9.8CVSS
7.7AI Score
0.004EPSS
Slackware 14.1 / 14.2 : mariadb (SSA:2019-032-01)
New mariadb packages are available for Slackware 14.1 and 14.2 to fix security...
6.5CVSS
6.7AI Score
0.005EPSS
Debian DSA-4375-1 : spice - security update
Christophe Fergeau discovered an out-of-bounds read vulnerability in spice, a SPICE protocol client and server library, which might result in denial of service (spice server crash), or possibly, execution of arbitrary...
7.5CVSS
7.8AI Score
0.003EPSS
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5565-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5565-1 advisory. It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a...
7.8CVSS
7.8AI Score
0.01EPSS
6.1CVSS
6.7AI Score
0.003EPSS
9.8CVSS
9.8AI Score
0.027EPSS
8.8CVSS
8.5AI Score
0.004EPSS
7.8CVSS
6.7AI Score
0.006EPSS
6.5CVSS
7.4AI Score
0.003EPSS
7.5CVSS
7.9AI Score
0.57EPSS
5.3CVSS
5.8AI Score
0.001EPSS
9.8CVSS
9.8AI Score
0.39EPSS
9.8CVSS
9AI Score
0.003EPSS
8.6AI Score
0.001EPSS
5.5CVSS
6.1AI Score
0.002EPSS
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : Netplan regression (USN-6851-2)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6851-2 advisory. USN-6851-1 fixed vulnerabilities in Netplan. The update lead to the discovery of a regression in netplan which caused systemctl...
8.4AI Score
Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6497-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6497-1 advisory. A flaw was found in KVM. An improper check in svm_set_x2apic_msr_interception() may allow direct access to host x2apic msrs when the guest resets...
8.8CVSS
8.7AI Score
0.024EPSS
7.5CVSS
7.7AI Score
0.007EPSS
9.8CVSS
9.8AI Score
0.161EPSS
Debian DSA-4382-1 : rssh - security update
Nick Cleaton discovered two vulnerabilities in rssh, a restricted shell that allows users to perform only scp, sftp, cvs, svnserve (Subversion), rdist and/or rsync operations. Missing validation in the rsync support could result in the bypass of this restriction, allowing the execution of...
9.8CVSS
9.8AI Score
0.019EPSS
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : snapd vulnerability (USN-4728-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 host has packages installed that are affected by a vulnerability as referenced in the USN-4728-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...
9.3CVSS
9.2AI Score
0.0004EPSS
Debian DLA-1640-1 : tmpreaper security update
It was discovered that tmpreaper, a program that cleans up files in directories based on their age, is vulnerable to a race condition. This vulnerability might be exploited by local attackers to perform privilege escalation. For Debian 8 'Jessie', this problem has been fixed in version...
7CVSS
6.7AI Score
0.0004EPSS
Debian DLA-1636-1 : aria2 security update
It was discovered that aria2 (the lightweight command-line download utility) can store passed user credentials in a log file when using the --log option. This might allow local users to obtain sensitive information by reading this file. For Debian 8 'Jessie', this problem has been fixed in version....
7.8CVSS
7.3AI Score
0.0004EPSS
9.8CVSS
8.9AI Score
0.028EPSS
4.7CVSS
6.3AI Score
0.001EPSS
6.5CVSS
7.2AI Score
0.006EPSS
6.5CVSS
7.8AI Score
0.007EPSS
7.5CVSS
7.9AI Score
0.57EPSS
9.8CVSS
9AI Score
0.823EPSS
4.7CVSS
6.3AI Score
0.001EPSS
7.5CVSS
6.6AI Score
0.088EPSS
7.8CVSS
6.7AI Score
0.006EPSS
6.5CVSS
7.4AI Score
0.003EPSS
7.5CVSS
7.8AI Score
0.003EPSS
9.8CVSS
9.6AI Score
0.013EPSS
Debian DSA-4363-1 : python-django - security update
It was discovered that malformed URLs could spoof the content of the default 404 page of Django, a Python web development...
6.5CVSS
6.7AI Score
0.006EPSS
Ubuntu 23.10 / 24.04 LTS : Rack vulnerabilities (USN-6837-1)
The remote Ubuntu 23.10 / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6837-1 advisory. It was discovered that Rack incorrectly handled Multipart MIME parsing. A remote attacker could possibly use this issue to cause Rack to...
7.5CVSS
7.7AI Score
0.001EPSS
9.8CVSS
9AI Score
0.003EPSS
9.8CVSS
9.8AI Score
0.008EPSS
7.5CVSS
6.8AI Score
0.955EPSS
The Passster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's content_protector shortcode in all versions up to, and including, 4.2.6.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated....
6.4CVSS
5.7AI Score
0.0004EPSS
Debian DSA-4380-1 : golang-1.8 - security update
A vulnerability was discovered in the implementation of the P-521 and P-384 elliptic curves, which could result in denial of service and in some cases key recovery. In addition this update fixes two vulnerabilities in 'go get', which could result in the execution of arbitrary shell...
8.8CVSS
7.8AI Score
0.379EPSS
Debian DLA-1656-1 : agg security update
A stack overflow vulnerability was discovered in AGG, the AntiGrain Geometry graphical toolkit, that may lead to code execution if a malformed file is processed. Since AGG only provides a static library, the desmume and exactimage packages were rebuilt against the latest security update. For...
8.8CVSS
9AI Score
0.003EPSS
8.8CVSS
8.8AI Score
0.379EPSS
7.8CVSS
6.8AI Score
0.032EPSS
9.8CVSS
8.9AI Score
0.028EPSS
7.8CVSS
6.8AI Score
0.032EPSS
9.8CVSS
9.6AI Score
0.013EPSS
KrebsOnSecurity Threatened with Defamation Lawsuit Over Fake Radaris CEO
On March 8, 2024, KrebsOnSecurity published a deep dive on the consumer data broker Radaris, showing how the original owners are two men in Massachusetts who operated multiple Russian language dating services and affiliate programs, in addition to a dizzying array of people-search websites. The...
6.8AI Score
Ubuntu 12.04 LTS : openjdk-6 vulnerabilities (USN-2972-1)
Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code. (CVE-2016-0686, CVE-2016-0687,.....
9.8CVSS
9.1AI Score
0.49EPSS