Lucene search
K

87 matches found

Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.19 views

RHEL 5 : gnupg (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signing...

8AI score0.02663EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.16 views

RHEL 6 : rpm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - rpm: Following symlinks to directories when installing packages allows privilege escalation CVE-2017-7500...

8.1AI score0.01706EPSS
Exploits3References10
Tenable Nessus
Tenable Nessus
added 2024/05/09 12:0 a.m.31 views

SUSE SLED15: python3-rpm / python311-rpm / rpm / rpm-32bit / rpm-build / etc (SUSE-SU-2024:1557-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1557-1 advisory. Security fixes: - CVE-2021-3521: Fixed missing subkey binding signature checking bsc1191175 Other fixes: ...

4.7CVSS6.8AI score0.00302EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.25 views

Rocky Linux 8 : rpm (RLSA-2022:0368)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:0368 advisory. - There is a flaw in RPM's signature functionality. OpenPGP subkeys are associated with a primary key via a binding signature. RPM does not check the binding...

4.7CVSS6.4AI score0.00302EPSS
Exploits0References3
NVD
NVD
added 2023/06/26 10:15 p.m.35 views

CVE-2023-34146

An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an attacker must first...

7.8CVSS7.7AI score0.00234EPSS
Exploits0References2
OSV
OSV
added 2023/06/26 10:15 p.m.5 views

CVE-2023-34146

An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an attacker must first...

7.8CVSS7.3AI score0.00234EPSS
Exploits0References2
Prion
Prion
added 2023/06/26 10:15 p.m.17 views

Design/Logic Flaw

An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an attacker must first...

4.3CVSS7.7AI score0.00234EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/06/26 10:15 p.m.21 views

Design/Logic Flaw

An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an attacker must first...

4.3CVSS7.7AI score0.00234EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/06/26 10:15 p.m.21 views

Design/Logic Flaw

An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an attacker must first...

4.3CVSS7.7AI score0.00234EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/06/26 9:58 p.m.27 views

CVE-2023-34148

An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an attacker must first...

8AI score0.00234EPSS
Exploits0References2
CVE
CVE
added 2023/06/26 9:58 p.m.69 views

CVE-2023-34148

Overview. The CVE concerns Trend Micro Apex One and Apex One as a Service security agent, described as an exposed dangerous function vulnerability that could enable a local attacker to escalate privileges and write an arbitrary value to specific agent subkeys. The threat requires the attacker to ...

7.8CVSS7.6AI score0.00234EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/06/26 9:58 p.m.22 views

CVE-2023-34147

An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an attacker must first...

8AI score0.00234EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/06/26 9:58 p.m.13 views

CVE-2023-34147

An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an attacker must first...

6.8AI score0.00234EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/06/26 9:58 p.m.32 views

CVE-2023-34146

An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an attacker must first...

8AI score0.00234EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/06/26 9:58 p.m.10 views

CVE-2023-34146

An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an attacker must first...

6.8AI score0.00234EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/06/13 12:0 a.m.35 views

EulerOS Virtualization 3.0.6.0 : rpm (EulerOS-SA-2023-2230)

According to the versions of the rpm packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - There is a flaw in RPM's signature functionality. OpenPGP subkeys are associated with a primary key via a 'binding signature.' RPM...

4.7CVSS6.4AI score0.00302EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/06/12 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for rpm (EulerOS-SA-2023-2230)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.7CVSS6.2AI score0.00302EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:49 a.m.6 views

SUSE CVE-2021-3521

There is a flaw in RPM's signature functionality. OpenPGP subkeys are associated with a primary key via a "binding signature." RPM does not check the binding signature of subkeys prior to importing them. If an attacker is able to add or socially engineer another party to add a malicious subkey to...

4.4CVSS6.7AI score0.00302EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/02/08 12:0 a.m.36 views

EulerOS 2.0 SP8 : rpm (EulerOS-SA-2023-1335)

According to the versions of the rpm packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a flaw in RPM's signature functionality. OpenPGP subkeys are associated with a primary key via a 'binding signature.' RPM does not check t...

4.7CVSS6.4AI score0.00302EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/12/01 12:0 a.m.32 views

FreeBSD : rpm4 -- Multiple Vulnerabilities (0c52abde-717b-11ed-98ca-40b034429ecf)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 0c52abde-717b-11ed-98ca-40b034429ecf advisory. - There is a flaw in RPM's signature functionality. OpenPGP subkeys are associated with a...

6.7CVSS6.3AI score0.00491EPSS
Exploits2References4
Rows per page
Query Builder