Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3305 matches found

Amazon
Amazonadded 2024/04/18 12:0 a.m.5 views

Important: php

Issue Overview: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in mbcenclen during regular expression searching. Invalid handling of reg-dmin in forwardsearchrange could result in an...

9.8CVSS7.1AI score0.06265EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2024/04/18 12:0 a.m.39 views

Amazon Linux 2 : libvirt (ALAS-2024-2513)

The version of libvirt installed on the remote host is prior to 4.5.0-36. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2513 advisory. An off-by-one error flaw was found in the udevListInterfacesByStatus function in libvirt when the number of interfaces...

6.2CVSS6.6AI score0.00398EPSS
Exploits0References8
Tenable Nessus
Tenable Nessusadded 2024/04/18 12:0 a.m.53 views

Amazon Linux 2 : tomcat (ALASTOMCAT8.5-2024-019)

The version of tomcat installed on the remote host is prior to 8.5.100-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2TOMCAT8.5-2024-019 advisory. Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to...

7.5CVSS7.6AI score0.23072EPSS
Exploits1References6
Tenable Nessus
Tenable Nessusadded 2024/04/18 12:0 a.m.31 views

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2024-041)

The version of kernel installed on the remote host is prior to 5.15.153-100.162. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2024-041 advisory. 2024-08-27: CVE-2024-26863 was added to this advisory. 2024-08-27: CVE-2023-52656 was added to this...

9.8CVSS6.7AI score0.00828EPSS
Exploits0References36
Tenable Nessus
Tenable Nessusadded 2024/04/18 12:0 a.m.59 views

Amazon Linux 2 : python3 (ALAS-2024-2515)

The version of python3 installed on the remote host is prior to 3.7.16-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2515 advisory. An issue was found in the CPython zipfile module affecting versions 3.12.2, 3.11.8, 3.10.13, 3.9.18, and 3.8.18 and prior. The...

6.2CVSS7.1AI score0.00333EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2024/04/18 12:0 a.m.26 views

Amazon Linux 2 : tomcat (ALAS-2024-2514)

The version of tomcat installed on the remote host is prior to 7.0.76-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2514 advisory. Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket...

6.3CVSS7.2AI score0.02313EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2024/04/18 12:0 a.m.45 views

Amazon Linux 2 : tomcat (ALAS-2024-2517)

The version of tomcat installed on the remote host is prior to 7.0.76-10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2517 advisory. Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the...

7.5CVSS7.6AI score0.51547EPSS
Exploits1References6
Tenable Nessus
Tenable Nessusadded 2024/04/18 12:0 a.m.55 views

Amazon Linux 2 : glib2 (ALAS-2024-2519)

The version of glib2 installed on the remote host is prior to 2.56.1-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2519 advisory. GNOME GLib before 2.65.3 has an integer overflow, that might lead to an out-of-bounds write, in goptiongroupaddentries. NOTE: the...

7.8CVSS7.5AI score0.00567EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusadded 2024/04/18 12:0 a.m.24 views

Amazon Linux 2 : flatpak (ALAS-2024-2518)

The version of flatpak installed on the remote host is prior to 1.0.9-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2518 advisory. Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn't properl...

8.6CVSS7.9AI score0.01346EPSS
Exploits0References4
Amazon
Amazonadded 2024/04/18 12:0 a.m.27 views

Medium: flatpak

Issue Overview: Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn't properly validate that the permissions displayed to the user for an app at install time match the actual permissions granted to the app at runtime, in the cas...

8.6CVSS8.4AI score0.01346EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2024/04/18 12:0 a.m.28 views

Amazon Linux 2 : krb5 (ALAS-2024-2512)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2512 advisory. Kerberos 5 aka krb5 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmaprmt.c. CVE-2024-26458 Kerberos 5 aka krb5 1.21.2 contains a memory leak vulnerability in...

7.5CVSS6.9AI score0.01128EPSS
Exploits2References6
Tenable Nessus
Tenable Nessusadded 2024/04/18 12:0 a.m.50 views

Amazon Linux 2 : tomcat (ALASTOMCAT9-2024-013)

The version of tomcat installed on the remote host is prior to 9.0.87-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2TOMCAT9-2024-013 advisory. Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to ke...

7.5CVSS7.6AI score0.23072EPSS
Exploits1References6
Tenable Nessus
Tenable Nessusadded 2024/04/18 12:0 a.m.32 views

Amazon Linux 2 : php (ALAS-2024-2520)

The version of php installed on the remote host is prior to 5.4.16-46. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2520 advisory. An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack...

9.8CVSS7AI score0.06265EPSS
Exploits1References4
Amazon
Amazonadded 2024/04/01 12:0 a.m.63 views

Medium: openssh

Issue Overview: In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in ...

6.5CVSS7.6AI score0.19753EPSS
Exploits7
Tenable Nessus
Tenable Nessusadded 2024/04/01 12:0 a.m.138 views

Amazon Linux 2 : openssh (ALAS-2024-2507)

The version of openssh installed on the remote host is prior to 7.4p1-22. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2507 advisory. In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name...

6.5CVSS7.4AI score0.19753EPSS
Exploits7References4
Amazon
Amazonadded 2024/04/01 12:0 a.m.4 views

Medium: openssh

Issue Overview: In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in ...

6.5CVSS8.7AI score0.19753EPSS
Exploits7
Tenable Nessus
Tenable Nessusadded 2024/04/01 12:0 a.m.46 views

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2024-062)

The version of kernel installed on the remote host is prior to 5.4.269-183.369. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2024-062 advisory. dmtablecreate in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to in alloctargets...

7.8CVSS7.1AI score0.02224EPSS
Exploits2References72
Amazon
Amazonadded 2024/04/01 12:0 a.m.40 views

Medium: python-pillow

Issue Overview: An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw...

7.5CVSS8AI score0.01038EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2024/04/01 12:0 a.m.34 views

Amazon Linux 2 : firefox (ALASFIREFOX-2024-023)

The version of firefox installed on the remote host is prior to 115.9.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2024-023 advisory. AppendEncodedAttributeValue, ExtraSpaceNeededForAttrEncoding and AppendEncodedCharacters could have experienced...

8.8CVSS8.2AI score0.047EPSS
Exploits3References16
Tenable Nessus
Tenable Nessusadded 2024/04/01 12:0 a.m.38 views

Amazon Linux 2 : thunderbird (ALAS-2024-2505)

The version of thunderbird installed on the remote host is prior to 115.9.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2505 advisory. AppendEncodedAttributeValue, ExtraSpaceNeededForAttrEncoding and AppendEncodedCharacters could have experienced...

8.8CVSS8.1AI score0.00971EPSS
Exploits3References14
Rows per page
Query Builder