9.8CVSS
9.6AI Score
0.013EPSS
9.8CVSS
8.3AI Score
0.006EPSS
Ubuntu 20.04 LTS / 22.04 LTS : matio vulnerability (USN-6829-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6829-1 advisory. It was discovered that matio incorrectly handled certain malformed files. An attacker could possibly use this issue to cause a denial of service. ...
5.5CVSS
5.7AI Score
0.001EPSS
9.8CVSS
9AI Score
0.003EPSS
5.5CVSS
6.1AI Score
0.002EPSS
Debian DSA-4380-1 : golang-1.8 - security update
A vulnerability was discovered in the implementation of the P-521 and P-384 elliptic curves, which could result in denial of service and in some cases key recovery. In addition this update fixes two vulnerabilities in 'go get', which could result in the execution of arbitrary shell...
8.8CVSS
7.8AI Score
0.379EPSS
Arecont Vision AV1355DN MegaDome camera Denial of Service (CVE-2013-0139)
The Arecont Vision AV1355DN MegaDome camera allows remote attackers to cause a denial of service (video-capture outage) via a packet to UDP port 69. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
7.1AI Score
0.002EPSS
Debian DSA-4399-1 : ikiwiki - security update
Joey Hess discovered that the aggregate plugin of the Ikiwiki wiki compiler was susceptible to server-side request forgery, resulting in information disclosure or denial of...
7.5CVSS
7.4AI Score
0.003EPSS
Debian DLA-1649-1 : spice security update
Christophe Fergeau discovered an out-of-bounds read vulnerability in spice, a SPICE protocol client and server library, which might result in denial of service (spice server crash), or possibly, execution of arbitrary code. For Debian 8 'Jessie', this problem has been fixed in version...
7.5CVSS
7.8AI Score
0.003EPSS
Ubuntu 12.04 LTS : openjdk-6 vulnerabilities (USN-2972-1)
Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code. (CVE-2016-0686, CVE-2016-0687,.....
9.8CVSS
9.1AI Score
0.49EPSS
EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2024-1585)
According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of...
8.7CVSS
8.1AI Score
0.024EPSS
5.9CVSS
7.1AI Score
0.946EPSS
7.5CVSS
8.1AI Score
0.717EPSS
EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2024-1563)
According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of...
8.7CVSS
8.1AI Score
0.024EPSS
In the Linux kernel, the following vulnerability has been resolved: ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() The voice allocator sometimes begins allocating from near the end of the array and then wraps around, however snd_emu10k1_pcm_channel_alloc() accesses the.....
6.5AI Score
0.0004EPSS
GLSA-202406-05 : JHead: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202406-05 (JHead: Multiple Vulnerabilities) Multiple vulnerabilities have been discovered in JHead. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly...
9.8CVSS
7.5AI Score
0.002EPSS
Debian DLA-1661-1 : mumble security update
It has been found that the mumble-server mishandles multiple concurrent requests that are persisted in the database, which allows remote attackers to cause a denial of service (daemon hang or crash) via a message flood. With the new security update a rate limiter is added with Leaky-Bucket...
7.5CVSS
7.4AI Score
0.036EPSS
The Newsmatic theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.0 via the 'newsmatic_filter_posts_load_tab_content'. This makes it possible for unauthenticated attackers to view draft posts and post...
5.3CVSS
5.4AI Score
0.0004EPSS
7.5CVSS
6.8AI Score
0.955EPSS
9.8CVSS
9.8AI Score
0.008EPSS
9.8CVSS
9AI Score
0.003EPSS
7.5CVSS
6.9AI Score
0.006EPSS
7.5CVSS
6.9AI Score
0.006EPSS
OS command injection vulnerability in BUFFALO wireless LAN routers allows a logged-in user to execute arbitrary OS...
7.8AI Score
0.0004EPSS
7.5CVSS
6.7AI Score
0.084EPSS
6.5CVSS
8AI Score
0.01EPSS
7.8CVSS
6.8AI Score
0.006EPSS
5.9CVSS
7.1AI Score
0.946EPSS
Ubuntu 16.04 LTS / 18.04 LTS : H2 vulnerabilities (USN-6834-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6834-1 advisory. It was discovered that H2 was vulnerable to deserialization of untrusted data. An attacker could possibly use this issue to execute...
9.8CVSS
10AI Score
0.518EPSS
9.8CVSS
9.2AI Score
0.004EPSS
GLSA-202406-04 : LZ4: Memory Corruption
The remote host is affected by the vulnerability described in GLSA-202406-04 (LZ4: Memory Corruption) An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an...
9.8CVSS
7.1AI Score
0.001EPSS
Slackware Linux 15.0 / current emacs Vulnerability (SSA:2024-174-01)
The version of emacs installed on the remote host is prior to 29.4. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-174-01 advisory. New emacs packages are available for Slackware 15.0 and -current to fix a security issue. Tenable has extracted the preceding...
7.3AI Score
Debian DLA-1692-1 : phpmyadmin security update
An information leak issue was discovered in phpMyAdmin. An attacker can read any file on the server that the web server's user can access. This is related to the mysql.allow_local_infile PHP configuration. When the AllowArbitraryServer configuration setting is set to false (default), the attacker.....
5.9CVSS
5.8AI Score
0.152EPSS
Debian DLA-1686-1 : freedink-dfarc security update
Sylvain Beucler and Dan Walma discovered several directory traversal issues in DFArc, a frontend and extensions manager for the Dink Smallwood game, allowing an attacker to overwrite arbitrary files on the user's system. For Debian 8 'Jessie', this problem has been fixed in version 3.12-1+deb8u1......
7.5CVSS
7.5AI Score
0.003EPSS
Debian DSA-2929-1 : ruby-actionpack-3.2 - security update
Several vulnerabilities were discovered in Action Pack, a component of Ruby on Rails. CVE-2014-0081 actionview/lib/action_view/helpers/number_helper.rb contains multiple cross-site scripting vulnerabilities CVE-2014-0082 actionpack/lib/action_view/template/text.rb performs ...
6.6AI Score
0.029EPSS
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : Ruby vulnerabilities (USN-6838-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6838-1 advisory. It was discovered that Ruby RDoc incorrectly parsed certain YAML files. If a user or automated system were tricked...
8.1AI Score
EPSS
Ubuntu 23.10 : Linux kernel (Azure) vulnerabilities (USN-6573-1)
The remote Ubuntu 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6573-1 advisory. A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num...
8.8CVSS
8.7AI Score
0.024EPSS
Slackware 14.0 / 14.1 / 14.2 / current : curl (SSA:2019-037-01)
New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security...
9.8CVSS
7.6AI Score
0.171EPSS
GLSA-202406-01 : GLib: Privilege Escalation
The remote host is affected by the vulnerability described in GLSA-202406-01 (GLib: Privilege Escalation) A vulnerability has been discovered in GLib. Please review the CVE identifier referenced below for details. Tenable has extracted the preceding description block directly from the Gentoo...
7.1AI Score
0.0004EPSS
GLSA-202406-03 : RDoc: Remote Code Execution
The remote host is affected by the vulnerability described in GLSA-202406-03 (RDoc: Remote Code Execution) A vulnerability has been discovered in RDoc. Please review the CVE identifier referenced below for details. Tenable has extracted the preceding description block directly from the Gentoo...
7.5AI Score
EPSS
5.5CVSS
5.3AI Score
0.001EPSS
6.5CVSS
7.2AI Score
0.006EPSS
9.8CVSS
9.8AI Score
0.39EPSS
8.8CVSS
8.8AI Score
0.379EPSS
7.8CVSS
7.9AI Score
0.001EPSS
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6856-1 advisory. It was discovered that FontForge incorrectly handled filenames. If a user or an automated system were ...
7.8AI Score
0.0004EPSS
Slackware 14.2 : openssl (slackware 14.2) (SSA:2019-057-01)
New openssl packages are available for Slackware 14.2 to fix a security...
5.9CVSS
6.6AI Score
0.01EPSS
Debian DLA-1685-1 : drupal7 security update
Drupal core uses the third-party PEAR Archive_Tar library. This library has released a security update which impacts some Drupal configurations. Refer to CVE-2018-1000888 for details. Also a possible regression caused by CVE-2019-6339 is fixed. For Debian 8 'Jessie', this problem has been fixed in....
9.8CVSS
8.3AI Score
0.921EPSS
Debian DLA-1668-1 : libarchive security update
Fuzzing found two further file-format specific issues in libarchive, a read-only segfault in 7z, and an infinite loop in ISO9660. CVE-2019-1000019 Out-of-bounds Read vulnerability in 7zip decompression, that can result in a crash (denial of service, CWE-125) CVE-2019-1000020 Vulnerability in...
6.5CVSS
8.3AI Score
0.012EPSS
6.1AI Score
0.001EPSS