131 matches found
ROOT-OS-DEBIAN-11-CVE-2024-36914 CVE-2024-36914 in rootio-linux - Patched by Root
Root has patched CVE-2024-36914 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
Apache ActiveMQ 6.x < 6.1.2 - Broken Access Control
Apache ActiveMQ 6.x contains an unauthenticated API web context caused by default configuration lacking security measures in the Jetty server, letting anyone interact with broker APIs and messaging layers, exploit requires no authentication. id: CVE-2024-32114 info: name: Apache ActiveMQ 6.x 6.1....
WordPress Custom 404 Pro <= 3.11.1 - Reflected XSS
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Kunal Nagar Custom 404 Pro allows Reflected XSS.This issue affects Custom 404 Pro: from n/a through 3.11.1. id: CVE-2024-39646 info: name: WordPress Custom 404 Pro = 3.11.1 - Reflected XSS...
RHCOS 4 : OpenShift Container Platform 4.13.46 (RHSA-2024:4848)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4848 advisory. - gorilla/schema: Potential memory exhaustion attack due to sparse slice deserialization CVE-2024-37298 Note that Nessus has not tested for...
RHCOS 4 : OpenShift Container Platform 4.14.23 (RHSA-2024:2054)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2054 advisory. - kubernetes: kube-apiserver: bypassing mountable secrets policy imposed by the ServiceAccount admission plugin CVE-2024-3177 -...
RHCOS 4 : OpenShift Container Platform 4.13.40 (RHSA-2024:1763)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1763 advisory. - golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 Note that Nessus has not tested for this iss...
app.valuationcontrol:webservice (>=0.5.0 <=0.5.1), ba.sake:deder-publish-example_3 (=0.0.1) +1362 more potentially affected by CVE-2024-4027 via io.undertow:undertow-core (>=2.3.0.Alpha1 <=2.3.20.Final)
io.undertow:undertow-core MAVEN version =2.3.0.Alpha1, =0.5.0, =0.10.0, =0.0.7, =1.1.15, =1.0.6, =1.0.6, =1.0.6, =2.0.1, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =2.1.1 and more Source cves: CVE-2024-4027 Source advisory: SNYK:JAVA-IOUNDERTOW-15166617...
Azure Linux 3.0 Security Update: javapackages-bootstrap (CVE-2024-25710)
The version of javapackages-bootstrap installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-25710 advisory. - Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Apache Commons...
Azure Linux 3.0 Security Update: kernel (CVE-2024-42243)
"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42243 advisory. - In the Linux kernel, the following vulnerability has been resolved: mm/filemap: make MAXPAGECACHEORDER...
Azure Linux 3.0 Security Update: python3 / tensorflow (CVE-2024-8088)
The version of python3 / tensorflow installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-8088 advisory. - There is a HIGH severity vulnerability affecting the CPython zipfile module affecting...
Azure Linux 3.0 Security Update: kernel (CVE-2024-49986)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49986 advisory. - In the Linux kernel, the following vulnerability has been resolved: platform/x86: x86-android-tablets: Fix u...
Azure Linux 3.0 Security Update: kernel (CVE-2024-39494)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-39494 advisory. - In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's...
Azure Linux 3.0 Security Update: kernel (CVE-2024-43891)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-43891 advisory. - In the Linux kernel, the following vulnerability has been resolved: tracing: Have format file honor...
Azure Linux 3.0 Security Update: kernel (CVE-2024-47751)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47751 advisory. - In the Linux kernel, the following vulnerability has been resolved: PCI: kirin: Fix buffer overflow in...
MiracleLinux 8 : python3.11-3.11.7-1.el8.ML.1 (AXSA:2024-8274:09)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8274:09 advisory. python: Parsing errors in email/parseaddr.py lead to incorrect value in email address part of tuple CVE-2023-27043 Tenable has extracted the preceding...
MiracleLinux 9 : pcp-6.2.0-2.el9 (AXSA:2024-8062:02)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8062:02 advisory. pcp: exposure of the redis server backend allows remote command execution via pmproxy CVE-2024-3019 Tenable has extracted the preceding description...
MiracleLinux 8 : python-dns-1.15.0-12.el8 (AXSA:2024-8211:01)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8211:01 advisory. dnspython: denial of service in stub resolver CVE-2023-29483 Tenable has extracted the preceding description block directly from the MiracleLinux security...
MiracleLinux 9 : containernetworking-plugins-1.4.0-2.el9 (AXSA:2024-7953:01)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7953:01 advisory. golang: net/http/internal: Denial of Service DoS via Resource Consumption via HTTP requests CVE-2023-39326 golang: crypto/tls: Timing Side Channel...
MiracleLinux 8 : NetworkManager-libreswan-1.2.10-7.el8_10 (AXSA:2024-8943:06)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8943:06 advisory. NetworkManager-libreswan: Local privilege escalation via leftupdown CVE-2024-9050 Tenable has extracted the preceding description block directly from the...
MiracleLinux 9 : mingw-glib2-2.78.6-1.el9 (AXSA:2024-9231:02)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9231:02 advisory. glib2: Signal subscription vulnerabilities CVE-2024-34397 Tenable has extracted the preceding description block directly from the MiracleLinux security...