MiracleLinux 9 : 389-ds-base-2.4.5-9.el9_4 (AXSA:2024-8654:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8654:07 advisory. 389-ds-base: Malformed userPassword hash may cause Denial of Service CVE-2024-5953 389-ds-base: unauthenticated user can trigger a DoS by sending a...

CVE-2025-6237

A vulnerability in invokeai version v6.0.0a1 and below allows attackers to perform path traversal and arbitrary file deletion via the GET /api/v1/images/download/bulkdownloaditemname endpoint. By manipulating the filename arguments, attackers can read and delete any files on the server, including...

CVE-2025-6237

creationtimestamp| type| source ---|---|--- 2025-09-18 11:12:28+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lz47qvj5bz2j 2025-09-19 09:02:10+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lz6iwsdnx32q...

Fedora: Security Advisory (FEDORA-2024-9cc95d56ce)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data v4.8.7 is vulnerable to multiple Base OS issues

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data v4.8.7 is vulnerable to multiple Base OS issues. We have updated the base image used by our Speech Services and the following vulnerabilities have been addressed. Please read the details for remediation below. Vulnerability...

RockyLinux 9 : edk2 (RLSA-2024:9088)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:9088 advisory. mysql: openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC CVE-2023-6129 openssl: Excessive time spent checking invalid RSA public...

RLSA-2024:9088 Moderate: edk2 security update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: mysql: openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC CVE-2023-6129 openssl: Excessive time spent...

Linux Distros Unpatched Vulnerability : CVE-2024-6237

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the 389 Directory Server. This flaw allows an unauthenticated user to cause a systematic server crash while sending a specific extended sear...

Azure Linux 3.0 Security Update: cloud-hypervisor-cvm / hvloader / nodejs / nodejs18 / openssl (CVE-2023-6237)

The version of cloud-hypervisor-cvm / hvloader / nodejs / nodejs18 / openssl installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-6237 advisory. - Issue summary: Checking excessively long invalid RSA...

CVE-2023-6237 affecting package hvloader for versions less than 1.0.1-6

CVE-2023-6237 affecting package hvloader for versions less than 1.0.1-6. An upgraded version of the package is available that resolves this issue...

Fedora 41 : edk2 (2024-9cc95d56ce)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-9cc95d56ce advisory. Security fix for CVE-2023-6237 openssl: Excessive time spent checking invalid RSA public keys Tenable has extracted the preceding description block...

Moderate: Red Hat Security Advisory: edk2 security update

An update for edk2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

Moderate: edk2 security update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: mysql: openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC CVE-2023-6129 openssl: Excessive time spent...

ALSA-2024:9088 Moderate: edk2 security update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: mysql: openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC CVE-2023-6129 openssl: Excessive time spent...

RHEL 9 : edk2 (RHSA-2024:9088)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:9088 advisory. EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware f...

RHEL 9 : redhat-ds:12 (RHSA-2024:4997)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4997 advisory. Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol...

Fedora: Security Advisory (FEDORA-2024-45df72afc6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 40 : edk2 (2024-45df72afc6)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-45df72afc6 advisory. Security fix for CVE-2023-6237 openssl: Excessive time spent checking invalid RSA public keys Tenable has extracted the preceding description block directly...

CGA-6237-G3CC-R4HF

Bulletin has no description...

Rocky Linux 9 : 389-ds-base (RLSA-2024:5192)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:5192 advisory. 389-ds-base: Malformed userPassword hash may cause Denial of Service CVE-2024-5953 389-ds-base: unauthenticated user can trigger a DoS by sending a...