Lucene search
K

10065 matches found

Positive Technologies
Positive Technologies
added 2025/08/27 12:0 a.m.6 views

PT-2025-44139

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the tty subsystem, specifically in the n gsm component. The issue arises from the potential to block the input queue while waiting for a Modem...

6CVSS5.9AI score0.00183EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2019-9764

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Consul 1.4.3 lacks server hostname verification for agent-to-agent TLS communication. In other words, the product behaves as if verifyserverhostname...

7.4CVSS7.2AI score0.00605EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-11873

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wolfSSL 4.0.0 has a Buffer Overflow in DoPreSharedKeys in tls13.c when a current identity size is greater than a client identity size. An attacker sends a craft...

9.8CVSS9AI score0.08777EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2022-25638

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In wolfSSL before 5.2.0, certificate validation may be bypassed during attempted authentication by a TLS 1.3 client to a TLS 1.3 server. This occurs when the...

6.5CVSS6.5AI score0.00618EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-12219

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is an invalid...

8.8CVSS7.6AI score0.02001EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-30004

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In wpasupplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c. CVE-2021-3000...

5.3CVSS6.1AI score0.01669EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/08/26 11:26 p.m.3 views

SUSE CVE-2024-58239

In the Linux kernel, the following vulnerability has been resolved: tls: stop recv if initial processrxlist gave us non-DATA If we have a non-DATA record on the rxlist and another record of the same type still on the queue, we will end up merging them: - processrxlist copies the non-DATA record -...

7CVSS6.5AI score0.00175EPSS
Exploits2References35
OSV
OSV
added 2025/08/26 9:47 p.m.8 views

USN-7719-1 linux-raspi-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...

7.8CVSS6.5AI score0.13626EPSS
Exploits1References73
RedHat Linux
RedHat Linux
added 2025/08/26 3:51 p.m.4 views

Important: Red Hat Security Advisory: Insights proxy Container Image

Initial GA Release of Red Hat Insights proxy The Insights proxy Container is used by the Insights proxy product RPM and serves as an intermediary between cystomer systems in disconnected networks, air-gapped systems or systems with no outside connections and Insights. The Insights proxy routes al...

7.8CVSS6.7AI score0.00527EPSS
Exploits4References4
RedHat Linux
RedHat Linux
added 2025/08/26 10:28 a.m.4 views

kernel: tls: always refresh the queue when reading sock

In the Linux kernel, the following vulnerability has been resolved: tls: always refresh the queue when reading sock After recent changes in net-next TCP compacts skbs much more aggressively. This unearthed a bug in TLS where we may try to operate on an old skb when checking if all skbs in the que...

7.8CVSS6.8AI score0.00152EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/08/26 12:0 a.m.5 views

PT-2025-34800 · Ipfire · Ipfire

Name of the Vulnerable Software and Affected Versions: IPFire version 2.29 Description: The DNS management interface dns.cgi in IPFire fails to properly sanitize user-supplied input in the NAMESERVER, REMARK, and TLS HOSTNAME query parameters. This results in a reflected cross-site scripting XSS...

6.1CVSS6.1AI score0.00213EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.3 views

Fedora 41 : python3-docs / python3.13 (2025-62fe746ed0)

The remote Fedora 41 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-62fe746ed0 advisory. Python 3.13.7 is the seventh maintenance release of 3.13. 3.13.7 is an expedited release to fix a significant issue with the 3.13.6 release: - gh-137583:...

7.5CVSS7AI score0.00611EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-27782

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps...

7.5CVSS6.5AI score0.02596EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-12872

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - yawsconfig.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ciphers, as demonstrated by ones that allow Sweet32 attacks, if running on an Erlang/OTP...

5.5CVSS6.5AI score0.00393EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2025/08/25 12:18 p.m.7 views

kernel: tls: always refresh the queue when reading sock

In the Linux kernel, the following vulnerability has been resolved: tls: always refresh the queue when reading sock After recent changes in net-next TCP compacts skbs much more aggressively. This unearthed a bug in TLS where we may try to operate on an old skb when checking if all skbs in the que...

7.8CVSS6.8AI score0.00152EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.4 views

Ubuntu 22.04 LTS : Linux kernel (Azure FIPS) vulnerabilities (USN-7712-1)

"The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7712-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws i...

9.8CVSS6.3AI score0.01483EPSS
Exploits3References171
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2016-10937

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - IMAPFilter through 2.6.12 does not validate the hostname in an SSL certificate. CVE-2016-10937 Note that Nessus relies on the presence of the package as reporte...

7.5CVSS7.3AI score0.00946EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2017-9872

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The IIIdequantizesample function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial ...

7.8CVSS7.9AI score0.0979EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-15522

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in LINBIT csync2 through 2.0. csyncdaemonsession in daemon.c neglects to force a failure of a hello command when the configuration...

9.8CVSS6.8AI score0.01854EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-12221

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is a SEGV in t...

6.5CVSS6.3AI score0.01969EPSS
Exploits1References2
Rows per page
Query Builder