Lucene search
K

4433 matches found

Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.29 views

Amazon Linux 2 : containerd (ALASNITRO-ENCLAVES-2023-031)

The version of containerd installed on the remote host is prior to 1.6.19-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2023-031 advisory. The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset...

7.5CVSS7AI score0.03796EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.32 views

Amazon Linux 2 : docker (ALASNITRO-ENCLAVES-2023-030)

The version of docker installed on the remote host is prior to 20.10.25-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2023-030 advisory. http2/hpack: avoid quadratic complexity in hpack decoding CVE-2022-41723 Templates did not properly conside...

9.8CVSS7.5AI score0.04561EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2023/10/19 7:44 p.m.102 views

CVE-2023-45802

A flaw was found in modhttp2. When a HTTP/2 stream is reset RST frame by a client, there is a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connectio...

7.5CVSS8AI score0.99999EPSS
Exploits20References4
Slackware Linux
Slackware Linux
added 2023/10/19 7:21 p.m.49 views

[slackware-security] httpd

New httpd packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/httpd-2.4.58-i586-1slack15.0.txz: Upgraded. This update fixes bugs and security issues: moderate: Apache HTTP Server...

7.5CVSS7.1AI score0.70595EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2023/10/19 7:9 p.m.49 views

Important: Red Hat Security Advisory: Red Hat AMQ Broker 7.10.4 release and security update

Red Hat AMQ Broker 7.10.4 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.5CVSS7.1AI score0.99999EPSS
Exploits19References4
Ubuntu
Ubuntu
added 2023/10/19 4:12 p.m.69 views

USN-6438-1: .NET vulnerabilities

Kevin Jones discovered that .NET did not properly process certain X.509 certificates. An attacker could possibly use this issue to cause a denial of service. CVE-2023-36799 It was discovered that the .NET Kestrel web server did not properly handle HTTP/2 requests. A remote attacker could possibly...

7.5CVSS7.3AI score0.99999EPSS
Exploits19
Ubuntu
Ubuntu
added 2023/10/19 3:57 p.m.85 views

USN-6427-2: .NET vulnerability

USN-6427-1 fixed a vulnerability in .NET. This update provides the corresponding update for .NET 8. Original advisory details: It was discovered that the .NET Kestrel web server did not properly handle HTTP/2 requests. A remote attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.2AI score0.99999EPSS
Exploits19
RedHat Linux
RedHat Linux
added 2023/10/19 1:18 p.m.60 views

Important: Red Hat Security Advisory: tomcat security update

An update for tomcat is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.5CVSS7.1AI score0.99999EPSS
Exploits19References4
RedHat Linux
RedHat Linux
added 2023/10/19 1:15 p.m.46 views

Important: Red Hat Security Advisory: varnish security update

An update for varnish is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS7.1AI score0.99999EPSS
Exploits19References3
RedHat Linux
RedHat Linux
added 2023/10/19 10:38 a.m.53 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS7AI score0.99999EPSS
Exploits19References8
RedHat Linux
RedHat Linux
added 2023/10/19 10:38 a.m.53 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS7AI score0.99999EPSS
Exploits19References7
Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.56 views

Amazon Linux AMI : tomcat8 (ALAS-2023-1868)

The version of tomcat8 installed on the remote host is prior to 8.5.94-1.95. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1868 advisory. Incomplete Cleanup vulnerability in Apache Tomcat. When recycling various internal objects in Apache Tomcat from...

7.5CVSS7.3AI score0.99999EPSS
Exploits21References8
Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.82 views

Amazon Linux AMI : nginx (ALAS-2023-1870)

The version of nginx installed on the remote host is prior to 1.18.0-1.45. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1870 advisory. The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams...

7.5CVSS7.2AI score0.99999EPSS
Exploits19References4
Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.58 views

AlmaLinux 8 : nodejs:16 (ALSA-2023:5850)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5850 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description block...

7.5CVSS7.3AI score0.99999EPSS
Exploits19References2
Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.60 views

AlmaLinux 8 : nodejs:18 (ALSA-2023:5869)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5869 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 A AlmaLinux Security Bulletin which addresse...

7.5CVSS7.3AI score0.99999EPSS
Exploits19References5
Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.47 views

RHEL 8 : grafana (RHSA-2023:5863)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:5863 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: golan...

7.5CVSS7.4AI score0.99999EPSS
Exploits19References8
Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.47 views

RHEL 8 : nodejs:18 (RHSA-2023:5869)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5869 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

7.5CVSS7.3AI score0.99999EPSS
Exploits19References11
Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.56 views

Amazon Linux 2023 : tomcat9, tomcat9-admin-webapps, tomcat9-el-3.0-api (ALAS2023-2023-390)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-390 advisory. The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...

7.5CVSS7.1AI score0.99999EPSS
Exploits19References4
Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.42 views

Ubuntu 23.10 : .NET vulnerability (USN-6427-2)

The remote Ubuntu 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6427-2 advisory. USN-6427-1 fixed a vulnerability in .NET. This update provides the corresponding update for .NET 8. Tenable has extracted the preceding description block directly fro...

7.5CVSS7.2AI score0.99999EPSS
Exploits19References2
OSV
OSV
added 2023/10/19 12:0 a.m.42 views

ALSA-2023:5924 Important: varnish security update

Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rap...

7.5CVSS8.3AI score0.99999EPSS
Exploits19References4
Rows per page
Query Builder