Lucene search
K

170 matches found

Tenable Nessus
Tenable Nessus
added 2023/02/20 12:0 a.m.36 views

RHEL 9 : firefox (RHSA-2023:0809)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0809 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

8.8CVSS7.6AI score0.00737EPSS
Exploits0References24
Tenable Nessus
Tenable Nessus
added 2023/02/20 12:0 a.m.31 views

RHEL 8 : thunderbird (RHSA-2023:0821)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0821 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.8.0. Security Fixes: Mozilla:...

8.8CVSS7.6AI score0.00737EPSS
Exploits0References26
SUSE CVE
SUSE CVE
added 2023/02/17 2:5 a.m.2 views

SUSE CVE-2023-25739

Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...

8.8CVSS6.5AI score0.00682EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2023/02/16 9:31 a.m.25 views

CVE-2023-25739

The Mozilla Foundation Security Advisory describes this flaw as: Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext...

8.8CVSS1.6AI score0.00682EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/02/15 12:0 a.m.30 views

Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2023-045-01)

The version of mozilla-firefox installed on the remote host is prior to 102.8.0esr / 110.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-045-01 advisory. - An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory...

8.8CVSS7.8AI score0.00817EPSS
Exploits1References13
RedHat Linux
RedHat Linux
added 2022/11/15 11:55 a.m.2 views

kernel: scsi: qla2xxx: Fix crash during module load unload test

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash during module load unload test During purex packet handling the driver was incorrectly freeing a pre-allocated structure. Fix this by skipping that entry. System crashed with the following stack during a...

5.5CVSS6.3AI score0.00273EPSS
Exploits0References5
Oracle linux
Oracle linux
added 2022/11/15 12:0 a.m.52 views

Unbreakable Enterprise kernel security update

5.4.17-2136.313.6 - Uninitialized variable imageext in fixupvdsoexception of extable.c Alok Tiwari Orabug: 33000550 - NFSD: fix use-after-free on source server when doing inter-server copy Dai Ngo Orabug: 34475857 - EDAC/mceamd: Do not load edacmceamd module on guests Smita Koralahalli Orabug:...

7CVSS8.2AI score0.002EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2022/11/08 9:32 a.m.4 views

kernel: scsi: qla2xxx: Fix crash during module load unload test

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash during module load unload test During purex packet handling the driver was incorrectly freeing a pre-allocated structure. Fix this by skipping that entry. System crashed with the following stack during a...

5.5CVSS6.3AI score0.00273EPSS
Exploits0References5
OSV
OSV
added 2022/10/14 7:56 a.m.8 views

SUSE-SU-2022:3587-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated. The following security bugs were fixed: - CVE-2022-3303: Fixed a race condition in the sound subsystem due to improper locking bnc1203769. - CVE-2022-41218: Fixed an use-after-free caused by refcount races in drivers/media/dvb-core/dmxdev.c...

7.8CVSS7.1AI score0.01429EPSS
Exploits4References28
Rockylinux
Rockylinux
added 2022/05/17 7:17 a.m.13 views

new packages: perl-Module-Load-Conditional

An update is available for perl-Module-Load-Conditional. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see...

2.2AI score
Exploits0
Rockylinux
Rockylinux
added 2022/05/17 7:17 a.m.13 views

new packages: perl-Module-Load

An update is available for perl-Module-Load. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

2.2AI score
Exploits0
OSV
OSV
added 2022/04/24 9:23 p.m.8 views

GSD-2022-1001555 bpf: Fix UAF due to race between btf_try_get_module and load_module

bpf: Fix UAF due to race between btftrygetmodule and loadmodule This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.19 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/04/24 9:14 p.m.6 views

GSD-2022-1001450 scsi: qla2xxx: Fix crash during module load unload test

scsi: qla2xxx: Fix crash during module load unload test This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.19 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/04/24 8:47 p.m.8 views

GSD-2022-1001128 scsi: qla2xxx: Fix crash during module load unload test

scsi: qla2xxx: Fix crash during module load unload test This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by commit...

7.2AI score
Exploits0
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.21 views

Mageia: Security Advisory (MGASA-2018-0047)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.2AI score0.06207EPSS
Exploits0References6
OSV
OSV
added 2021/07/07 1:15 a.m.6 views

AZL-6570 CVE-2021-35039 affecting package kernel for versions less than 5.10.78.1-1

kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIGMODULESIG, verification that a kernel module is signed, for loading via initmodule, does not occur for a module.sigenforce=1 command-line argument...

7.8CVSS6.6AI score0.00246EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/11/04 12:53 a.m.4 views

kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c

A flaw was found in the Linux kernel’s implementation of dropping sysctl entries. A local attacker who has access to load modules on the system can trigger a condition during module load failure and panic the system...

5.5CVSS6.8AI score0.00477EPSS
Exploits0References4
Rockylinux
Rockylinux
added 2020/11/03 12:31 p.m.16 views

new module: perl:5.30

An update is available for perl-Pod-Perldoc, perl-DBI, perl-Pod-Escapes, perl-Devel-PPPort, perl-Pod-Usage, perl-Sub-Exporter, perl-perlfaq, perl-Object-HashBase, perl-CPAN-Meta-YAML, perl-Digest, perl-podlators, perl-bignum, perl-Text-ParseWords, perl-Text-Template, perl-DBD-MySQL, perl-Text-Glo...

1.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2020/09/29 10:31 p.m.4 views

kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c

A flaw was found in the Linux kernel’s implementation of dropping sysctl entries. A local attacker who has access to load modules on the system can trigger a condition during module load failure and panic the system...

5.5CVSS6.8AI score0.00477EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/09/29 7:0 p.m.3 views

kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c

A flaw was found in the Linux kernel’s implementation of dropping sysctl entries. A local attacker who has access to load modules on the system can trigger a condition during module load failure and panic the system...

5.5CVSS6.8AI score0.00477EPSS
Exploits0References4
Rows per page
Query Builder