATED: (Corrected the affected fileset levels to reflect that bind.rte 7.1.916.2604 and 7.3.916.2601 are vulnerable) Multiple vulnerabilities in ISC BIND could allow a remote attacker to cause a denial of service. AIX uses ISC BIND as part of its DNS functions. Vulnerability Details **...
7.5CVSS
8.1AI Score
0.05EPSS
github.com/huandu/facebook may expose access_token in error message.
github.com/huandu/facebook may expose access_token in error...
3.7CVSS
4.2AI Score
0.0004EPSS
[SECURITY] Fedora 40 Update: qt5-qtscxml-5.15.14-1.fc40
The Qt SCXML module provides functionality to create state machines from SCXM L files. This includes both dynamically creating state machines loading the SCXML file and instantiating states and transitions) and generating a C++ file that has a class implementing the state machine. It also...
6.6AI Score
0.0004EPSS
Debian dsa-5704 : python-pil-doc - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5704 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5704-1 [email protected] ...
8.1CVSS
8.6AI Score
0.001EPSS
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 : Atril vulnerability (USN-6808-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6808-1 advisory. It was discovered that Atril was vulnerable to a path traversal attack. An attacker could possibly use this...
8.5CVSS
7AI Score
0.005EPSS
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : BlueZ vulnerabilities (USN-6809-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6809-1 advisory. It was discovered that BlueZ could be made to dereference invalid memory. An attacker could possibly use this...
5.7CVSS
10AI Score
0.001EPSS
Ubuntu 20.04 LTS : FRR vulnerabilities (USN-6807-1)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6807-1 advisory. It was discovered that FRR incorrectly handled certain network traffic. A remote attacker could possibly use this issue to cause FRR to crash,...
9.8CVSS
8.1AI Score
0.029EPSS
Debian dsa-5706 : libarchive-dev - security update
The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5706 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5706-1 [email protected] ...
7.8CVSS
7.7AI Score
0.001EPSS
Ubuntu 24.04 LTS : unixODBC vulnerability (USN-6715-2)
The remote Ubuntu 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6715-2 advisory. USN-6715-1 fixed a vulnerability in unixODBC. This update provides the corresponding fix for Ubuntu 24.04 LTS. Original advisory details: It was discovered...
7.1CVSS
8AI Score
0.0004EPSS
Debian dsa-5705 : tinyproxy - security update
The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5705 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5705-1 [email protected] ...
9.8CVSS
7AI Score
0.001EPSS
Slackware Linux 15.0 kernel-generic Multiple Vulnerabilities (SSA:2024-157-01)
The version of kernel-generic installed on the remote host is prior to 5.15.160 / 5.15.160_smp. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-157-01 advisory. New kernel packages are available for Slackware 15.0 to fix security issues. Tenable has extracted...
8CVSS
9.8AI Score
EPSS
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6806-1 advisory. Pedro Ribeiro and Vitor Pedreira discovered that the GDK-PixBuf library did not properly handle certain ...
7.8CVSS
7.7AI Score
0.001EPSS
Security Bulletin: AIX is vulnerable to a denial of service due to libxml2 (CVE-2024-25062)
Summary Vulnerability in libxml2 could allow a remote attacker to cause a denial of service (CVE-2024-25062). AIX uses libxml2 as part of its XML parsing functions. Vulnerability Details ** CVEID: CVE-2024-25062 DESCRIPTION: **GNOME libxml2 is vulnerable to a denial of service, caused by a...
7.5CVSS
7.4AI Score
0.0005EPSS