Lucene search
K

11155 matches found

Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.23 views

RHEL 8 : nasm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nasm: use-after-free in pastetokens in asm/preproc.c CVE-2019-8343 - NASM nasm-2.13.03 nasm- 2.14rc15...

7.6AI score0.05166EPSS
Exploits18References17
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.13 views

RHEL 6 : byacc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - byacc: malloc incorrectly accessing released memory leads to use after free CVE-2021-33641 - When a file ...

7.4AI score0.0027EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.9 views

RHEL 8 : rubygem-asciidoctor (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - rubygem-asciidoctor: Infinite loop in the nextblock method CVE-2018-18385 Note that Nessus has not tested for this...

7.3AI score0.0225EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.18 views

RHEL 6 : libxpm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libXpm: Out-of-bounds write in XPM extension parsing CVE-2016-10164 - A flaw was found in libXpm. When...

7.4AI score0.07528EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.13 views

RHEL 6 : rubygems (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - rubygems: Improper verification of signatures in tarball allows to install mis-signed gem CVE-2018-100007...

8AI score0.29442EPSS
Exploits5References13
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.31 views

RHEL 5 : quagga (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - quagga: VPNv4 NLRI parser memcpys to stack on unchecked length CVE-2016-2342 - quagga: Double free...

8.9AI score0.39045EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.26 views

RHEL 6 : cairo (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cairo: libreoffice slideshow aborts with stack smashing in cairo's compositeboxes CVE-2020-35492 - Intege...

7.5AI score0.03463EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.14 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.22 (SUSE-SU-2024:1587-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1587-1 advisory. Update to go1.22.3: - CVE-2024-24787: cmd/go: arbitrary code execution during build on darwin...

6.4CVSS7.5AI score0.01001EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.39 views

RHEL 7 : golang (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - golang: arbitrary command execution via VCS path CVE-2018-7187 - golang: Command-line arguments may...

10AI score0.63229EPSS
Exploits13References37
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.41 views

RHEL 6 : wireshark (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - wireshark: free operation on an uninitialized memory address in wiretap/netmon.c CVE-2018-6836 - The...

9.3AI score0.16786EPSS
Exploits38References159
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.31 views

RHEL 5 : wireshark (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - wireshark: free operation on an uninitialized memory address in wiretap/netmon.c CVE-2018-6836 - The...

8.3AI score0.0771EPSS
Exploits13References77
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.54 views

RHEL 6 : ncurses (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ncurses: Stack-based buffer overflow caused by format string vulnerability in fmtentry function...

9.4AI score0.04257EPSS
Exploits20References25
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.40 views

RHEL 7 : qpdf (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - qpdf: stack exhaustion in QPDFObjectHandle and QPDFDictionary classes in libqpdf.a CVE-2018-9918 - A...

7.8AI score0.01804EPSS
Exploits7References16
OSV
OSV
added 2024/05/10 2:32 p.m.33 views

RLSA-2024:2549 Moderate: skopeo security and bug fix update

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms...

7.5CVSS7AI score0.01956EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2024/05/10 2:32 p.m.38 views

buildah bug fix update

An update is available for buildah. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The buildah package provides a tool for facilitating building OCI container...

7.5CVSS7.3AI score0.01262EPSS
Exploits0
OSV
OSV
added 2024/05/10 2:32 p.m.23 views

RLSA-2024:2264 Important: edk2 security update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message CVE-2023-45235 EDK2: heap buffer...

8.8CVSS7.4AI score0.05533EPSS
Exploits1References9
Rockylinux
Rockylinux
added 2024/05/10 2:32 p.m.38 views

edk2 security update

An update is available for edk2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list EDK Embedded Development Kit is a project to enable UEFI support for Virtual...

8.8CVSS7.4AI score0.05533EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2024/05/09 12:0 a.m.24 views

CVE-2024-30172

An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key...

6.5AI score0.00753EPSS
Exploits0References2
CVE
CVE
added 2024/05/09 12:0 a.m.3222 views

CVE-2024-30172

CVE-2024-30172 refers to a vulnerability in Bouncy Castle Java Cryptography APIs prior to 1.78 where an Ed25519 verification path can enter an infinite loop when processing a crafted signature and public key. The connected IBM security bulletin confirms the same CVE-ID and recommends upgrading to...

7.5CVSS6.6AI score0.00753EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/08 8:47 p.m.23 views

Security Bulletin: TPF Toolkit is affected by vulnerabilities in the Eclipse IDE and Apache Commons Compress

Summary The org.eclipse.core.runtime component is used by TPF Toolkit as part of the basic platform infrastructure CVE-2023-4218. Additionally, the Apache commons-compress package is used by TPF Toolkit web applications services as part of the code coverage feature CVE-2024-26308, CVE-2024-25710...

8.1CVSS7.1AI score0.00898EPSS
Exploits1Affected Software1
Rows per page
Query Builder