Lucene search
K

163 matches found

cbl_mariner
cbl_mariner
added 2025/07/10 3:9 p.m.7 views

CVE-2025-37818 affecting package kernel for versions less than 6.6.92.2-1

CVE-2025-37818 affecting package kernel for versions less than 6.6.92.2-1. An upgraded version of the package is available that resolves this issue...

5.5CVSS7.2AI score0.00155EPSS
Exploits0
nessus
nessus
added 2025/06/30 12:0 a.m.4 views

EulerOS 2.0 SP13 : golang (EulerOS-SA-2025-1687)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate...

6.1CVSS6.5AI score0.00647EPSS
Exploits0References3
nessus
nessus
added 2025/06/26 12:0 a.m.4 views

Oracle Linux 9 : weldr-client (ELSA-2025-9635)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-9635 advisory. 35.12-4 - Bump release for y-stream AND z-stream building using centpkg build --rhel-target=zstream Related: RHEL-89344 35.12-3 - tests: OSTree does not support...

9.1CVSS7.1AI score0.00778EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/05/22 4:42 a.m.8 views

CVE-2019-17050

An issue was discovered in the Voyager package through 1.2.7 for Laravel. An attacker with admin privileges and Compass access can read or delete arbitrary files, such as the .env file. NOTE: a software maintainer has suggested a solution in which Compass is switched off in a production environme...

7.2CVSS6.9AI score0.01253EPSS
Exploits0References1
nessus
nessus
added 2025/05/14 12:0 a.m.9 views

Alibaba Cloud Linux 3 : 0103: python-pip (ALINUX3-SA-2022:0103)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0103 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2018-18074: The Requests package befor...

7.5CVSS7.1AI score0.07443EPSS
Exploits4References3
nessus
nessus
added 2025/05/10 12:0 a.m.9 views

Fedora 40 : perl-Compress-Raw-Lzma / xz (2025-4871b31998)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-4871b31998 advisory. xz 5.8.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this issue but...

8.7CVSS6.7AI score0.00647EPSS
Exploits0References2
rocky
rocky
added 2025/05/07 7:13 p.m.4 views

20 module bug fix and enhancement update

An update is available for module.nodejs-nodemon, nodejs-packaging, module.nodejs-packaging, nodejs-nodemon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list...

7AI score
Exploits0
nessus
nessus
added 2025/05/07 12:0 a.m.9 views

RockyLinux 8 : tuned (RLSA-2024:11161)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:11161 advisory. tuned: improper sanitization of instancename parameter of the instancecreate method CVE-2024-52337 Tenable has extracted the preceding description block directly...

5.5CVSS6.5AI score0.00298EPSS
Exploits0References3
openvas
openvas
added 2025/04/07 12:0 a.m.6 views

SUSE: Security Advisory (SUSE-SU-2025:1135-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References4
openvas
openvas
added 2025/04/04 12:0 a.m.7 views

SUSE: Security Advisory (SUSE-SU-2025:1101-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References4
ossf
ossf
added 2025/03/28 12:40 p.m.3 views

Malicious code in bifinance-main (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
osv
osv
added 2025/03/21 10:15 p.m.8 views

AZL-59186 CVE-2025-30204 affecting package nmi 1.8.17-6

golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits via a call to strings.Split its argument which is untrusted data on periods. As a result, in the face of a malicious request whose...

7.5CVSS6.7AI score0.00693EPSS
Exploits0References1
nessus
nessus
added 2025/03/06 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2024-49960

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: fix timer use-after-free on failed mount Syzbot has found an ODEBUG bug in ext4fillsuper The deltimersync function cancels the serrreport timer, which...

7.8CVSS6.8AI score0.00277EPSS
Exploits0References3
nessus
nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2022-49698

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netfilter: use getrandomu32 instead of prandom bh might occur while updating per-cpu rndstat...

7.8CVSS6.1AI score0.0029EPSS
Exploits0References3
nessus
nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2021-3521

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a flaw in RPM's signature functionality. OpenPGP subkeys are associated with a primary key via a binding signature. RPM does not check the binding...

4.7CVSS6.6AI score0.00302EPSS
Exploits0References3
nessus
nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2023-37174

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the dumpisomscene function at /mp4box/filedump.c. CVE-2023-37174 No...

5.5CVSS5.6AI score0.00306EPSS
Exploits1References3
nessus
nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2023-46930

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box in gfisomfindodidfortrack /afltest/gpac/src/isomedia/mediaodf.c:522:14. CVE-2023-46930 Note...

5.5CVSS5.6AI score0.00206EPSS
Exploits0References3
nessus
nessus
added 2025/03/05 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2022-24713

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caus...

7.5CVSS7.9AI score0.1446EPSS
Exploits1References2
nessus
nessus
added 2025/03/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-52795

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: vhost-vdpa: fix use after free in vhostvdpaprobe The putdevice calls vhostvdpareleasedev whi...

7.8CVSS5.6AI score0.00241EPSS
Exploits0References3
nessus
nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2024-45006

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration re-enumerating...

5.5CVSS6.1AI score0.00251EPSS
Exploits0References3
Rows per page
Query Builder