CBL Mariner 2.0 Security Update: kernel (CVE-2023-6932)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-6932 advisory. - A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local...

CBL Mariner 2.0 Security Update: buildah (CVE-2022-2990)

The version of buildah installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-2990 advisory. - An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitiv...

CBL Mariner 2.0 Security Update: hdf5 (CVE-2024-29158)

The version of hdf5 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-29158 advisory. - HDF5 through 1.14.3 contains a stack buffer overflow in H5FLarrmalloc, resulting in the corruption of the...

CBL Mariner 2.0 Security Update: rpm-ostree / ostree (CVE-2022-47085)

The version of rpm-ostree / ostree installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-47085 advisory. - An issue was discovered in ostree before 2022.7 allows attackers to cause a denial of service o...

CBL Mariner 2.0 Security Update: edk2 / hvloader (CVE-2023-45230)

The version of edk2 / hvloader installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-45230 advisory. - EDK2's Network Package is susceptible to a buffer overflow vulnerability via a long server ID optio...

AlmaLinux 8 : less (ALSA-2024:4256)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:4256 advisory. less: OS command injection CVE-2024-32487 less: missing quoting of shell metacharacters in LESSCLOSE handling CVE-2022-48624 Tenable has extracted the...

CBL Mariner 2.0 Security Update: cloud-hypervisor / edk2 / hvloader / openssl / rust (CVE-2023-0215)

The version of cloud-hypervisor / edk2 / hvloader / openssl / rust installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-0215 advisory. - The public API function BIOnewNDEF is a helper function used for...

Oracle Linux 8 : iperf3 (ELSA-2024-4241)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-4241 advisory. 3.5-10 - Resolves: RHEL-29578 - vulnerable to marvin attack if the authentication option is used 3.5-9 - Resolves: RHEL-17069 - possible denial of...

AlmaLinux 8 : container-tools (ALSA-2024:4246)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4246 advisory. golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON CVE-2024-24786...

CBL Mariner 2.0 Security Update: hdf5 (CVE-2024-29159)

The version of hdf5 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-29159 advisory. - HDF5 through 1.14.3 contains a buffer overflow in H5Zfilterscaleoffset, resulting in the corruption of the...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-1086)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-1086 advisory. - A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achiev...

CBL Mariner 2.0 Security Update: telegraf (CVE-2023-2816)

The version of telegraf installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-2816 advisory. - Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions...

CBL Mariner 2.0 Security Update: cert-manager / helm (CVE-2024-26147)

The version of cert-manager / helm installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26147 advisory. - Helm is a package manager for Charts for Kubernetes. Versions prior to 3.14.2 contain an...

CBL Mariner 2.0 Security Update: kernel (CVE-2018-20169)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2018-20169 advisory. - An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during t...

CBL Mariner 2.0 Security Update: cloud-hypervisor / edk2 / hvloader / openssl / rust (CVE-2023-0286)

The version of cloud-hypervisor / edk2 / hvloader / openssl / rust installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-0286 advisory. - There is a type confusion vulnerability relating to X.400 addres...

CBL Mariner 2.0 Security Update: cert-manager / cf-cli / docker-buildx / erlang / kubernetes / kubevirt (CVE-2023-48795)

The version of cert-manager / cf-cli / docker-buildx / erlang / kubernetes / kubevirt installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-48795 advisory. - The SSH transport protocol with certain...

camping-port-grimaud.fr Cross Site Scripting vulnerability OBB-3940304

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

fewo-ja.de Cross Site Scripting vulnerability OBB-3940173

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

al.to.leg.br Cross Site Scripting vulnerability OBB-3940111

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

dev.shoalsummitsolutions.com Cross Site Scripting vulnerability OBB-3939903

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...