Lucene search
K

4433 matches found

RedHat Linux
RedHat Linux
added 2023/10/18 10:54 p.m.73 views

Moderate: Red Hat Security Advisory: grafana security update

An update for grafana is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS7AI score0.99999EPSS
Exploits19References4
RedHat Linux
RedHat Linux
added 2023/10/18 4:26 p.m.97 views

Important: Red Hat Security Advisory: nodejs:18 security update

An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS7.1AI score0.99999EPSS
Exploits19References6
RedHat Linux
RedHat Linux
added 2023/10/18 4:23 p.m.50 views

Important: Red Hat Security Advisory: RHACS 4.1 enhancement and security update

Updated images are now available for Red Hat Advanced Cluster Security RHACS. The updated image includes new features and bug fixes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detail...

7.5CVSS7AI score0.99999EPSS
Exploits19References5
RedHat Linux
RedHat Linux
added 2023/10/18 10:24 a.m.102 views

Important: Red Hat Security Advisory: httpd24-nghttp2 security update

Updated 20 October 2023 We have rectified an erroneous typographical error in this erratum documentation. The documentation present in this erratum has incorrect package name mentioned that was misleading. No changes have been made to the package. An update for httpd24-nghttp2 is now available fo...

7.5CVSS7.1AI score0.99999EPSS
Exploits19References3
RedHat Linux
RedHat Linux
added 2023/10/18 10:22 a.m.50 views

Important: Red Hat Security Advisory: rh-nodejs14 security update

An update for rh-nodejs14-nodejs is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS7AI score0.99999EPSS
Exploits19References3
RedHat Linux
RedHat Linux
added 2023/10/18 10:16 a.m.434 views

Important: Red Hat Security Advisory: nghttp2 security update

An update for nghttp2 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS7.1AI score0.99999EPSS
Exploits19References3
RedHat Linux
RedHat Linux
added 2023/10/18 10:13 a.m.79 views

Important: Red Hat Security Advisory: nghttp2 security update

An update for nghttp2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.5CVSS7.1AI score0.99999EPSS
Exploits19References3
Tenable Nessus
Tenable Nessus
added 2023/10/18 12:0 a.m.54 views

Oracle Linux 8 : go-toolset:ol8 (ELSA-2023-5721)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-5721 advisory. - Rebase to Go 1.19.13 CVE-2023-39325 CVE-2023-44487 go-toolset Tenable has extracted the preceding description block directly from the Oracle Linux...

7.5CVSS7.4AI score0.99999EPSS
Exploits19References3
Tenable Nessus
Tenable Nessus
added 2023/10/18 12:0 a.m.51 views

FreeBSD : jenkins -- HTTP/2 denial of service vulnerability in bundled Jetty (1ee26d45-6ddb-11ee-9898-00e081b7aa2d)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 1ee26d45-6ddb-11ee-9898-00e081b7aa2d advisory. - Eclipse Jetty provides a web server and servlet container. In versions 11.0.0 through 11.0.1...

7.5CVSS7.4AI score0.99999EPSS
Exploits20References4
Tenable Nessus
Tenable Nessus
added 2023/10/18 12:0 a.m.48 views

RHEL 9 : nodejs:18 (RHSA-2023:5849)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5849 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

7.5CVSS7.5AI score0.99999EPSS
Exploits19References11
Tenable Nessus
Tenable Nessus
added 2023/10/18 12:0 a.m.74 views

Amazon Linux 2 : nginx (ALASNGINX1-2023-006)

The version of nginx installed on the remote host is prior to 1.22.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NGINX1-2023-006 advisory. The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams...

7.5CVSS7.2AI score0.99999EPSS
Exploits19References4
Tenable Nessus
Tenable Nessus
added 2023/10/18 12:0 a.m.45 views

RHEL 7 : rhc-worker-script (RHSA-2023:5835)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:5835 advisory. The rhc-worker-script packages provide Remote Host Configuration rhc worker for executing an interpreted programming language script on host...

7.5CVSS7.5AI score0.99999EPSS
Exploits19References7
Tenable Nessus
Tenable Nessus
added 2023/10/18 12:0 a.m.45 views

Oracle Linux 9 : .NET / 7.0 (ELSA-2023-5749)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-5749 advisory. 7.0.112-1.0.1 - Update to .NET SDK 7.0.112 and Runtime 7.0.12 - Resolves: RHEL-11698 Tenable has extracted the preceding description block directly from the...

7.5CVSS7.3AI score0.99999EPSS
Exploits19References2
Tenable Nessus
Tenable Nessus
added 2023/10/18 12:0 a.m.123 views

Jenkins LTS < 2.414.3 / Jenkins weekly < 2.428 Multiple Vulnerabilities

According to its its self-reported version number, the version of Jenkins running on the remote web server is Jenkins LTS prior to 2.414.3 or Jenkins weekly prior to 2.428. It is, therefore, affected by multiple vulnerabilities: - Eclipse Jetty provides a web server and servlet container. In...

7.5CVSS7.5AI score0.99999EPSS
Exploits20References3
AlmaLinux
AlmaLinux
added 2023/10/18 12:0 a.m.56 views

Important: nghttp2 security update

libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 HTTP/2 protocol in C. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 For more details about the security issues, including the impact, a CV...

7.5CVSS7.5AI score0.99999EPSS
Exploits19References4
AlmaLinux
AlmaLinux
added 2023/10/18 12:0 a.m.94 views

Moderate: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: golang: net/http, x/net/http2: rapid stream resets can cause excessive work CVE-2023-39325 HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS...

7.5CVSS7.5AI score0.99999EPSS
Exploits19References6
AlmaLinux
AlmaLinux
added 2023/10/18 12:0 a.m.65 views

Important: nodejs:18 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 nodejs: integrity checks according t...

7.5CVSS7.9AI score0.99999EPSS
Exploits19References10
OSV
OSV
added 2023/10/18 12:0 a.m.35 views

ALSA-2023:5838 Important: nghttp2 security update

libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 HTTP/2 protocol in C. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 For more details about the security issues, including the impact, a CV...

7.5CVSS8.3AI score0.99999EPSS
Exploits19References4
Tenable Nessus
Tenable Nessus
added 2023/10/18 12:0 a.m.39 views

Oracle Linux 9 : dotnet6.0 (ELSA-2023-5708)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-5708 advisory. 6.0.123-1.0.1 - Update to .NET SDK 6.0.123 and Runtime 6.0.23 - Resolves: RHEL-11696 Tenable has extracted the preceding description block directly from the...

7.5CVSS7.3AI score0.99999EPSS
Exploits19References2
AlmaLinux
AlmaLinux
added 2023/10/18 12:0 a.m.46 views

Important: nghttp2 security update

nghttp2 contains the Hypertext Transfer Protocol version 2 HTTP/2 client, server, and proxy programs as well as a library implementing the HTTP/2 protocol in C. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 For more...

7.5CVSS7.5AI score0.99999EPSS
Exploits19References4
Rows per page
Query Builder