58857 matches found
Amazon Linux 2 : ruby (ALASRUBY3.0-2024-008)
The version of ruby installed on the remote host is prior to 3.0.6-156. It is, therefore, affected by a vulnerability as referenced in the ALAS2RUBY3.0-2024-008 advisory. ruby: RCE vulnerability with .rdocoptions in RDoc CVE-2024-27281 Tenable has extracted the preceding description block directl...
Amazon Linux AMI : kernel (ALAS-2024-1942)
The version of kernel installed on the remote host is prior to 4.14.348-187.562. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2024-1942 advisory. 2024-07-31: CVE-2024-27020 was added to this advisory. 2024-07-31: CVE-2024-26976 was added to this advisory...
Amazon Linux 2 : edk2 (ALAS-2024-2578)
It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2578 advisory. EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access. A successful exploit of this vulnerability may lead to a...
SUSE SLED15: glade-catalog-vte / libvte-2_91-0 / typelib-1_0-Vte-2.91 / etc (SUSE-SU-2024:2180-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2180-1 advisory. - CVE-2024-37535: Fixed a bug that allowed an attacker to cause a denial of service memory consumption vi...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libarchive (SUSE-SU-2024:2171-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2171-1 advisory. - CVE-2024-20696: Fixed heap based out-of-bounds write bsc1225971. Tenable has extracted the preceding...
Oracle Linux 8 : python3.11 (ELSA-2024-4058)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4058 advisory. - Security fixes for CVE-2023-6597 and CVE-2024-0450 Tenable has extracted the preceding description block directly from the Oracle Linux security...
Amazon Linux AMI : R (ALAS-2024-1940)
The version of R installed on the remote host is prior to 3.4.1-1.53. It is, therefore, affected by a vulnerability as referenced in the ALAS-2024-1940 advisory. Deserialization of untrusted data can occur in the R statistical programming language, on any version starting at 1.4.0 up to and not...
Google Chrome < 126.0.6478.126 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 126.0.6478.126. It is, therefore, affected by multiple vulnerabilities as referenced in the 202406stable-channel-update-for-desktop24 advisory. - Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a...
AlmaLinux 9 : libreswan (ALSA-2024:4050)
The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:4050 advisory. libreswan: IKEv1 default AH/ESP responder can crash and restart CVE-2024-3652 Tenable has extracted the preceding description block directly from the AlmaLinux...
Amazon Linux 2 : dnsmasq (ALAS-2024-2580)
The version of dnsmasq installed on the remote host is prior to 2.76-16. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2580 advisory. dnsmasq 2.9 is vulnerable to Integer Overflow via forwardquery. CVE-2023-49441 Tenable has extracted the preceding description bloc...
Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2024-072 (ALASKERNEL-5.4-2024-072)
The version of kernel installed on the remote host is prior to 5.4.261-174.360. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2024-072 advisory. In the Linux kernel, the following vulnerability has been resolved: Input: synaptics-rmi4 - fix use after...
Fedora 39 : python-PyMySQL (2024-e7141ab284)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-e7141ab284 advisory. Update to 1.1.1 to fix CVE CVE-2024-36039 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note tha...
Slackware Linux 15.0 / current emacs Vulnerability (SSA:2024-174-01)
The version of emacs installed on the remote host is prior to 29.4. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-174-01 advisory. New emacs packages are available for Slackware 15.0 and -current to fix a security issue. Tenable has extracted the preceding descriptio...
GLSA-202406-01 : GLib: Privilege Escalation
The remote host is affected by the vulnerability described in GLSA-202406-01 GLib: Privilege Escalation A vulnerability has been discovered in GLib. Please review the CVE identifier referenced below for details. Tenable has extracted the preceding description block directly from the Gentoo Linux...
SUSE SLES15 Security Update : kernel (Live Patch 42 for SLE 15 SP3) (SUSE-SU-2024:2148-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2148-1 advisory. This update for the Linux Kernel 5.3.18-15030059153 fixes several issues. The following security issues were fixed: - CVE-2021-46955: Fixed an...
SUSE SLED15: libvte-2_91-0 / typelib-1_0-Vte-2_91 / typelib-1_0-Vte-3_91 / etc (SUSE-SU-2024:2153-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2153-1 advisory. - CVE-2024-37535: Fixed a bug that allowed an attacker to cause a denial of service memory consumption vi...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-cryptography (SUSE-SU-2024:2138-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:2138-1 advisory. - CVE-2024-26130: Fix a NULL pointer dereference in pkcs12.serializekeyandcertificates. bsc1220210 Tenabl...
SUSE SLES15 Security Update : kernel (Live Patch 19 for SLE 15 SP4) (SUSE-SU-2024:2165-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:2165-1 advisory. This update for the Linux Kernel 5.14.21-1504002492 fixes one issue. The following security issue was fixed: - CVE-2024-26852: Fixed use-after-free in...
GLSA-202406-04 : LZ4: Memory Corruption
The remote host is affected by the vulnerability described in GLSA-202406-04 LZ4: Memory Corruption An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove on a negative size argument, causing an...
GLSA-202406-03 : RDoc: Remote Code Execution
The remote host is affected by the vulnerability described in GLSA-202406-03 RDoc: Remote Code Execution A vulnerability has been discovered in RDoc. Please review the CVE identifier referenced below for details. Tenable has extracted the preceding description block directly from the Gentoo Linux...