Lucene search
K

6423 matches found

Tenable Nessus
Tenable Nessus
added 2023/10/21 12:0 a.m.38 views

AlmaLinux 8 : tomcat (ALSA-2023:5928)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5928 advisory. - The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild ...

7.5CVSS7.2AI score0.99999EPSS
Exploits19References2
Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.41 views

AlmaLinux 8 : python-reportlab (ALSA-2023:5790)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:5790 advisory. - paraparser in ReportLab before 3.5.31 allows remote code execution because startunichar in paraparser.py evaluates untrusted user input in a unichar element in a...

9.8CVSS9.1AI score0.04452EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.58 views

AlmaLinux 8 : nodejs:16 (ALSA-2023:5850)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5850 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description block...

7.5CVSS7.3AI score0.99999EPSS
Exploits19References2
Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.60 views

AlmaLinux 8 : nodejs:18 (ALSA-2023:5869)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5869 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 A AlmaLinux Security Bulletin which addresse...

7.5CVSS7.3AI score0.99999EPSS
Exploits19References5
Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.57 views

AlmaLinux 9 : nodejs:18 (ALSA-2023:5849)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5849 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 nodejs: integrity checks according to polici...

7.5CVSS7.3AI score0.99999EPSS
Exploits19References5
Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.39 views

AlmaLinux 8 : grafana (ALSA-2023:5863)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:5863 advisory. - A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total...

7.5CVSS7.3AI score0.99999EPSS
Exploits19References3
Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.57 views

AlmaLinux 9 : grafana (ALSA-2023:5867)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:5867 advisory. - A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total...

7.5CVSS7.3AI score0.99999EPSS
Exploits19References3
Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.78 views

AlmaLinux 9 : nghttp2 (ALSA-2023:5838)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5838 advisory. - The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild ...

7.5CVSS7.2AI score0.99999EPSS
Exploits19References2
Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.47 views

AlmaLinux 8 : dotnet6.0 (ALSA-2023:5710)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5710 advisory. - The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild ...

7.5CVSS7.2AI score0.99999EPSS
Exploits19References2
Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.72 views

AlmaLinux 8 : nghttp2 (ALSA-2023:5837)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5837 advisory. - The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild ...

7.5CVSS7.2AI score0.99999EPSS
Exploits19References2
AlmaLinux
AlmaLinux
added 2023/10/18 12:0 a.m.34 views

Moderate: java-17-openjdk security and bug fix update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: OpenJDK: memory corruption issue on x8664 with AVX-512 8317121 CVE-2023-22025 OpenJDK: certificate path validation issue during client authentication...

5.3CVSS6AI score0.014EPSS
Exploits0References6
AlmaLinux
AlmaLinux
added 2023/10/18 12:0 a.m.38 views

Moderate: java-11-openjdk security and bug fix update

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixes: OpenJDK: certificate path validation issue during client authentication 8309966 CVE-2023-22081 For more details about the security issues, including the...

5.3CVSS5.8AI score0.014EPSS
Exploits0References4
OSV
OSV
added 2023/10/18 12:0 a.m.44 views

ALSA-2023:5867 Moderate: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 golang: net/http, x/net/http2: rapid stream resets can cause...

7.5CVSS8.2AI score0.99999EPSS
Exploits19References6
AlmaLinux
AlmaLinux
added 2023/10/18 12:0 a.m.93 views

Moderate: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: golang: net/http, x/net/http2: rapid stream resets can cause excessive work CVE-2023-39325 HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS...

7.5CVSS7.5AI score0.99999EPSS
Exploits19References6
AlmaLinux
AlmaLinux
added 2023/10/18 12:0 a.m.85 views

Moderate: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 golang: net/http, x/net/http2: rapid stream resets can cause...

7.5CVSS7.5AI score0.99999EPSS
Exploits19References6
Tenable Nessus
Tenable Nessus
added 2023/10/17 12:0 a.m.77 views

AlmaLinux 9 : curl (ALSA-2023:5763)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5763 advisory. - CVE-2023-38545 is a heap-based buffer overflow vulnerability in the SOCKS5 proxy handshake in libcurl and curl. When curl is given a hostname to pass...

9.8CVSS7.9AI score0.78483EPSS
Exploits6References3
AlmaLinux
AlmaLinux
added 2023/10/17 12:0 a.m.61 views

Important: nodejs security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 A AlmaLinux Security Bulleti...

7.5CVSS6.9AI score0.99999EPSS
Exploits19References4
OSV
OSV
added 2023/10/17 12:0 a.m.50 views

ALSA-2023:5765 Important: nodejs security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 A AlmaLinux Security Bulleti...

7.5CVSS8.3AI score0.99999EPSS
Exploits19References4
Tenable Nessus
Tenable Nessus
added 2023/10/17 12:0 a.m.71 views

AlmaLinux 8 : nginx:1.22 (ALSA-2023:5713)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5713 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description block...

7.5CVSS7.3AI score0.99999EPSS
Exploits19References2
Tenable Nessus
Tenable Nessus
added 2023/10/17 12:0 a.m.53 views

AlmaLinux 8 : dotnet7.0 (ALSA-2023:5709)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5709 advisory. - The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild ...

7.5CVSS7.2AI score0.99999EPSS
Exploits19References2
Rows per page
Query Builder