RHEL 6 : libxrandr (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libXrandr: Insufficient validation of server responses result in various data mishandlings CVE-2016-7948 ...

Type Confusion

chromium is vulnerable to a Type Confusion. The vulnerability is due to improper handling of object types, potentially allowing a remote attacker to execute arbitrary read/write operations via a crafted HTML page...

CVE-2024-4287

In mintplex-labs/anything-llm, a vulnerability exists due to improper input validation in the workspace update process. Specifically, the application fails to validate or format JSON data sent in an HTTP POST request to /api/workspace/:workspace-slug/update, allowing it to be executed as part of ...

CVE-2024-4287

In mintplex-labs/anything-llm, a vulnerability exists due to improper input validation in the workspace update flow. The flaw occurs when JSON data sent via HTTP POST to /api/workspace/:workspace-slug/update is not properly validated/formatted, allowing the payload to be executed as part of a dat...

CVE-2024-28064

Kiteworks Totemomail 7.x and 8.x before 8.3.0 allows /responsiveUI/EnvelopeOpenServlet messageId directory traversal for unauthenticated file read and delete operations with displayLoginChunkedImages and write operations with storeLoginChunkedImages...

RHEL 5 : libxrandr (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libXrandr: Insufficient validation of server responses result in various data mishandlings CVE-2016-7948 ...

RHEL 7 : libxrandr (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libXrandr: Insufficient validation of server responses result in various data mishandlings CVE-2016-7948 ...

CVE-2024-1654

This vulnerability potentially allows unauthorized write operations which may lead to remote code execution. An attacker must already have authenticated admin access and knowledge of both an internal system identifier and details of another valid user to exploit this...

CVE-2024-1654

PaperCut NG/MF (CVE-2024-1654) enables potential unauthorized write operations that may lead to remote code execution. Exploitation requires authenticated admin access and knowledge of both an internal system identifier and another valid user. CVSS v3.1 base score is 7.2 (HIGH) with NETWORK attac...

CVE-2024-1654 Unauthorized write operations in PaperCut NG/MF

This vulnerability potentially allows unauthorized write operations which may lead to remote code execution. An attacker must already have authenticated admin access and knowledge of both an internal system identifier and details of another valid user to exploit this...

CVE-2024-1654 Unauthorized write operations in PaperCut NG/MF

This vulnerability potentially allows unauthorized write operations which may lead to remote code execution. An attacker must already have authenticated admin access and knowledge of both an internal system identifier and details of another valid user to exploit this...

PaperCut NG/MF Security Vulnerabilities

PaperCut NG is a suite of next-generation printer control software from PaperCut Australia. A security vulnerability exists in PaperCut NG/MF that originates from allowing unauthorized write operations that could result in remote code execution...

CentOS 9 : podman-4.1.1-3.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the podman-4.1.1-3.el9 build changelog. - net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via...

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2023-2811)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbnet.c has a .disconnect versus dvbdeviceopen race condition...

A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nf_tables configuration. (CVE-2023-32233)

In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled...

Rocky Linux 8 : kernel (RLSA-2022:6460)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:6460 advisory. - Incomplete cleanup of multi-core shared buffers for some IntelR Processors may allow an authenticated user to potentially enable information disclosur...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A resource management error vulnerability exists in Linux kernel 6.4.2 and earlier versions, which stems from a carefully crafted UDF filesystem image that can cause write...

AlmaLinux 9 : kpatch-patch (ALSA-2023:3705)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:3705 advisory. - A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation. The perfgroupdetach...

AlmaLinux 8 : kernel-rt (ALSA-2023:3350)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:3350 advisory. - In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch requests can be abused to perform arbitrary read and write...

AlmaLinux 8 : kernel (ALSA-2023:3349)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:3349 advisory. - In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch requests can be abused to perform arbitrary read and write...