Lucene search
K

9382 matches found

Tenable Nessus
Tenable Nessus
added 2024/12/23 12:0 a.m.12 views

Amazon Linux 2 : gnome-shell (ALAS-2024-2714)

The version of gnome-shell installed on the remote host is prior to 3.28.3-34. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2714 advisory. In GNOME Shell through 45.7, a portal helper can be launched automatically without user confirmation based on network respons...

6.5CVSS6.7AI score0.00299EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/12/23 12:0 a.m.33 views

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-074)

The version of kernel installed on the remote host is prior to 5.10.230-223.885. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2024-074 advisory. In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have...

7.8CVSS6.7AI score0.00333EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2024/12/23 12:0 a.m.13 views

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-075)

The version of kernel installed on the remote host is prior to 5.10.214-202.855. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2024-075 advisory. 2025-01-21: CVE-2024-26878 was added to this advisory. 2025-01-21: CVE-2024-27388 was added to this...

9.8CVSS6.8AI score0.00829EPSS
Exploits0References54
Tenable Nessus
Tenable Nessus
added 2024/12/23 12:0 a.m.13 views

Amazon Linux 2 : python38-pip (ALASPYTHON3.8-2024-017)

The version of python38-pip installed on the remote host is prior to 21.0.1-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2PYTHON3.8-2024-017 advisory. Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is...

5.6CVSS6.5AI score0.0034EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/12/23 12:0 a.m.12 views

Amazon Linux 2 : avahi (ALAS-2024-2704)

The version of avahi installed on the remote host is prior to 0.6.31-20. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2704 advisory. avahi: Avahi Wide-Area DNS Uses Constant Source Port CVE-2024-52615 avahi: Avahi Wide-Area DNS Predictable Transaction IDs...

5.3CVSS6.8AI score0.00681EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/12/23 12:0 a.m.15 views

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2024-089)

The version of kernel installed on the remote host is prior to 5.4.272-185.370. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2024-089 advisory. 2025-01-21: CVE-2024-26851 was added to this advisory. 2025-01-21: CVE-2024-27024 was added to this...

7.8CVSS6.5AI score0.00312EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2024/12/23 12:0 a.m.17 views

Amazon Linux 2 : dovecot (ALAS-2024-2719)

The version of dovecot installed on the remote host is prior to 2.2.36-6. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2719 advisory. Dovecot reports: A DoS is possible with a large number of address headers or abnormally large email headers. CVE-2024-23185 Tenabl...

7.5CVSS7AI score0.01284EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/12/23 12:0 a.m.21 views

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2024-057)

The version of kernel installed on the remote host is prior to 5.15.153-100.162. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2024-057 advisory. 2025-01-21: CVE-2024-27025 was added to this advisory. 2025-01-21: CVE-2024-26901 was added to this...

9.8CVSS6.5AI score0.00829EPSS
Exploits0References50
Tenable Nessus
Tenable Nessus
added 2024/12/23 12:0 a.m.7 views

Amazon Linux 2 : glibc (ALAS-2024-2718)

The version of glibc installed on the remote host is prior to 2.26-64. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2718 advisory. glibc: null pointer dereferences after failed netgroup cache insertion CVE-2024-33600 Tenable has extracted the preceding description...

5.9CVSS6.7AI score0.01216EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/12/23 12:0 a.m.21 views

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2024-076 (ALASKERNEL-5.10-2024-076)

The version of kernel installed on the remote host is prior to 5.10.213-201.855. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2024-076 advisory. A flaw was found in the smb client in the Linux kernel. A potential out-of-bounds error was seen in the...

8CVSS6.9AI score0.00992EPSS
Exploits2References83
Tenable Nessus
Tenable Nessus
added 2024/12/23 12:0 a.m.20 views

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2024-058 (ALASKERNEL-5.15-2024-058)

The version of kernel installed on the remote host is prior to 5.15.152-100.162. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2024-058 advisory. A flaw was found in the smb client in the Linux kernel. A potential out-of-bounds error was seen in the...

8CVSS7.1AI score0.00992EPSS
Exploits2References106
Tenable Nessus
Tenable Nessus
added 2024/12/23 12:0 a.m.25 views

Amazon Linux 2 : expat (ALAS-2024-2710)

The version of expat installed on the remote host is prior to 2.1.0-15. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2710 advisory. An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer. CVE-2024-45490...

9.8CVSS6.9AI score0.01686EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/12/23 12:0 a.m.12 views

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2024-088)

The version of kernel installed on the remote host is prior to 5.4.286-201.385. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2024-088 advisory. In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release...

9.1CVSS6.7AI score0.01367EPSS
Exploits1References10
Amazon
Amazon
added 2024/12/19 12:0 a.m.3 views

Medium: python38-pip

Issue Overview: Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to th...

5.6CVSS6.9AI score0.0034EPSS
Exploits0
Amazon
Amazon
added 2024/12/19 12:0 a.m.6 views

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix potential context UAFs CVE-2023-52913 In the Linux kernel, the following vulnerability has been resolved: dm-crypt, dm-verity: disable tasklets CVE-2024-26718 In the Linux kernel, the following...

7.8CVSS7.1AI score0.00333EPSS
Exploits0
Amazon
Amazon
added 2024/12/19 12:0 a.m.2 views

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes CVE-2024-38538 In the Linux kernel, the following vulnerability has been resolved: iouring: fix possible deadlock in ioregisteriowqmaxworkers...

7.8CVSS7.1AI score0.00333EPSS
Exploits0
Amazon
Amazon
added 2024/12/19 12:0 a.m.16 views

Medium: python-pip

Issue Overview: Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to th...

5.6CVSS6.2AI score0.0034EPSS
Exploits0
Amazon
Amazon
added 2024/12/19 12:0 a.m.15 views

Medium: zziplib

Issue Overview: A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via the zzipfetchdisktrailer function at /zzip/zip.c. CVE-2024-39134 Affected Packages: zziplib Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit th...

7.5CVSS6.3AI score0.00604EPSS
Exploits1
Amazon
Amazon
added 2024/12/19 12:0 a.m.7 views

Medium: NetworkManager-libreswan

Issue Overview: A flaw was found in the libreswan client plugin for NetworkManager NetkworkManager-libreswan, where it fails to properly sanitize the VPN configuration from the local unprivileged user. In this configuration, composed by a key-value format, the plugin fails to escape special...

7.8CVSS8AI score0.00452EPSS
Exploits0
Amazon
Amazon
added 2024/12/19 12:0 a.m.11 views

Medium: vim

Issue Overview: Vim is an improved version of the unix vi text editor. When flushing the typeahead buffer, Vim moves the current position in the typeahead buffer but does not check whether there is enough space left in the buffer to handle the next characters. So this may lead to the tboff positi...

4.5CVSS5.5AI score0.00296EPSS
Exploits0
Rows per page
Query Builder