Lucene search
K

1272 matches found

Tenable Nessus
Tenable Nessus
added 2023/10/25 12:0 a.m.18 views

Amazon Linux AMI : ImageMagick (ALAS-2023-1856)

The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1.30. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1856 advisory. A vulnerability was found in ImageMagick where heap use-after-free was found in coders/bmp.c. CVE-2023-5341 Tenable has...

6.2CVSS6.5AI score0.00437EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/10/25 12:0 a.m.34 views

Amazon Linux AMI : ghostscript (ALAS-2023-1867)

The version of ghostscript installed on the remote host is prior to 8.70-24.33. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1867 advisory. A buffer overflow vulnerability in epscprintpage in devices/gdevepsc.c of Artifex Software GhostScript v9.50 allows a remote...

5.5CVSS6.7AI score0.0187EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/10/25 12:0 a.m.29 views

Amazon Linux AMI : tomcat8 (ALAS-2023-1861)

The version of tomcat8 installed on the remote host is prior to 8.5.93-1.94. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1861 advisory. Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the...

7.5CVSS7.3AI score0.46836EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2023/10/25 12:0 a.m.29 views

Amazon Linux AMI : libX11 (ALAS-2023-1859)

The version of libX11 installed on the remote host is prior to 1.6.0-2.2.16. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1859 advisory. libX11: out-of-bounds memory access in XkbReadKeySyms CVE-2023-43785 libX11: integer overflow in XCreateImage leading t...

7.8CVSS6.9AI score0.00633EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2023/10/25 12:0 a.m.32 views

Amazon Linux AMI : apache-ivy (ALAS-2023-1863)

The version of apache-ivy installed on the remote host is prior to 2.2.0-5.2. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1863 advisory. Improper Restriction of XML External Entity Reference, XML Injection aka Blind XPath Injection vulnerability in Apache Software...

8.2CVSS7.8AI score0.01855EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.53 views

Amazon Linux AMI : golang (ALAS-2023-1871)

The version of golang installed on the remote host is prior to 1.20.10-1.48. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1871 advisory. Line directives //line can be used to bypass the restrictions on //go:cgo directives, allowing blocked linker and...

8.1CVSS7.7AI score0.99999EPSS
Exploits19References8
Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.56 views

Amazon Linux AMI : tomcat8 (ALAS-2023-1868)

The version of tomcat8 installed on the remote host is prior to 8.5.94-1.95. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1868 advisory. Incomplete Cleanup vulnerability in Apache Tomcat. When recycling various internal objects in Apache Tomcat from...

7.5CVSS7.3AI score0.99999EPSS
Exploits21References8
Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.82 views

Amazon Linux AMI : nginx (ALAS-2023-1870)

The version of nginx installed on the remote host is prior to 1.18.0-1.45. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1870 advisory. The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams...

7.5CVSS7.2AI score0.99999EPSS
Exploits19References4
Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.39 views

Amazon Linux AMI : nghttp2 (ALAS-2023-1869)

The version of nghttp2 installed on the remote host is prior to 1.33.0-1.1.8. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1869 advisory. The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams...

7.5CVSS7.2AI score0.99999EPSS
Exploits19References4
Tenable Nessus
Tenable Nessus
added 2023/10/06 12:0 a.m.22 views

Amazon Linux AMI : gsl (ALAS-2023-1851)

The version of gsl installed on the remote host is prior to 1.13-4.4. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1851 advisory. A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL GNU Scientific Library, versions 2....

6.5CVSS7.2AI score0.00883EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/10/06 12:0 a.m.21 views

Amazon Linux AMI : libtiff (ALAS-2023-1846)

The version of libtiff installed on the remote host is prior to 4.0.3-35.46. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1846 advisory. A NULL pointer dereference in TIFFClose is caused by a failure to open an output file non-existent path or a path that requires...

6.5CVSS6.9AI score0.01124EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/10/06 12:0 a.m.39 views

Amazon Linux AMI : bind (ALAS-2023-1845)

The version of bind installed on the remote host is prior to 9.8.2-0.68.rc1.91. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1845 advisory. The code that processes control channel messages sent to named calls certain functions recursively during packet parsing...

7.5CVSS6.9AI score0.02626EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/10/06 12:0 a.m.19 views

Amazon Linux AMI : mutt (ALAS-2023-1836)

The version of mutt installed on the remote host is prior to 1.5.20-7.20091214hg736b6a.10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1836 advisory. Null pointer dereference when viewing a specially crafted email in Mutt 1.5.2 1.5.2 2.2.12 CVE-2023-4875...

6.5CVSS5.8AI score0.00719EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/10/06 12:0 a.m.36 views

Amazon Linux AMI : poppler (ALAS-2023-1850)

The version of poppler installed on the remote host is prior to 0.26.5-43.26. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1850 advisory. An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service D...

6.5CVSS6.7AI score0.00927EPSS
Exploits3References8
Tenable Nessus
Tenable Nessus
added 2023/10/06 12:0 a.m.35 views

Amazon Linux AMI : ghostscript (ALAS-2023-1853)

The version of ghostscript installed on the remote host is prior to 8.70-24.32. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1853 advisory. A divide by zero issue discovered in epsprintpage in gdevepsn.c in Artifex Software GhostScript 9.50 allows remote attackers ...

5.5CVSS5.9AI score0.00619EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/10/06 12:0 a.m.38 views

Amazon Linux AMI : poppler (ALAS-2023-1852)

The version of poppler installed on the remote host is prior to 0.26.5-43.27. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1852 advisory. Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via craft...

7.5CVSS7.5AI score0.00891EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/10/06 12:0 a.m.34 views

Amazon Linux AMI : ghostscript (ALAS-2023-1854)

The version of ghostscript installed on the remote host is prior to 8.70-24.31. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1854 advisory. A buffer overflow vulnerability in pcxwriterle in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a...

5.5CVSS6.7AI score0.02252EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/10/06 12:0 a.m.37 views

Amazon Linux AMI : libxml2 (ALAS-2023-1841)

The version of libxml2 installed on the remote host is prior to 2.9.1-6.6.43. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1841 advisory. Xmlsoft Libxml2 v2.11.0 was discovered to contain a global buffer overflow via the xmlSAX2StartElement function at...

6.5CVSS6.9AI score0.00667EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/10/06 12:0 a.m.41 views

Amazon Linux AMI : vim (ALAS-2023-1837)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1837 advisory. Use After Free in GitHub repository vim/vim prior to 9.0.1840. CVE-2023-4733 Use After Free in GitHub repository vim/vim prior to 9.0.1857. CVE-2023-4750 Use After Free in GitHub repository vim/vi...

7.8CVSS7.3AI score0.00559EPSS
Exploits3References8
Tenable Nessus
Tenable Nessus
added 2023/10/06 12:0 a.m.28 views

Amazon Linux AMI : axis (ALAS-2023-1840)

The version of axis installed on the remote host is prior to 1.2.1-7.5.15. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1840 advisory. UNSUPPPORTED WHEN ASSIGNED UNSUPPORTED WHEN ASSIGNED When integrating Apache Axis 1.x in an application, it may not have been...

9.8CVSS8.1AI score0.01931EPSS
Exploits0References4
Rows per page
Query Builder