RHEL 7 : dev-java_snakeyaml (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - dev-java/snakeyaml: DoS via stack overflow CVE-2022-41854 Note that Nessus has not tested for this issue but has...

RHEL 6 : dev-python_twisted (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - dev-python/twisted: secret exposure in cross-origin redirects CVE-2022-21712 Note that Nessus has not tested for th...

Important: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.11.4 security update

An update is now available for Red Hat OpenShift GitOps v1.11.4 for Argo CD UI and Console Plugin. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

Security Bulletin: User Behavior Analytics application add on to IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM has addressed these vulnerabilities with an update. Vulnerability Details CVEID:CVE-2023-41419 DESCRIPTION: Gevent could allow a remote attacker to gain...

Debian: Security Advisory (DSA-5684-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2024-25803 · Deno · Deno

Name of the Vulnerable Software and Affected Versions: Deno versions prior to 1.43 Description: The Deno sandbox may be unexpectedly weakened by allowing file read/write access to privileged files in various locations on Unix and Windows platforms. For example, reading /proc/self/environ may...

CVE-2024-34455

Buildroot before 0b2967e lacks the sticky bit for the /dev/shm directory. A fix was released in 2024.02.2...

CVE-2024-34455

Buildroot before 0b2967e lacks the sticky bit for the /dev/shm directory. A fix was released in 2024.02.2...

CVE-2024-34455

Buildroot before 0b2967e lacks the sticky bit for the /dev/shm directory. A fix was released in 2024.02.2...

CVE-2024-34455

Buildroot before 0b2967e lacks the sticky bit for the /dev/shm directory. A fix was released in 2024.02.2...

CVE-2024-34455

CVE-2024-34455 affects Buildroot prior to version 0b2967e, due to missing sticky bit on /dev/shm. The issue is fixed in 2024.02.2; affected users should update to 2024.02.2 or later. Public sources (Red Hat, NVD, OSV, CVE lists) corroborate the description of the vulnerability and the fix. The CV...

PT-2024-4090

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to a slab-use-after-free vulnerability in the msft do close function. This vulnerability is caused by a race condition where the msft-data is freed in hci release de...

PT-2024-25909 · Buildroot · Buildroot

Name of the Vulnerable Software and Affected Versions: Buildroot versions prior to 0b2967e Buildroot version 2024.02.2 and later are not affected, but all versions before 0b2967e are vulnerable. Since 2024.02.2 is the fixed version, we list all versions prior to 0b2967e as vulnerable. Description...

Security advisory: QStringConverter

QStringConverter has an invalid pointer being passed as a callback which can allow modification of the stack and has been assigned the CVE id CVE-2024-33861. Qt itself is not vulnerable to remote attack however an application using QStringDecoder either directly or indirectly can be vulnerable...

CVE-2024-27063

CVE-2024-27063 affects the Linux kernel LED subsystem for leds: trigger: netdev. The issue stems from a refactor where the trigger_data’s dev could reference the old net_dev while a new net_dev is being established, causing get_device_state() to operate on an invalid net_dev and potentially trigg...

CVE-2024-27013

In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal packet received by tun dev vhostworker will call tun call backs to receive packets. If too many illegal packets arrives, tundoread will keep dumping packet contents. When console is enabled, ...

DEBIAN-CVE-2024-26935

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix unremoved procfs host directory regression Commit fc663711b944 "scsi: core: Remove the /proc/scsi/$procname directory earlier" fixed a bug related to modules loading/unloading, by adding a call to scsiprochostdirr...

CVE-2024-27013

In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal packet received by tun dev vhostworker will call tun call backs to receive packets. If too many illegal packets arrives, tundoread will keep dumping packet contents. When console is enabled, ...

CVE-2024-27013

In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal packet received by tun dev vhostworker will call tun call backs to receive packets. If too many illegal packets arrives, tundoread will keep dumping packet contents. When console is enabled, ...

CVE-2024-27013 tun: limit printing rate when illegal packet received by tun dev

In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal packet received by tun dev vhostworker will call tun call backs to receive packets. If too many illegal packets arrives, tundoread will keep dumping packet contents. When console is enabled, ...