Lucene search
+L

420 matches found

CVE
CVE
added 2024/07/08 5:57 p.m.244 views

CVE-2024-6409

CVE-2024-6409 describes a race-condition in OpenSSH server (sshd) signal handling. If a remote client does not authenticate within LoginGraceTime, sshd’s SIGALRM handler runs asynchronously and may call non-async-signal-safe functions (e.g., syslog), enabling a potential remote code execution as ...

7CVSS7.3AI score0.27935EPSS
Exploits1References23
Cvelist
Cvelist
added 2024/07/08 5:57 p.m.146 views

CVE-2024-6409 Openssh: possible remote code execution due to a race condition in signal handling affecting red hat enterprise linux 9

A race condition vulnerability was discovered in how signals are handled by OpenSSH's server sshd. If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not...

7CVSS0.27935EPSS
Exploits1References9
Vulnrichment
Vulnrichment
added 2024/07/08 5:57 p.m.375 views

CVE-2024-6409 Openssh: possible remote code execution due to a race condition in signal handling affecting red hat enterprise linux 9

A race condition vulnerability was discovered in how signals are handled by OpenSSH's server sshd. If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not...

7CVSS7.8AI score0.27935EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2024/07/08 12:0 a.m.33 views

RHEL 9 : git (RHSA-2024:4368)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4368 advisory. Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a...

9CVSS7.3AI score0.25334EPSS
Exploits34References12
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.131 views

RHEL 9 : openssh (RHSA-2024:4312)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4312 advisory. OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary f...

8.1CVSS8.1AI score0.99506EPSS
Exploits69References4
Tenable Nessus
Tenable Nessus
added 2024/07/02 12:0 a.m.29 views

RHEL 9 : Red Hat OpenStack Platform 17.1.3 (RHSA-2024:4272)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4272 advisory. Cinder is the replacement of nova-volume in Folsom and beyond, use d for block storage. OpenStack Image Service code-named Glance provides...

6.5CVSS6.6AI score0.00835EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/07/02 12:0 a.m.23 views

RHEL 9 : qemu-kvm (RHSA-2024:4277)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4277 advisory. Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the...

7.8CVSS7.4AI score0.00333EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/06/25 12:0 a.m.36 views

RHEL 9 : python3.11 (RHSA-2024:4077)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4077 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

7.8CVSS7.2AI score0.00313EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/06/17 12:0 a.m.20 views

RHEL 9 : firefox (RHSA-2024:3958)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:3958 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

8.6CVSS7.5AI score0.0107EPSS
Exploits1References16
Tenable Nessus
Tenable Nessus
added 2024/06/12 12:0 a.m.23 views

RHEL 9 : gvisor-tap-vsock (RHSA-2024:3830)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3830 advisory. A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor and is used to provide networking for...

6.5CVSS6.8AI score0.01165EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/06/12 12:0 a.m.33 views

RHEL 9 : ruby (RHSA-2024:3838)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3838 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

9.8CVSS7AI score0.02637EPSS
Exploits1References15
Tenable Nessus
Tenable Nessus
added 2024/06/06 12:0 a.m.25 views

RHEL 9 : nghttp2 (RHSA-2024:3665)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3665 advisory. libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 HTTP/2 protocol in C. Security Fixes: nghttp2: CONTINUATION frames DoS...

5.3CVSS7.2AI score0.8496EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2024/06/06 12:0 a.m.87 views

RHEL 9 : ruby:3.3 (RHSA-2024:3671)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3671 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

9.8CVSS7.1AI score0.02364EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2024/06/04 12:0 a.m.42 views

RHEL 9 : Red Hat JBoss Enterprise Application Platform 8.0.2 Security update (Moderate) (RHSA-2024:3581)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3581 advisory. Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release o...

7.5CVSS7.2AI score0.00788EPSS
Exploits1References49
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.34 views

RHEL 9 : zstd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - zstd: mysql: buffer overrun in util.c CVE-2022-4899 Note that Nessus has not tested for this issue but has instead...

7.5CVSS7.7AI score0.01588EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.12 views

RHEL 9 : libyang (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libyang: NULL pointer dereference via lyspstmtvalidatevalue at lysparsemem.c CVE-2023-26917 Note that Nessus has no...

7.5CVSS6.9AI score0.00893EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.24 views

RHEL 9 : dotnet6.0 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - http-cache-semantics: Regular Expression Denial of Service ReDoS vulnerability CVE-2022-25881 Note that Nessus has...

7.5CVSS7AI score0.01613EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.30 views

RHEL 9 : conmon (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - cri-o: memory exhaustion on the node when access to the kube api CVE-2022-1708 Note that Nessus has not tested for...

7.5CVSS6.9AI score0.02827EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.19 views

RHEL 9 : cri-o (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - opencontainers: OCI manifest and index parsing confusion CVE-2021-41190 Note that Nessus has not tested for this...

5CVSS6.5AI score0.02085EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.13 views

RHEL 9 : pcre2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop CVE-2022-41409 Note that Nessus ha...

7.5CVSS7.2AI score0.00962EPSS
Exploits1References1
Rows per page
Query Builder