9.8CVSS
9.7AI Score
0.012EPSS
9.6CVSS
8.7AI Score
0.008EPSS
Debian DSA-4365-1 : tmpreaper - security update
Stephen Roettger discovered a race condition in tmpreaper, a program that cleans up files in directories based on their age, which could result in local privilege...
7CVSS
6.7AI Score
0.0004EPSS
Debian DSA-4364-1 : ruby-loofah - security update
It was discovered that ruby-loofah, a general library for manipulating and transforming HTML/XML documents and fragments, performed insufficient sanitising of SVG...
5.4CVSS
5.9AI Score
0.001EPSS
Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6497-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6497-1 advisory. A flaw was found in KVM. An improper check in svm_set_x2apic_msr_interception() may allow direct access to host x2apic msrs when the guest resets...
8.8CVSS
8.7AI Score
0.024EPSS
9.1CVSS
8AI Score
0.013EPSS
7.5CVSS
7.7AI Score
0.784EPSS
9.8CVSS
8.8AI Score
0.014EPSS
Debian DSA-4380-1 : golang-1.8 - security update
A vulnerability was discovered in the implementation of the P-521 and P-384 elliptic curves, which could result in denial of service and in some cases key recovery. In addition this update fixes two vulnerabilities in 'go get', which could result in the execution of arbitrary shell...
8.8CVSS
7.8AI Score
0.379EPSS
8.8CVSS
8.5AI Score
0.004EPSS
7.5CVSS
7.7AI Score
0.005EPSS
6.5CVSS
6.9AI Score
0.915EPSS
9.8CVSS
9.6AI Score
0.013EPSS
Debian DSA-4375-1 : spice - security update
Christophe Fergeau discovered an out-of-bounds read vulnerability in spice, a SPICE protocol client and server library, which might result in denial of service (spice server crash), or possibly, execution of arbitrary...
7.5CVSS
7.8AI Score
0.003EPSS
Slackware 14.0 / 14.1 / 14.2 : zsh (SSA:2019-013-01)
New zsh packages are available for Slackware 14.0, 14.1, and 14.2 to fix security...
7.8CVSS
7.2AI Score
0.007EPSS
Debian DLA-1631-1 : libcaca security update
Several vulnerabilities were discovered in libcaca, a graphics library that outputs text: integer overflows, floating point exceptions or invalid memory reads may lead to a denial of service (application crash) if a malformed image file is processed. For Debian 8 'Jessie', these problems have been....
8.8CVSS
8.5AI Score
0.003EPSS
In the Linux kernel, the following vulnerability has been resolved: wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled When QoS is disabled, the queue priority value will not map to the correct ieee80211 queue since there is only one queue. Stop/wake queue 0 when QoS is...
6.1AI Score
0.0004EPSS
9.8CVSS
9.8AI Score
0.161EPSS
7.5CVSS
7.7AI Score
0.007EPSS
Debian DSA-4382-1 : rssh - security update
Nick Cleaton discovered two vulnerabilities in rssh, a restricted shell that allows users to perform only scp, sftp, cvs, svnserve (Subversion), rdist and/or rsync operations. Missing validation in the rsync support could result in the bypass of this restriction, allowing the execution of...
9.8CVSS
9.8AI Score
0.019EPSS
Researchers Expose Security Flaw in Internet-Ready HDTVs
Researchers at Mocana, a security technology firm in San Francisco, recently demonstrated the ease with which they could hack into a popular Internet-ready HDTV model. They exploited a vulnerability in the software that displays websites on the TV, allowing them to control the information sent to.....
7.2AI Score
9.8CVSS
9AI Score
0.003EPSS
8.6AI Score
0.001EPSS
5.5CVSS
6.1AI Score
0.002EPSS
4.7CVSS
6.3AI Score
0.001EPSS
7.5CVSS
6.6AI Score
0.088EPSS
7.5CVSS
7.9AI Score
0.57EPSS
9.8CVSS
9AI Score
0.823EPSS
7.8CVSS
6.7AI Score
0.006EPSS
6.5CVSS
7.4AI Score
0.003EPSS
9.8CVSS
9.6AI Score
0.013EPSS
7.5CVSS
7.8AI Score
0.003EPSS
Debian DSA-4363-1 : python-django - security update
It was discovered that malformed URLs could spoof the content of the default 404 page of Django, a Python web development...
6.5CVSS
6.7AI Score
0.006EPSS
Debian DLA-1640-1 : tmpreaper security update
It was discovered that tmpreaper, a program that cleans up files in directories based on their age, is vulnerable to a race condition. This vulnerability might be exploited by local attackers to perform privilege escalation. For Debian 8 'Jessie', this problem has been fixed in version...
7CVSS
6.7AI Score
0.0004EPSS
Debian DLA-1636-1 : aria2 security update
It was discovered that aria2 (the lightweight command-line download utility) can store passed user credentials in a log file when using the --log option. This might allow local users to obtain sensitive information by reading this file. For Debian 8 'Jessie', this problem has been fixed in version....
7.8CVSS
7.3AI Score
0.0004EPSS
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : snapd vulnerability (USN-4728-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 host has packages installed that are affected by a vulnerability as referenced in the USN-4728-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...
9.3CVSS
9.2AI Score
0.0004EPSS
9.8CVSS
8.9AI Score
0.028EPSS
4.7CVSS
6.3AI Score
0.001EPSS
6.5CVSS
7.2AI Score
0.006EPSS
6.5CVSS
7.8AI Score
0.007EPSS
Debian DSA-4399-1 : ikiwiki - security update
Joey Hess discovered that the aggregate plugin of the Ikiwiki wiki compiler was susceptible to server-side request forgery, resulting in information disclosure or denial of...
7.5CVSS
7.4AI Score
0.003EPSS
Ubuntu 23.10 / 24.04 LTS : Rack vulnerabilities (USN-6837-1)
The remote Ubuntu 23.10 / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6837-1 advisory. It was discovered that Rack incorrectly handled Multipart MIME parsing. A remote attacker could possibly use this issue to cause Rack to...
7.5CVSS
7.7AI Score
0.001EPSS
Russian Power Companies, IT Firms, and Govt Agencies Hit by Decoy Dog Trojan
Russian organizations are at the receiving end of cyber attacks that have been found to deliver a Windows version of a malware called Decoy Dog. Cybersecurity company Positive Technologies is tracking the activity cluster under the name Operation Lahat, attributing it to an advanced persistent...
7.6AI Score
How implementing a trust fabric strengthens identity and network
The identity security landscape is transforming rapidly. Every digital experience and interaction is an opportunity for people to connect, share, and collaborate. But first, we need to know we can trust those digital experiences and interactions. Customers note a massive rise in the sheer number...
7AI Score
Ubuntu 20.04 LTS / 22.04 LTS : matio vulnerability (USN-6829-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6829-1 advisory. It was discovered that matio incorrectly handled certain malformed files. An attacker could possibly use this issue to cause a denial of service. ...
5.5CVSS
5.7AI Score
0.001EPSS
Debian DLA-1656-1 : agg security update
A stack overflow vulnerability was discovered in AGG, the AntiGrain Geometry graphical toolkit, that may lead to code execution if a malformed file is processed. Since AGG only provides a static library, the desmume and exactimage packages were rebuilt against the latest security update. For...
8.8CVSS
9AI Score
0.003EPSS
Managed Detection and Response in 2023
Managed Detection and Response in 2023 (PDF) Alongside other security solutions, we provide Kaspersky Managed Detection and Response (MDR) to organizations worldwide, delivering expert monitoring and incident response 24/7. The task involves collecting telemetry for analysis by both...
7AI Score
The Passster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's content_protector shortcode in all versions up to, and including, 4.2.6.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated....
6.4CVSS
5.7AI Score
0.0004EPSS
5.9CVSS
7.1AI Score
0.946EPSS
In the Linux kernel, the following vulnerability has been resolved: ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() The voice allocator sometimes begins allocating from near the end of the array and then wraps around, however snd_emu10k1_pcm_channel_alloc() accesses the.....
6.5AI Score
0.0004EPSS