Lucene search
K

224 matches found

Vulnrichment
Vulnrichment
added 2024/07/03 12:0 a.m.12 views

CVE-2024-39920

The TCP protocol in RFC 9293 has a timing side channel that makes it easier for remote attackers to infer the content of one TCP connection from a client system to any server, when that client system is concurrently obtaining TCP data at a slow rate from an attacker-controlled server, aka the...

7.2AI score0.00572EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.24 views

RHEL 4 : quagga (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - quagga: DoS crash by processing malformed extended community attribute in a route CVE-2010-1674 Note that Nessus ha...

5CVSS6.5AI score0.13426EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.30 views

RHEL 9 : jackson-databind (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - jackson-databind: denial of service via cylic dependencies CVE-2023-35116 Note that Nessus has not tested for this...

4.7CVSS7.3AI score0.00352EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.25 views

RHEL 5 : groff (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - groff: improper handling of failed attempts to create temporary directories in eqn2graph/pic2graph/grap2graph...

3.3CVSS6.5AI score0.00357EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.14 views

RHEL 7 : rhnsd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - rhnsd: World-writable PID files CVE-2017-7560 Note that Nessus has not tested for this issue but has instead relied...

5.5CVSS5.6AI score0.00252EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.28 views

RHEL 9 : conmon (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - cri-o: memory exhaustion on the node when access to the kube api CVE-2022-1708 Note that Nessus has not tested for...

7.5CVSS6.9AI score0.02827EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.20 views

RHEL 7 : gupnp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - hostapd: UPnP SUBSCRIBE misbehavior in WPS AP CVE-2020-12695 Note that Nessus has not tested for this issue but has...

7.5CVSS7.3AI score0.15193EPSS
Exploits3References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.73 views

RHEL 8 : openssh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openssh: User enumeration via malformed packets in authentication requests CVE-2018-15919 - openssh:...

7CVSS7.2AI score0.20906EPSS
Exploits10References4
OSV
OSV
added 2024/05/29 11:16 a.m.1 views

DEBIAN-CVE-2023-52881

In the Linux kernel, the following vulnerability has been resolved: tcp: do not accept ACK of bytes we never sent This patch is based on a detailed report and ideas from Yepeng Pan and Christian Rossow. ACK seq validation is currently following RFC 5961 5.2 guidelines: The ACK value is considered...

5.5CVSS5.7AI score0.00227EPSS
Exploits0References1
OSV
OSV
added 2024/05/29 11:16 a.m.1 views

UBUNTU-CVE-2023-52881

In the Linux kernel, the following vulnerability has been resolved: tcp: do not accept ACK of bytes we never sent This patch is based on a detailed report and ideas from Yepeng Pan and Christian Rossow. ACK seq validation is currently following RFC 5961 5.2 guidelines: The ACK value is considered...

5.5CVSS6.1AI score0.00227EPSS
Exploits0References11
Vulnrichment
Vulnrichment
added 2024/05/29 10:15 a.m.35 views

CVE-2023-52881 tcp: do not accept ACK of bytes we never sent

In the Linux kernel, the following vulnerability has been resolved: tcp: do not accept ACK of bytes we never sent This patch is based on a detailed report and ideas from Yepeng Pan and Christian Rossow. ACK seq validation is currently following RFC 5961 5.2 guidelines: The ACK value is considered...

6.6AI score0.00227EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/05/29 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that the TCP protocol stack may accept an ACK acknowledgement for bytes that were never sent when...

5.5CVSS6.7AI score0.00227EPSS
Exploits0References10
AlmaLinux
AlmaLinux
added 2024/05/22 12:0 a.m.26 views

Moderate: gstreamer1-plugins-good security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. Security Fixes: gstreamer-plugins-good: integer overflow leading to hea...

8.8CVSS6.8AI score0.01537EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.23 views

RHEL 8 : espeak-ng (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - espeak-ng: buffer overflow in ReadClause function at readclause.c CVE-2023-49993 - Espeak-ng 1.52-dev was...

6.1AI score0.00405EPSS
Exploits5References5
AlmaLinux
AlmaLinux
added 2024/04/30 12:0 a.m.26 views

Important: tigervnc security update

Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...

7.8CVSS7.1AI score0.01843EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2024/04/11 5:0 p.m.61 views

Important: Red Hat Security Advisory: squid security update

An update for squid is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

8.6CVSS6.8AI score0.88864EPSS
Exploits0References7
AlmaLinux
AlmaLinux
added 2024/04/11 12:0 a.m.70 views

Important: bind9.16 security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS7.2AI score0.99995EPSS
Exploits1References14
CNNVD
CNNVD
added 2024/04/02 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a delayed ACK that does not set a reference sequence number...

5.5CVSS6.3AI score0.00241EPSS
Exploits0References6
OSV
OSV
added 2024/03/19 12:0 a.m.1 views

UBUNTU-CVE-2024-2613

Data was not properly sanitized when decoding a QUIC ACK frame; this could have led to unrestricted memory consumption and a crash. This vulnerability affects Firefox 124...

7.5CVSS7.2AI score0.00501EPSS
Exploits0References5
OSV
OSV
added 2024/02/28 9:15 a.m.1 views

DEBIAN-CVE-2021-46999

In the Linux kernel, the following vulnerability has been resolved: sctp: do asoc update earlier in sctpsfdodupcooka There's a panic that occurs in a few of envs, the call trace is as below: general protection fault, ... 0x29acd70f1000a: 0000 1 SMP PTI RIP:...

7.8CVSS5.9AI score0.0025EPSS
Exploits0References1
Rows per page
Query Builder