Google Chrome < 124.0.6367.207 Vulnerability

The version of Google Chrome installed on the remote macOS host is prior to 124.0.6367.207. It is, therefore, affected by a vulnerability as referenced in the 202405stable-channel-update-for-desktop13 advisory. - Out of bounds write in V8 in Google Chrome prior to 124.0.6367.207 allowed a remote...

RHEL 7 : mozilla (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Mozilla: Malicious Extension could obtain auth codes from OAuth login flows CVE-2020-6823 - An error occu...

RHEL 8 : nasm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nasm: use-after-free in pastetokens in asm/preproc.c CVE-2019-8343 - NASM nasm-2.13.03 nasm- 2.14rc15...

Fedora 39 : stb (2024-4c8d4cda0d)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-4c8d4cda0d advisory. Security fix for CVE-2023-45681 / CVE-2023-47212 Tenable has extracted the preceding description block directly from the Fedora security advisory...

RHEL 9 : kernel (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - kernel: Linux ebpf logic vulnerability leads to critical memory read and write gaining root privileges...

Fedora 38 : stb (2024-5e5d8c2581)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-5e5d8c2581 advisory. Security fix for CVE-2023-45681 / CVE-2023-47212 Tenable has extracted the preceding description block directly from the Fedora security advisory...

VulnCheck KEV: CVE-2024-4761

Google Chromium V8 Engine contains an unspecified out-of-bounds memory write vulnerability via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera...

Fedora 40 : libwebp (2023-d5faede1d6)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-d5faede1d6 advisory. Automatic update for libwebp-1.3.1-3.fc40. Changelog Wed Sep 13 2023 Boudhayan Bhattacharya - 1.3.1-3 - Add patch for CVE-2023-4863 ref rhbz2238543 Tenable h...

NewStart CGSL CORE 5.04 / MAIN 5.04 : libldb Vulnerability (NS-SA-2024-0010)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libldb packages installed that are affected by a vulnerability: - A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash o...

The vulnerability of the Simcenter Femap simulation application, related to writing beyond the buffer boundaries in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Simcenter Femap simulation application lies in the writing of data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code using a specially created Catia MODEL file...

CVE-2024-20848

Improper Input Validation vulnerability in text parsing implementation of libsdffextractor prior to SMR Apr-2024 Release 1 allows local attackers to write out-of-bounds memory...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices prior to SMR Apr-2024 Release 1, which stems from an out-of-bounds write when freeing memory...

MediaTek 芯片 安全漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company called MediaTek. A security vulnerability exists in the MediaTek chips, which stems from a missing boundary check issue in the da module, which could result in an out-of-bounds write...

PT-2024-2641 · Dji · Dji Matrice 300 +6

Name of the Vulnerable Software and Affected Versions: DJI Mavic 3 Pro versions prior to v01.01.0300 DJI Mavic 3 versions prior to v01.00.1200 DJI Mavic 3 Classic versions prior to v01.00.0500 DJI Mavic 3 Enterprise versions prior to v07.01.10.03 DJI Matrice 300 versions prior to v57.00.01.00 DJI...

CVE-2024-26645

In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracingmap Running the following two commands in parallel on a multi-processor AArch64 machine can sporadically produce an unexpected warning about duplicate histogram...

Huawei EulerOS: Security Advisory for libwebp (EulerOS-SA-2024-1401)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.11.0 : libwebp (EulerOS-SA-2024-1429)

According to the versions of the libwebp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform a...

EulerOS Virtualization 2.11.1 : libwebp (EulerOS-SA-2024-1401)

According to the versions of the libwebp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform ...

kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination

An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system...

RHEL 8 : kpatch-patch (RHSA-2024:1368)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1368 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...