105 matches found
CVE-2024-7652 vulnerabilities
Vulnerabilities for packages: firefox...
CVE-2024-1671 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2024-30490
creationtimestamp| type| source ---|---|--- 2026-02-05 21:02:53+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3me5bzfhrgi2k...
ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.46.0.1), ai.h2o:h2o-algos (>=0.1.9 <=3.46.0.1) +44 more potentially affected by CVE-2024-5986 via ai.h2o:h2o-core (>=0.1.9 <=3.46.0.1)
ai.h2o:h2o-core MAVEN version =0.1.9, =3.34.0.1, =0.1.9, =0.1.9, =3.12.0.1, =3.10.0.1, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.24.0.1, =3.30.1.1, =3.26.0.4, =3.10.5.1, =3.24.0.1, =3.30.0.1, =3.34.0.3, =3.46.0.1 and more Source cves: CVE-2024-5986 Source advisory: OSV:GHSA-WJ3H-WX8G-X699...
Azure Linux 3.0 Security Update: kernel (CVE-2024-45019)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45019 advisory. - In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Take state lock during tx...
MiracleLinux 9 : grafana-pcp-5.1.1-3.el9_4 (AXSA:2024-8847:06)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8847:06 advisory. encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156...
MiracleLinux 7 : xorg-x11-server-1.20.4-29.el7 (AXSA:2024-7672:03)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7672:03 advisory. xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents CVE-2024-31080 xorg-x11-server: Heap buffer overread/data leakage in...
K000159546: Python vulnerability CVE-2024-5642
Security Advisory Description CPython 3.9 and earlier doesn't disallow configuring an empty list "" for SSLContext.setnpnprotocols which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used see CVE-2024-5535 for OpenSSL. This vulnerability is of...
CVE-2024-40593
A key management errors vulnerability in Fortinet FortiAnalyzer 7.4.0 through 7.4.2, FortiAnalyzer 7.2.0 through 7.2.5, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.4.0 through 7.4.2, FortiManager 7.2.0 through 7.2.5, FortiManager 7.0 all versions, FortiManager 6...
CVE-2024-38662
creationtimestamp| type| source ---|---|--- 2025-12-03 14:14:49+00:00| seen| https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8...
CVE-2024-35939
creationtimestamp| type| source ---|---|--- 2025-12-03 14:14:49+00:00| seen| https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/...
CVE-2024-14015
creationtimestamp| type| source ---|---|--- 2025-11-24 09:52:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m6ekjwetoj2k 2026-02-12 21:03:26+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3meovcees4r2s...
Security Bulletin: Security Vulnerability in Requests Library: .netrc Credential Leak Fixed in Version 2.32.4, affects IBM watsonx.data
Summary Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can...
Huawei EulerOS: Security Advisory for emacs (EulerOS-SA-2025-2154)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux Distros Unpatched Vulnerability : CVE-2024-43432
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in moodle. The cURL wrapper in Moodle strips HTTPAUTH and USERPWD headers during emulated redirects, but retains other original request headers...
CVE-2024-12972 XSS in Akinsoft's OctoCloud
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Akinsoft OctoCloud allows Cross-Site Scripting XSS. This issue affects OctoCloud: from s1.09.01 before v1.11.01...
Linux Distros Unpatched Vulnerability : CVE-2024-42244
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - USB: serial: mos7840: fix crash on resume Since commit c49cfa917025 USB: serial: use generic method if no alternative is provided in usb serial layer, USB seria...
CVE-2024-8238
creationtimestamp| type| source ---|---|--- 2025-08-11 18:27:49+00:00| seen| MISP/3e4b778d-5810-4171-a915-f1d106684af4...
CVE-2024-49740
creationtimestamp| type| source ---|---|--- 2025-07-30 07:59:24+00:00| seen| https://vulnerability.circl.lu/bundle/9d7fef5d-952d-4ecc-880d-94d02304e7a3...
CVE-2024-31481
creationtimestamp| type| source ---|---|--- 2025-06-24 15:47:12+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/19369...