Lucene search
+L

294 matches found

OpenVAS
OpenVAS
added 2025/01/13 12:0 a.m.3 views

Debian: Security Advisory (DLA-4010-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/01/10 12:0 a.m.4 views

Mozilla Firefox SEoL (17.x)

According to its version, Mozilla Firefox version install on the remote host has reached end of support. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may conta...

5.6AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/01/10 12:0 a.m.5 views

Mozilla Firefox SEoL (99.x)

According to its version, Mozilla Firefox version install on the remote host has reached end of support. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may conta...

5.6AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/01/10 12:0 a.m.4 views

Mozilla Firefox SEoL (15.x)

According to its version, Mozilla Firefox version install on the remote host has reached end of support. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may conta...

5.6AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/01/10 12:0 a.m.2 views

Mozilla Firefox SEoL (77.x)

According to its version, Mozilla Firefox version install on the remote host has reached end of support. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may conta...

5.6AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/01/10 12:0 a.m.3 views

Mozilla Firefox SEoL (79.x)

According to its version, Mozilla Firefox version install on the remote host has reached end of support. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may conta...

5.6AI score
Exploits0References1
NVD
NVD
added 2024/12/18 8:15 p.m.23 views

CVE-2024-52590

Misskey is an open source, federated social media platform. In affected versions missing validation in ApRequestService.signedGet allows an attacker to create fake user profiles that appear to be from a different instance than the one where they actually exist. These profiles can be used to...

8.8CVSS0.00341EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/13 6:0 p.m.23 views

CVE-2024-55890 D-Tale allows Remote Code Execution through the Custom Filter Input

D-Tale is a visualizer for pandas data structures. Prior to version 3.16.1, users hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the server. Users should upgrade to version 3.16.1 where the update-settings endpoint blocks the ability...

6.9CVSS0.01063EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/12/13 12:0 a.m.8 views

CBL Mariner 2.0 Security Update: kernel (CVE-2024-49896)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49896 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check stream before...

5.5CVSS6.2AI score0.00263EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2024/12/05 10:45 p.m.15 views

CVE-2024-52798

path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. The regular expression that is vulnerable to backtracking can be generated in the 0.1.x release of path-to-regexp. Upgra...

8.7CVSS6.5AI score0.00792EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/12/03 12:0 a.m.17 views

Google Chrome < 131.0.6778.108 Vulnerability

The version of Google Chrome installed on the remote macOS host is prior to 131.0.6778.108. It is, therefore, affected by a vulnerability as referenced in the 202412stable-channel-update-for-desktop advisory. - Type Confusion in V8 in Google Chrome prior to 131.0.6778.108 allowed a remote attacke...

8.8CVSS8.6AI score0.00862EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/11/13 12:0 a.m.15 views

Mozilla Thunderbird < 128.4.3

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 128.4.3. It is, therefore, affected by a vulnerability as referenced in the mfsa2024-61 advisory. - Using remote content in OpenPGP encrypted messages can lead to the disclosure of plaintext. CVE-2024-11159 Note...

5.3CVSS6.9AI score0.003EPSS
Exploits0References2
Kaspersky
Kaspersky
added 2024/08/06 12:0 a.m.22 views

KLA71412 OSI vulnerability in Microsoft Office

Information disclosure vulnerability was found in Microsoft Office. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2024-38206 CVE list CVE-2024-38206 critical Solution Install necessary updates from the KB section, that are listed in your...

8.5CVSS6.3AI score0.12341EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/07/23 12:0 a.m.65 views

Amazon Linux 2 : httpd (ALAS-2024-2594)

The version of httpd installed on the remote host is prior to 2.4.61-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2594 advisory. Encoding problem in modproxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sen...

9.8CVSS8.1AI score0.99957EPSS
Exploits2References16
Amazon
Amazon
added 2024/07/22 12:0 a.m.26 views

Medium: php8.1

Issue Overview: The opensslprivatedecrypt function in PHP, when using PKCS1 padding OPENSSLPKCS1PADDING, which is the default, is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that includes the changes from this pull request: https://github.com/openssl/openssl/pull/138...

5.9CVSS7.3AI score0.12117EPSS
Exploits2
Citrix
Citrix
added 2024/07/13 12:0 a.m.7 views

Session Appears Down in XenApp Farm and Csrss.exe Process Remains Active in Session

Session appears in astate in the XenApp farm. Csrss.exe process remains active in the session. This generally means that the session had problems on logoff and remains hung until it is manually terminated or the server is restarted. Additionally, if the server has sessions in this state and is...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.8 views

SUSE Enterprise Linux SEoL (10.3.x)

According to its version, SUSE Enterprise Linux is 10.3.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 809...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.8 views

openSUSE SEoL (15.2.x)

According to its version, openSUSE is 15.2.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 C Tenable,...

5.5AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/06/09 12:0 a.m.8 views

PT-2024-11988 · Mainwp · Mainwp Mainwp Updraftplus Extension

Name of the Vulnerable Software and Affected Versions: MainWP MainWP UpdraftPlus Extension versions 4.0.6 and earlier Description: The issue is related to a Missing Authorization vulnerability. There is no information provided about the estimated number of potentially affected devices worldwide o...

8.8CVSS6.9AI score0.00293EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/05/31 8:44 p.m.17 views

CVE-2024-34008 moodle: CSRF risk in analytics management of models

Actions in the admin management of analytics models did not include the necessary token to prevent a CSRF risk...

6.7AI score0.00318EPSS
Exploits0References1
Rows per page
Query Builder