GLSA-202412-13 : Spidermonkey: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202412-13 Spidermonkey: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in Spidermonkey. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block...

Django 4.x < 4.2.17, 5.0.x < 5.0.10, 5.1.x < 5.1.4 Multiple Vulnerabilities - Linux

Django is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:djangoproject:django"; if descriptio...

PT-2025-3662 · Linux · Linux Kernel

The vulnerable software is the Linux kernel. The issue arose from a regression in the kernel's memory management subsystem, specifically in the handling of write-sealed memfd mappings. The problem was introduced by a commit that moved a check for mapping writability before the shmem mmap hook was...

[SECURITY] [DSA 5818-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5818-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 24, 2024 https://www.debian.org/security/faq -...

Photon OS 3.0: Linux PHSA-2024-3.0-0804

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-3.0-0804. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

UBUNTU-CVE-2024-53071

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Be stricter about IO mapping flags The current panthordevicemmapio implementation has two issues: 1. For mapping DRMPANTHORUSERFLUSHIDMMIOOFFSET, panthordevicemmapio bails if VMWRITE is set, but does not clear...

Oracle Linux 9 : post (ELSA-2024-9243)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-9243 advisory. 2:3.5.25-1 - New version Resolves: RHEL-20023 - Dropped upstreamed patches Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 8 : binutils (ELSA-2024-9689)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-9689 advisory. 2.30-125.0.1 - Forward port Oracle patches from 2.30-125 Reviewed-by: Jose E. Marchesi Oracle history: Tenable has extracted the preceding description block...

GLSA-202411-08 : X.Org X server, XWayland: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202411-08 X.Org X server, XWayland: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in X.Org X server and XWayland. Please review the CVE identifiers referenced below for details. Tenable has extracted the...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python312 (SUSE-SU-2024:3959-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3959-1 advisory. - CVE-2024-9287: Fixed quoted path names provided when creating a virtual environment bsc1232241. Bug...

Photon OS 5.0: Curl PHSA-2024-5.0-0392

An update of the curl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0392. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

GLSA-202411-04 : EditorConfig core C library: arbitrary stack write

The remote host is affected by the vulnerability described in GLSA-202411-04 EditorConfig core C library: arbitrary stack write A vulnerability has been discovered in EditorConfig Core C library. Please review the CVE identifier referenced below for details. Tenable has extracted the preceding...

RHEL 8 : samba (RHSA-2020:3119)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:3119 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allo...

CBL Mariner 2.0 Security Update: qt5-qtbase (CVE-2022-25255)

The version of qt5-qtbase installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-25255 advisory. - In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute ...

SUSE CVE-2024-47703

In the Linux kernel, the following vulnerability has been resolved: bpf, lsm: Add check for BPF LSM return value A bpf prog returning a positive number attached to fileallocsecurity hook makes kernel panic. This happens because file system can not filter out the positive number returned by the LS...

DEBIAN-CVE-2024-47703

In the Linux kernel, the following vulnerability has been resolved: bpf, lsm: Add check for BPF LSM return value A bpf prog returning a positive number attached to fileallocsecurity hook makes kernel panic. This happens because file system can not filter out the positive number returned by the LS...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the mm component not performing LSM security checks in the remapfilepages system call...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a bpf, lsm subsystem BPF LSM return value checking issue...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the drm/amd/display module not performing a null check before checking linkres-hpodplinkenc...

Low: runc

Issue Overview: runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between t...