2768 matches found
SUSE-SU-2024:4256-1 Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059153 fixes several issues. The following security issues were fixed: - CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. - CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. - CVE-2021-47598: schcake: do not call...
CVE-2024-50403 QTS, QuTS hero
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...
Oracle Linux 8 : perl-App-cpanminus:1.7044 (ELSA-2024-10219)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-10219 advisory. - Patch the code to use https instead of http CVE-2024-45321 perl-CPAN-DistnameInfo perl-CPAN-Meta-Check perl-File-pushd perl-Module-CPANfile perl-Parse-PMFile...
Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console
Veeam has released security updates to address a critical flaw impacting Service Provider Console VSPC that could pave the way for remote code execution on susceptible instances. The vulnerability, tracked as CVE-2024-42448, carries a CVSS score of 9.9 out of a maximum of 10.0. The company noted...
PT-2024-35143 · Tenda · Tenda Ac6V2
Name of the Vulnerable Software and Affected Versions: Tenda AC6V2 versions through 15.03.06.50 Description: The issue is a stack-based buffer overflow vulnerability in the setDoublePppoeConfig-guest ip check modules of Tenda AC6V2, where the mask argument can cause buffer overflows...
Fedora 41 : mingw-python3 (2024-e6b1e638d1)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-e6b1e638d1 advisory. Backport fix for CVE-2024-9287 ---- Update to python-3.11.0. Tenable has extracted the preceding description block directly from the Fedora security advisory...
CVE-2024-53844
CVE-2024-53844 affects labsai/eddi (EDDI), a middleware for LLM API bots. The vulnerability is a path traversal in the backup export functionality, exploitable via the botFilename parameter in RestExportService.java. Input is not properly sanitized, allowing attackers to access arbitrary files in...
Oracle Linux 9 : python3.12-urllib3 (ELSA-2024-9457)
The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-9457 advisory. 1.26.18-2.1 - Security fix for CVE-2024-37891 Resolves: RHEL-59997 Tenable has extracted the preceding description block directly from the Oracle Linux security...
PT-2024-36433 · Totolink · Totolink A3002Ru
Name of the Vulnerable Software and Affected Versions: TOTOLINK A3002R version 4.0.0-B20230531.1404 Description: The issue concerns a Remote Code Execution vulnerability in the /bin/boa via formWsc. This allows for unauthorized code execution. Recommendations: For TOTOLINK A3002R version...
RHSA-2024:1868
creationtimestamp| type| source ---|---|--- 2024-11-17 10:25:44+00:00| seen| https://infosec.exchange/users/cve/statuses/113497810108556154 2025-03-06 15:10:49+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6677 2025-03-26 19:26:07+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8934...
Fedora 37 : xorg-x11-server (2022-3d88188071)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-3d88188071 advisory. Fix buggy patch to CVE-2022-46340 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
Fedora 41 : aardvark-dns (2024-30ed35ba86)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-30ed35ba86 advisory. Security fix for CVE-2024-8418 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
PT-2024-7874 · Ivanti · Ivanti Endpoint Manager
Name of the Vulnerable Software and Affected Versions: Ivanti Endpoint Manager versions prior to 2024 November Security Update or 2022 SU6 November Security Update Description: The issue is related to a SQL injection vulnerability in Ivanti Endpoint Manager. This vulnerability allows a remote...
CVE-2024-50220 fork: do not invoke uffd on fork if error occurs
In the Linux kernel, the following vulnerability has been resolved: fork: do not invoke uffd on fork if error occurs Patch series "fork: do not expose incomplete mm on fork". During fork we may place the virtual memory address space into an inconsistent state before the fork operation is complete...
CVE-2024-2410 affecting package mysql for versions less than 8.0.40-2
CVE-2024-2410 affecting package mysql for versions less than 8.0.40-2. A patched version of the package is available...
Oracle Linux 8 : go-toolset:ol8 (ELSA-2024-8876)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-8876 advisory. - Rebase to Go1.22.5 to fix CVE-2024-24791 - Addresses CVEs-2024-24789 and CVE-2024-24790 - Rebase to Go1.22.5 to fix CVE-2024-24791 - Addresses CVEs-2024-24789...
PT-2025-11655 · Synology · Synology Application Service +1
Name of the Vulnerable Software and Affected Versions: Synology Replication Service versions prior to 1.0.12-0066, 1.2.2-0353, and 1.3.0-0423 Synology Unified Controller DSMUC versions prior to 3.1.4-23079 Description: The vulnerability is an off-by-one error in the transmission component of...
CVE-2024-0553 affecting package gnutls for versions less than 3.7.11-1
CVE-2024-0553 affecting package gnutls for versions less than 3.7.11-1. A patched version of the package is available...
CVE-2024-26875 affecting package kernel for versions less than 5.15.167.1-2
CVE-2024-26875 affecting package kernel for versions less than 5.15.167.1-2. A patched version of the package is available...
CVE-2023-52601 affecting package kernel for versions less than 5.15.167.1-2
CVE-2023-52601 affecting package kernel for versions less than 5.15.167.1-2. A patched version of the package is available...