Lucene search
K

4433 matches found

Tenable Nessus
Tenable Nessus
added 2023/05/15 12:0 a.m.28 views

Oracle Linux 9 : conmon (ELSA-2023-2222)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-2222 advisory. 2:2.1.7-1 - update to https://github.com/containers/conmon/releases/tag/v2.1.7 - Resolves: 2173697 2:2.1.6-1 - update to...

5.3CVSS7AI score0.05623EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/05/15 12:0 a.m.39 views

Oracle Linux 9 : buildah (ELSA-2023-2253)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-2253 advisory. - fix CVE-2022-2990 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

7.1CVSS7.3AI score0.05623EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2023/05/15 12:0 a.m.33 views

Oracle Linux 9 : skopeo (ELSA-2023-2283)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-2283 advisory. 2:1.11.2-0.1 - update to the latest content of https://github.com/containers/skopeo/tree/release-1.11 https://github.com/containers/skopeo/commit/3f987...

5.3CVSS7.3AI score0.05623EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/05/15 12:0 a.m.43 views

Oracle Linux 9 : containernetworking-plugins (ELSA-2023-2367)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-2367 advisory. 1:1.2.0-1 - update to https://github.com/containernetworking/plugins/releases/tag/v1.2.0 - Related: 2124478 Tenable has extracted the preceding...

5.3CVSS7.3AI score0.05623EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/05/15 12:0 a.m.37 views

Oracle Linux 9 : Image / Builder (ELSA-2023-2204)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-2204 advisory. cockpit-composer 45-1.0.1 - Make per page documentation links point to Oracle Linux Orabug: 32013095, Orabug:34398922 45-1 - New upstream release 44-1 ...

7.5CVSS7.3AI score0.05623EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2023/05/15 12:0 a.m.33 views

Oracle Linux 9 : podman (ELSA-2023-2282)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-2282 advisory. - rebuild to fix CVE-2022-30629 - rebuilt with golang = 1.17.5 CVE-2021-44716, CVE-2021-44717 Tenable has extracted the preceding description block...

7.5CVSS7.3AI score0.05623EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/05/14 12:0 a.m.30 views

AlmaLinux 9 : skopeo (ALSA-2023:2283)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2283 advisory. - Non-random values for ticketageadd in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to...

5.3CVSS7.3AI score0.05623EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/05/14 12:0 a.m.34 views

AlmaLinux 9 : buildah (ALSA-2023:2253)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2253 advisory. - Non-random values for ticketageadd in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to...

5.3CVSS7.3AI score0.05623EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/05/14 12:0 a.m.35 views

AlmaLinux 9 : toolbox (ALSA-2023:2236)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2236 advisory. - In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing i...

7.5CVSS7.1AI score0.05623EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/05/14 12:0 a.m.48 views

AlmaLinux 9 : podman (ALSA-2023:2282)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2282 advisory. - Non-random values for ticketageadd in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to...

5.3CVSS7.3AI score0.05623EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/05/14 12:0 a.m.19 views

AlmaLinux 9 : conmon (ALSA-2023:2222)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:2222 advisory. - An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the...

5.3CVSS7AI score0.05623EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/05/14 12:0 a.m.38 views

AlmaLinux 9 : grafana (ALSA-2023:2167)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:2167 advisory. - In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing i...

7.5CVSS7AI score0.02513EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2023/05/14 12:0 a.m.44 views

AlmaLinux 9 : containernetworking-plugins (ALSA-2023:2367)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:2367 advisory. - Non-random values for ticketageadd in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to...

5.3CVSS7.3AI score0.05623EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/05/13 12:0 a.m.69 views

EulerOS 2.0 SP9 : golang (EulerOS-SA-2023-1869)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a...

7.5CVSS6.9AI score0.04561EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/05/13 12:0 a.m.36 views

EulerOS 2.0 SP9 : golang (EulerOS-SA-2023-1844)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a...

7.5CVSS6.9AI score0.04561EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/05/12 12:0 a.m.36 views

SUSE SLES12 Security Update : SUSE Manager Client Tools (SUSE-SU-2023:2183-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2183-1 advisory. golang-github-prometheus-alertmanager: - Security issues fixed: CVE-2022-46146: Fix authentication bypass via cache poisoning...

8.8CVSS7AI score0.03931EPSS
Exploits1References21
RedHat Linux
RedHat Linux
added 2023/05/09 10:10 a.m.38 views

Moderate: Red Hat Security Advisory: conmon security and bug fix update

An update for conmon is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

5.3CVSS6.7AI score0.05623EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/05/09 9:52 a.m.3 views

golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests

A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache...

5.3CVSS6.6AI score0.05623EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2023/05/09 9:51 a.m.2 views

golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding

A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests...

7.5CVSS6.6AI score0.04561EPSS
Exploits0References11
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.61 views

Moderate: git-lfs security and bug fix update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: golang: net/http: improper sanitization of Transfer-Encoding header CVE-2022-1705 golang:...

7.5CVSS7.2AI score0.05623EPSS
Exploits4References22
Rows per page
Query Builder