CBL Mariner 2.0 Security Update: hyperv-daemons (CVE-2024-26973)

The version of hyperv-daemons installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26973 advisory. - In the Linux kernel, the following vulnerability has been resolved: fat: fix uninitialized field in...

Oracle Linux 9 : postgresql:15 (ELSA-2024-6020)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6020 advisory. - Fix CVE-2024-0985 - Fixes CVE-2023-5868, CVE-2023-5869, CVE-2023-5870, CVE-2023-39417, and CVE-2023-39418 - Fixes CVE-2023-2454 and CVE-2023-2455...

CBL Mariner 2.0 Security Update: cmake / curl / mysql (CVE-2023-46219)

The version of cmake / curl / mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-46219 advisory. - When saving HSTS data to an excessively long file name, curl could end up removing all content...

CBL Mariner 2.0 Security Update: hyperv-daemons (CVE-2024-26961)

The version of hyperv-daemons installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26961 advisory. - In the Linux kernel, the following vulnerability has been resolved: mac802154: fix llsec key resourc...

CBL Mariner 2.0 Security Update: hyperv-daemons (CVE-2024-26951)

The version of hyperv-daemons installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26951 advisory. - In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: check for...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-35982)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-35982 advisory. - In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid infinite loop trying t...

CBL Mariner 2.0 Security Update: python-pip / python-urllib3 / python3 (CVE-2023-45803)

The version of python-pip / python-urllib3 / python3 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-45803 advisory. - urllib3 is a user-friendly HTTP client library for Python. urllib3 previously...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-35978)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-35978 advisory. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix memory leak in...

CBL Mariner 2.0 Security Update: coredns (CVE-2023-49295)

The version of coredns installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-49295 advisory. - quic-go is an implementation of the QUIC protocol RFC 9000, RFC 9001, RFC 9002 in Go. An attacker can cause...

CBL Mariner 2.0 Security Update: python-pygments (CVE-2021-27291)

The version of python-pygments installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-27291 advisory. - In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on...

Cisco NX-OS Software DHCPv6 Relay Agent DoS (cisco-sa-nxos-dhcp6-relay-dos-znEAA6xn)

A vulnerability in the DHCPv6 relay agent of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of specific fields in a DHCPv6 RELAY-REPLY message. An attacker could...

CBL Mariner 2.0 Security Update: openssl (CVE-2021-4160)

The version of openssl installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-4160 advisory. - There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affecte...

CBL Mariner 2.0 Security Update: hyperv-daemons (CVE-2024-27002)

The version of hyperv-daemons installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27002 advisory. - In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: Do a runtime PM g...

FreeBSD : firefox -- multiple vulnerabilities (5e4d7172-66b8-11ef-b104-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 5e4d7172-66b8-11ef-b104-b42e991fc52e advisory. [email protected] reports: Tenable has extracted the preceding description block directly...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-27019)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27019 advisory. - In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Fix potential...

Wordfence Intelligence Weekly WordPress Vulnerability Report (August 19, 2024 to August 25, 2024)

Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Through October 14th, researchers can earn up to $31,200, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and ...

AlmaLinux 8 : postgresql:15 (ALSA-2024:6001)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6001 advisory. postgresql: PostgreSQL relation replacement during pgdump executes arbitrary SQL CVE-2024-7348 postgresql: PostgreSQL pgstatsext and pgstatsextexprs lack...

AlmaLinux 8 : postgresql:13 (ALSA-2024:6018)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:6018 advisory. postgresql: PostgreSQL relation replacement during pgdump executes arbitrary SQL CVE-2024-7348 Tenable has extracted the preceding description block directly from...

AlmaLinux 9 : postgresql:16 (ALSA-2024:5929)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:5929 advisory. postgresql: PostgreSQL pgstatsext and pgstatsextexprs lack authorization checks CVE-2024-4317 postgresql: PostgreSQL relation replacement during pgdump...

FreeBSD : firefox -- multiple vulnerabilities (44de1b82-662d-11ef-a51b-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 44de1b82-662d-11ef-a51b-b42e991fc52e advisory. [email protected] reports: This update includes 3 CVEs: Tenable has extracted the preceding...