Lucene search
K

199 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.16 views

Google Chrome < 134.0.6998.35 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 134.0.6998.35. It is, therefore, affected by multiple vulnerabilities as referenced in the 202503stable-channel-update-for-desktop advisory. - Use after free in Profiles. CVE-2025-1916 - Out of bounds read in V8...

8.8CVSS6.8AI score0.00415EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2024-27031

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: NFS: Fix nfsnetfsissueread xarray locking for writeback interrupt The loop inside...

5.5CVSS5.9AI score0.002EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2021-47385

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hwmon: w83792d Fix NULL pointer dereference by removing unnecessary structure field If driver read val value sufficient for val & 0x08 && !val & 0x80 && val & 0...

5.5CVSS6.7AI score0.00241EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-38606

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: crypto: qat - validate slices count returned by FW The function adfsendadmintlstart enables...

7.1CVSS6.1AI score0.00217EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-47597

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been detected in the function qtdemuxparsesamples within qtdemux.c...

9.1CVSS6.3AI score0.01139EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2017-12985

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6print. CVE-2017-12985 Note that Nessus relies on the presence of the package as...

9.8CVSS7AI score0.03463EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2019-20838

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to...

7.5CVSS7AI score0.0277EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2016-9797

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In BlueZ 5.42, a buffer over-read was observed in l2capdump function in tools/parser/l2cap.c source file. This issue can be triggered by processing a corrupted...

5.3CVSS6.6AI score0.03723EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/02/28 12:0 a.m.5 views

PT-2025-9098 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A crash occurs due to an unknown read issue. The crash involves the chunk obj alloc and pdfi read cff dict functions. Recommendations: At the moment, there is no information about a newer...

6.8AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/02/28 12:0 a.m.6 views

PT-2025-9099 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A crash occurs due to an unknown read issue. The crash state involves functions such as insert free, chunk obj alloc, and pdfi object alloc. Recommendations: At the moment, there is no...

6.8AI score
Exploits0References2
OSV
OSV
added 2025/02/26 8:14 a.m.16 views

AZL-57428 CVE-2025-22869 affecting package kubernetes for versions less than 1.28.4-15

SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...

7.5CVSS6.6AI score0.00868EPSS
Exploits0References1
NVD
NVD
added 2025/02/26 7:0 a.m.8 views

CVE-2022-49107

In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in cephreaddir when notelastdentry returns error Reset the lastreaddir at the same time, and add a comment explaining why we don't free lastreaddir when diremit returns false...

5.5CVSS0.00234EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.8 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-39487)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-39487 advisory. - In the Linux kernel, the following vulnerability has been resolved: bonding: Fix out-of-bounds read in...

7.1CVSS5.9AI score0.0024EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/01/21 12:0 a.m.15 views

Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2025-1124)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS9.6AI score0.01863EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/01/09 12:0 a.m.23 views

Amazon Linux 2 : exiv2 (ALAS-2025-2728)

The version of exiv2 installed on the remote host is prior to 0.27.0-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2728 advisory. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. ...

5.5CVSS5.7AI score0.0024EPSS
Exploits0References6
NVD
NVD
added 2024/12/27 2:15 p.m.11 views

CVE-2024-53190

In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: Drastically reduce the attempts to read efuse in case of failures Syzkaller reported a hung task with ueventshow on stack trace. That specific issue was addressed by another commit 0, but even with that fix applied...

5.5CVSS0.00236EPSS
Exploits0References6
OSV
OSV
added 2024/12/27 1:49 p.m.12 views

CVE-2024-53190 wifi: rtlwifi: Drastically reduce the attempts to read efuse in case of failures

In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: Drastically reduce the attempts to read efuse in case of failures Syzkaller reported a hung task with ueventshow on stack trace. That specific issue was addressed by another commit 0, but even with that fix applied...

5.5CVSS6.1AI score0.00236EPSS
Exploits0References9
CVE
CVE
added 2024/12/11 7:16 p.m.130 views

CVE-2024-47777

CVE-2024-47777 affects GStreamer, specifically the gst_wavparse_smpl_chunk function in gstwavparse.c. The issue is an out-of-bounds read caused by reading 4 bytes from data + 12 without validating the data buffer size, which can lead to accessing memory beyond the buffer. The vulnerability is fix...

9.1CVSS6.5AI score0.01139EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2024/12/11 7:2 p.m.14 views

CVE-2024-47598 GHSL-2024-246: GStreamer has an OOB-read in qtdemux_merge_sample_table

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in the qtdemuxmergesampletable function within qtdemux.c. The problem is that the size of the stts buffer isn’t properly checked before reading sttsduration, allowing the...

5.1CVSS6.5AI score0.00919EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/12/11 7:1 p.m.20 views

CVE-2024-47596 GHSL-2024-244: GStreamer has an OOB-read in FOURCC_SMI_ parsing

GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in the qtdemuxparsesvq3stsddata function within qtdemux.c. In the FOURCCSMI case, seqhsize is read from the input file without proper validation. If seqhsize is greater than the remaining...

5.1CVSS6.6AI score0.01111EPSS
Exploits0References3
Rows per page
Query Builder