EUVD-2024-46269

Malicious code in bioql PyPI...

EUVD-2024-46268

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-52337

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequenc...

TencentOS Server 2: tuned (TSSA-2024:1049)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1049 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

NewStart CGSL MAIN 7.02 : tuned Vulnerability (NS-SA-2025-0073)

The remote NewStart CGSL host, running version MAIN 7.02, has tuned packages installed that are affected by a vulnerability: - A script injection vulnerability was identified in the Tuned package. The instancecreate D-Bus function can be called by locally logged-in users without authentication...

Fedora: Security Advisory (FEDORA-2024-e457d67157)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Alibaba Cloud Linux 3 : 0279: tuned (ALINUX3-SA-2024:0279)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0279 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-52337: A log spoofing flaw was found in th...

tuned security update

An update is available for tuned. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The tuned packages provide a service that tunes system settings according to a...

RockyLinux 8 : tuned (RLSA-2024:11161)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:11161 advisory. tuned: improper sanitization of instancename parameter of the instancecreate method CVE-2024-52337 Tenable has extracted the preceding description block directly...

tuned security update

An update is available for tuned. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The tuned packages provide a service that tunes system settings according to a...

tuned: `script_pre` and `script_post` options allow to pass arbitrary scripts executed by root

A script injection vulnerability was identified in the Tuned package. The instancecreate D-Bus function can be called by locally logged-in users without authentication. This flaw allows a local non-privileged user to execute a D-Bus call with scriptpre or scriptpost options that permit arbitrary...

Important: Red Hat Security Advisory: tuned security update

An update for tuned is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

tuned: improper sanitization of `instance_name` parameter of the `instance_create()` method

A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequence of characters; newlines can be inserted into the log. Instead of the 'evil' the attacker could mimic a valid TuneD log line and trick t...

tuned: `script_pre` and `script_post` options allow to pass arbitrary scripts executed by root

A script injection vulnerability was identified in the Tuned package. The instancecreate D-Bus function can be called by locally logged-in users without authentication. This flaw allows a local non-privileged user to execute a D-Bus call with scriptpre or scriptpost options that permit arbitrary...

RHEL 9 : tuned (RHSA-2025:0879)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:0879 advisory. The tuned packages provide a service that tunes system settings according to a selected profile. Security Fixes: tuned: improper sanitizatio...

Moderate: Red Hat Security Advisory: tuned security update

An update for tuned is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

CVE-2024-52336 affecting package tuned for versions less than 2.21.0-2

CVE-2024-52336 affecting package tuned for versions less than 2.21.0-2. A patched version of the package is available...

CVE-2024-52337 affecting package tuned for versions less than 2.21.0-2

CVE-2024-52337 affecting package tuned for versions less than 2.21.0-2. A patched version of the package is available...

OPENSUSE-SU-2024:14605-1 tuned-2.24.1.0+git.90c24ee-1.1 on GA media

These are all security issues fixed in the tuned-2.24.1.0+git.90c24ee-1.1 package on the GA media of openSUSE Tumbleweed...

CBL Mariner 2.0 Security Update: tuned (CVE-2024-52337)

The version of tuned installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-52337 advisory. - A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This...