Lucene search
K

23 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/06/16 9:17 a.m.14 views

Security Bulletin: IBM Cloud Pak for Data is vulnerable to improper verification of cryptographic signature due to elliptic ( CVE-2024-48949 )

Summary Potential vulnerabilities in elliptic module CVE-2024-48949 has been identified that may affect IBM Cloud Pak for Data. Vulnerability Details CVEID:CVE-2024-48949 DESCRIPTION: The verify function in lib/elliptic/eddsa/index.js in the Elliptic package before 6.5.6 for Node.js omits...

9.1CVSS6.8AI score0.00507EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.5 views

Fedora: Security Advisory (FEDORA-2024-362915851c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.2AI score0.01357EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2024-48949

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The verify function in lib/elliptic/eddsa/index.js in the Elliptic package before 6.5.6 for Node.js omits sig.S.gtesig.eddsa.curve.n || sig.S.isNeg validation...

9.1CVSS7.1AI score0.00507EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.20 views

Security Bulletin: IBM App Connect Enterprise Certified Container Dashboards that use COS S3 storage are vulnerable to denial of service and security restrictions bypass [CVE-2024-48948] [CVE-2024-48949]

Summary Node.js module elliptic is used by IBM App Connect Enterprise Certified Container for signature validation. IBM App Connect Enterprise Certified Container Dashboard operands that use COS S3 storage are vulnerable to denial of service and security restrictions bypass. This bulletin provide...

9.1CVSS6.5AI score0.00556EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2024/11/25 7:44 p.m.35 views

Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.17.0 release

Red Hat OpenShift Dev Spaces 3.17 has been released. All containers have been updated to include feature enhancements, bug fixes and CVE fixes. This includes fixes to Critical CVE-2024-21534. Following the Red Hat Product Security standards this update is rated as having a security impact of...

10CVSS7.1AI score0.09076EPSS
Exploits7References10
RedHat Linux
RedHat Linux
added 2024/11/21 11:23 p.m.30 views

Important: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.8.8 bug fixes and container updates

Red Hat Advanced Cluster Management for Kubernetes 2.8.8 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...

9.1CVSS6.9AI score0.00617EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2024/11/21 9:5 p.m.25 views

Important: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.3.8 bug fixes and container updates

Multicluster Engine for Kubernetes 2.3.8 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.1CVSS6.9AI score0.00617EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.11 views

Fedora 41 : yarnpkg (2024-362915851c)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-362915851c advisory. Update bundled ws CVE-2024-37890 ---- Update bundled elliptic to fix CVE-2024-48949. Tenable has extracted the preceding description block directly...

9.1CVSS7AI score0.01357EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/11/06 8:13 p.m.24 views

Important: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.12.0 security and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.12.0 GA release images are now available, which contain security and bug fixes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detail...

9.1CVSS7AI score0.01956EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2024/10/31 12:0 a.m.15 views

SUSE SLED15: pgadmin4 / pgadmin4-cloud / pgadmin4-desktop / pgadmin4-doc / etc (SUSE-SU-2024:3771-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3771-1 advisory. - CVE-2024-38355: Fixed socket.io: unhandled 'error' event bsc1226967 - CVE-2024-38998: Fixed...

10CVSS7AI score0.09685EPSS
Exploits9References29
OpenVAS
OpenVAS
added 2024/10/30 12:0 a.m.31 views

openSUSE Security Advisory (SUSE-SU-2024:3771-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.5AI score0.09685EPSS
Exploits9References13
OSV
OSV
added 2024/10/29 12:55 p.m.33 views

SUSE-SU-2024:3771-1 Security update for pgadmin4

This update for pgadmin4 fixes the following issues: - CVE-2024-38355: Fixed socket.io: unhandled 'error' event bsc1226967 - CVE-2024-38998: Fixed requirejs: prototype pollution via function config bsc1227248 - CVE-2024-38999: Fixed requirejs: prototype pollution via function s.contexts..configur...

10CVSS6.5AI score0.09685EPSS
Exploits9References21
Tenable Nessus
Tenable Nessus
added 2024/10/29 12:0 a.m.8 views

RHEL 8 : grafana (RHSA-2024:8507)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:8507 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: elliptic: Missing...

9.1CVSS7.4AI score0.00507EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/10/28 9:28 p.m.24 views

Important: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.9.5 bug fixes and container updates

Red Hat Advanced Cluster Management for Kubernetes 2.9.5 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...

9.1CVSS6.9AI score0.00617EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2024/10/24 12:0 a.m.15 views

Fedora: Security Advisory (FEDORA-2024-66b0bdad35)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS9.4AI score0.01357EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/10/17 12:0 a.m.25 views

CBL Mariner 2.0 Security Update: reaper (CVE-2024-48949)

The version of reaper installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-48949 advisory. - The verify function in lib/elliptic/eddsa/index.js in the Elliptic package before 6.5.6 for Node.js omits...

9.1CVSS7.3AI score0.00507EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2024/10/16 12:0 a.m.5 views

python310-pytest-html-4.1.1-2.1 on GA media (moderate)

python310-pytest-html-4.1.1-2.1 on GA media Announcement ID: openSUSE-SU-2024:14403-1 Rating: moderate Cross-References: CVE-2024-48949 CVSS scores: CVE-2024-48949 SUSE : 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N CVE-2024-48949 SUSE : 8.8...

8.8CVSS9.5AI score0.00507EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/10/15 11:32 p.m.29 views

CVE-2024-48949 affecting package reaper for versions less than 3.1.1-13

CVE-2024-48949 affecting package reaper for versions less than 3.1.1-13. A patched version of the package is available...

9.1CVSS9.3AI score0.00507EPSS
Exploits0
Circl
Circl
added 2024/10/10 4:12 a.m.6 views

CVE-2024-48949

creationtimestamp| type| source ---|---|--- 2024-10-10 04:12:14+00:00| seen| https://t.me/cvedetector/7540...

9.1CVSS5.3AI score0.00507EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2024/10/10 3:30 a.m.10 views

0x-relayer-cat (>=0.0.2 <=0.0.10), 0xauth (>=0.0.2 <=0.0.6) +8838 more potentially affected by CVE-2024-48949 via elliptic (>=0.10.2 <=6.5.5)

elliptic NPM version =0.10.2, =0.0.2, =0.0.2, =1.0.6, =0.0.1-beta.1, =1.0.0, =0.1.0, =0.0.92, =0.1.3, =4.2.1, =6.2.1, =6.2.4 and more Source cves: CVE-2024-48949 Source advisory: OSV:GHSA-434G-2637-QMQR...

9.1CVSS7AI score0.00507EPSS
Exploits0
Rows per page
Query Builder