Lucene search
+L

2099 matches found

nessus
nessus
added 2025/08/12 12:0 a.m.3 views

Jenkins ssh-agent Docker Image < 6.11.2 SSH Host Key Reuse

According to their self-reported version numbers, the jenkins/ssh-agent docker containers running on the remote web server are affected by an SSH host key reuse vulnerability. In jenkins/ssh-agent Docker images 6.11.1 and earlier, SSH host keys are generated on image creation for images based on...

9.1CVSS5.5AI score0.00466EPSS
Exploits0References2
nessus
nessus
added 2025/08/12 12:0 a.m.7 views

Security Updates for Microsoft Exchange Server (August 2025)

The Microsoft Exchange Server installed on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities as referenced in the August, 2025 security bulletin. - Exposure of sensitive information to an unauthorized actor in Microsoft Exchange Server allows an...

7.5CVSS5.9AI score0.01315EPSS
Exploits0References8
nessus
nessus
added 2025/08/12 12:0 a.m.11 views

KB5063880: Windows Server 2022 / Azure Stack HCI 22H2 Security Update (August 2025)

The remote Windows host is missing security update 5063880 or hot patch 5063812. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network. CVE-2025-53766 - Missing synchronization in Windows...

9.8CVSS9.3AI score0.38176EPSS
Exploits5References57
nessus
nessus
added 2025/08/12 12:0 a.m.6 views

Adobe FrameMaker 2020 < 16.0.9 (2020.0.9) / Adobe FrameMaker 2022 < 17.0.7 (2022.0.7) Multiple Vulnerabilities (APSB25-83)

The version of Adobe FrameMaker installed on the remote Windows host is prior to Adobe FrameMaker 2020 16.0.9 / Adobe FrameMaker 2022 17.0.7. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb25-83 advisory. - Use After Free CWE-416 potentially leading to Arbitrary...

7.8CVSS6.2AI score0.0023EPSS
Exploits0References6
nessus
nessus
added 2025/08/12 12:0 a.m.7 views

Jenkins ssh-slave Docker Image SSH Host Key Reuse

According to their self-reported version numbers, the jenkins/ssh-slave docker containers running on the remote web server are affected by an SSH host key reuse vulnerability. In jenkins/ssh-slave Docker images, SSH host keys are generated on image creation for images based on Debian, causing all...

9.1CVSS5.5AI score0.00466EPSS
Exploits0References2
nessus
nessus
added 2025/08/12 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2022-50186

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ath11k: fix missing skb drop on htctxcompletion error On htctxcompletion error the skb is no...

5.5CVSS5.7AI score0.00205EPSS
Exploits0References3
nessus
nessus
added 2025/08/11 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2022-50187

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ath11k: fix netdev open race Make sure to allocate resources needed before registering the...

4.7CVSS6AI score0.00135EPSS
Exploits0References3
nessus
nessus
added 2025/08/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-52769

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix htt mlo-offset event locking The ath12k active pdevs are protected by RCU...

7.8CVSS5.8AI score0.00238EPSS
Exploits0References2
nessus
nessus
added 2025/08/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-48958

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ethernet: aeroflex: fix potential skb leak in grethinitrings The grethinitrings function won't free the newly allocated skb when dmamappingerror returns error, ...

5.5CVSS6.7AI score0.00234EPSS
Exploits0References2
nessus
nessus
added 2025/08/09 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-38572

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix out-of-bound access of qmiinvokehandler Currently, there is no terminator...

7.1CVSS5.6AI score0.00233EPSS
Exploits0References2
nessus
nessus
added 2025/08/09 12:0 a.m.5 views

Fedora 42 : incus (2025-2edb6773ed)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-2edb6773ed advisory. New release of Incus. Release information: https://github.com/lxc/incus/releases/tag/v6.15.0 Tenable has extracted the preceding description block...

8.1CVSS5.5AI score0.00202EPSS
Exploits0References3
nessus
nessus
added 2025/08/09 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-23129

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: ath11k: Clear affinity hint before calling ath11kpcicfreeirq in error path If a shared IRQ is used by the driver due to platform limitation, then the IRQ...

5.5CVSS6.2AI score0.00163EPSS
Exploits0References4
nessus
nessus
added 2025/08/09 12:0 a.m.4 views

Fedora 41 : incus (2025-83aa12829d)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-83aa12829d advisory. New release of Incus. Release information: https://github.com/lxc/incus/releases/tag/v6.15.0 Tenable has extracted the preceding description block...

8.1CVSS5.5AI score0.00202EPSS
Exploits0References3
nessus
nessus
added 2025/08/08 12:0 a.m.3 views

Oracle Linux 10 : libxml2 (ELSA-2025-13429)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-13429 advisory. - Fix CVE-2025-32415 RHEL-100174 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

7.5CVSS6.5AI score0.00559EPSS
Exploits2References3
nessus
nessus
added 2025/08/08 12:0 a.m.5 views

BeyondTrust Privilege Management for Windows < 25.4.270.0 Multiple Vulnerabilities (BT25-05) (BTS25-06)

The version of BeyondTrust Privilege Management for Windows installed on the remote host is prior to 25.4.270.0. It is, therefore, affected by multiple vulnerabilities as referenced in the BT25-05 and BT25-06 advisories: - Prior to version 25.4.270.0, a local authenticated attacker can manipulate...

7.8CVSS6AI score0.00158EPSS
Exploits0References4
nessus
nessus
added 2025/08/07 12:0 a.m.8 views

Fedora 42 : yarnpkg (2025-cf39a93e95)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-cf39a93e95 advisory. Apply fixes for CVE-2025-8262 and CVE-2025-7783. Tenable has extracted the preceding description block directly from the Fedora security advisory...

9.4CVSS6.1AI score0.01735EPSS
Exploits2References3
packetstorm
packetstorm
added 2025/06/30 12:0 a.m.100 views

📄 Hecate PC Remote Control 1.6.1.0 Remote Code Execution

Hecate PC Remote Control version 1.6.1.0 listens on UDP port 48436 and accepts unauthenticated JSON commands for keyboard and mouse input. This lack of authentication allows a remote attacker to simulate user interaction, open system dialogs, and execute arbitrary commands. Exploit Title: Hecate ...

8.7AI score
Exploits0
astralinux
astralinux
added 2025/06/16 11:28 a.m.6 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Forcing the SMM mode to remain active during SHUTDOWN interception Previously, the commit ed129ec9057f “KVM: x86: forcing the nested mode to remain active during vCPU reset” addressed an issue where a triple fault...

7.8CVSS6.2AI score0.00153EPSS
Exploits0References3
nessus
nessus
added 2025/06/04 12:0 a.m.10 views

Oracle Linux 9 : nodejs:22 (ELSA-2025-8467)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8467 advisory. nodejs 1:22.16.0-1 - Update to 22.16.0 Resolves: RHEL-89600 RHEL-92872 RHEL-92420 Tenable has extracted the preceding description block directly from the Oracle...

7.5CVSS7.8AI score0.00763EPSS
Exploits0References2
osv
osv
added 2025/05/16 11:15 a.m.5 views

CVE-2025-40630

Open redirection vulnerability in IceWarp Mail Server affecting version 11.4.0. This vulnerability allows an attacker to redirect a user to any domain by sending a malicious URL to the victim, for example “ https://icewarp.domain.com///%2e%2e” https://icewarp.domain.com///%2e%2e” . This...

6.1CVSS5.7AI score0.00425EPSS
Exploits0References1
Rows per page
Query Builder