Lucene search
K

117 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2022-2068

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script does not properly sanitise shell...

10CVSS7.3AI score0.95764EPSS
Exploits6References2
Rosalinux
Rosalinux
added 2025/02/24 12:28 p.m.13 views

Advisory ROSA-SA-2025-2715

Software: openssl 1.1.1k OS: ROSA Virtualization 3.0 packageevrstring: openssl-1.1.1.1k-12.0.1 CVE-ID: CVE-2022-1292 BDU-ID: 2022-03181 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the OpenSSL library's crehash script implementation is related to failure to take measures to neutralize shell...

10CVSS8.1AI score0.95764EPSS
Exploits6
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/18 7:32 p.m.20 views

Security Bulletin: A Security Vulnerability discovered in IBM Security Verify Directory (CVE-2022-2068) has been addressed.

Summary A Security Vulnerability discovered in IBM Security Verify Directory Server containers has been addressed Vulnerability Details CVEID:CVE-2022-2068 DESCRIPTION: OpenSSL could allow a remote attacker to execute arbitrary commands on the system, caused by improper validation of user-supplie...

10CVSS9.8AI score0.95764EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/05 5:1 p.m.48 views

Security Bulletin: IBM Aspera Shares is vulnerable to multiple high severity vulnerabilities (CVE-2022-1586, CVE-2022-4304, CVE-2023-0215, CVE-2023-0286, CVE-2019-20838, CVE-2022-2068, CVE-2022-1587)

Summary This Security Bulletin addresses multiple high severity OpenSSL security vulnerabilities that have been remediated in IBM Aspera Shares 1.10.0 PL4. Vulnerability Details CVEID:CVE-2022-1586 DESCRIPTION: PCRE2 could allow a remote attacker to execute arbitrary code on the system, caused by...

10CVSS9.7AI score0.95764EPSS
Exploits1Affected Software5
IBM Security Bulletins
IBM Security Bulletins
added 2024/12/19 7:9 p.m.19 views

Security Bulletin: Multiple Security Vulnerabilities were discovered in IBM Security Directory Integrator (CVE-2023-32328, CVE-2023-43017, CVE-2022-2068)

Summary Multiple Security Vulnerabilities have been addressed in the IBM Security Directory Integrator Container affecting other products. Vulnerability Details CVEID:CVE-2023-32328 DESCRIPTION: IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure protocols in some instances that...

10CVSS7.9AI score0.95764EPSS
Exploits1Affected Software1
Oracle linux
Oracle linux
added 2024/11/22 12:0 a.m.54 views

edk2 security update

Mon Sep 09 2024 Aaron Young - Create new 20240909 release for OL9 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK...

7.5CVSS7.4AI score0.95764EPSS
Exploits28
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.13 views

Fedora 37 : openssl1.1 (2022-eaec96bb34)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-eaec96bb34 advisory. Automatic update for openssl1.1-1.1.1p-1.fc37. Changelog Thu Jun 30 2022 Clemens Lang - 1:1.1.1p-1 - Upgrade to 1.1.1p Resolves: CVE-2022-2068 Related:...

10CVSS7.4AI score0.95764EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/27 11:41 a.m.17 views

Security Bulletin: Vulnerability in OpenSSL affects IBM Integrated Analytics System [CVE-2022-2068]

Summary Redhat provided OpenSSL is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2022-2068 Vulnerability Details CVEID:CVE-2022-2068 DESCRIPTION: OpenSSL could allow a remote attacker to execute arbitrary commands on the system, caus...

10CVSS9.7AI score0.95764EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2024/09/18 12:0 a.m.22 views

Ubuntu: Security Advisory (USN-7018-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.7AI score0.95764EPSS
Exploits6References2
Tenable Nessus
Tenable Nessus
added 2024/07/26 12:0 a.m.21 views

Photon OS 3.0: Nxtgn PHSA-2022-3.0-0408

An update of the nxtgn package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-3.0-0408. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

10CVSS8.2AI score0.95764EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.275 views

RHEL 9 : openssl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openssl: the crehash script allows command injection CVE-2022-2068 - The crehash script does not properly...

9AI score0.95764EPSS
Exploits6References2
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.56 views

RHEL 8 : Satellite 6.14 (RHSA-2023:6818)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6818 advisory. Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring...

10CVSS8AI score0.99999EPSS
Exploits30References321
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.91 views

RHEL 6 / 7 / 8 / 9 : Red Hat Satellite Client (RHSA-2023:5982)

The remote Redhat Enterprise Linux 6 / 7 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5982 advisory. Security Fixes: golang: net/http, x/net/http2: rapid stream resets can cause excessive work CVE-2023-44487 CVE-2023-39325 HTTP/2...

10CVSS7.5AI score0.99999EPSS
Exploits25References16
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.50 views

RHEL 7 / 8 : Satellite 6.11.5.6 async (RHSA-2023:5980)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5980 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessit...

10CVSS7.8AI score0.99999EPSS
Exploits25References20
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.21 views

openSUSE: Security Advisory for openssl (SUSE-SU-2022:2251-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.4AI score0.95764EPSS
Exploits6References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/05 6:51 p.m.75 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues. IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data has migrated to a new base image for the Operators used by our Speech Services. The following vulnerabilities...

10CVSS9.5AI score0.99999EPSS
Exploits25Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/12/27 12:0 a.m.32 views

NewStart CGSL MAIN 5.04 : openssl Vulnerability (NS-SA-2023-0069)

The remote NewStart CGSL host, running version MAIN 5.04, has openssl packages installed that are affected by a vulnerability: - In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script does not properly sanitise shell...

10CVSS7.4AI score0.95764EPSS
Exploits6References3
Oracle linux
Oracle linux
added 2023/12/07 12:0 a.m.61 views

edk2 security update

20230821 - Create new 20230821 release for OL7 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...

10CVSS7.9AI score0.95764EPSS
Exploits18
Oracle linux
Oracle linux
added 2023/12/07 12:0 a.m.61 views

edk2 security update

20230821 - Create new 20230821 release for OL9 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...

10CVSS7.9AI score0.95764EPSS
Exploits18
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.55 views

Rocky Linux 8 : openssl (RLSA-2022:5818)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:5818 advisory. - The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems ...

10CVSS7.4AI score0.95764EPSS
Exploits6References8
Rows per page
Query Builder