RHEL 8 : kernel (RHSA-2024:0575)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0575 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: bpf: Incorrect verifier...
10CVSS
9.4AI Score
EPSS
RHEL 8 : kernel (RHSA-2023:7557)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7557 advisory. kernel: use after free in nvmet_tcp_free_crypto in NVMe (CVE-2023-5178) hw: amd: Cross-Process Information Leak (CVE-2023-20593) Note...
8.8CVSS
8.1AI Score
0.024EPSS
RHEL 8 : kernel (RHSA-2023:7549)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7549 advisory. kernel: use-after-free due to race condition occurring in dvb_register_device() (CVE-2022-45884) kernel: use-after-free due to race...
10CVSS
9.2AI Score
0.024EPSS
CVE-2022-36946 Reported-by: Domingo Dirutigliano and Nicola...
7.5CVSS
8AI Score
0.009EPSS
RHEL 9 : kernel (RHSA-2024:0461)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0461 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: tun: bugs for oversize...
8.8CVSS
9.1AI Score
0.024EPSS
RHEL 8 : kernel (RHSA-2024:0412)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0412 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: bpf: Incorrect verifier...
10CVSS
9.6AI Score
EPSS
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...
7.3AI Score
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...
7.3AI Score
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...
7.3AI Score
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...
7.3AI Score
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...
7.3AI Score
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...
7.5AI Score
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...
7.3AI Score
A user with the permissions to create a data source can use Grafana API to create a data source with UID set to *.Doing this will grant the user access to read, query, edit and delete all data sources within the...
6CVSS
5.9AI Score
0.0004EPSS
RHEL 6 : kernel (RHSA-2019:0415)
An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from...
7.8CVSS
6.8AI Score
0.0004EPSS
RHEL 9 : kernel (RHSA-2024:0432)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0432 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel:...
8.8CVSS
8.6AI Score
0.024EPSS
AlmaLinux 8 : kernel (ALSA-2023:7549)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:7549 advisory. An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use- after-free, related to dvb_register_device...
10CVSS
9.1AI Score
0.024EPSS
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...
7.3AI Score
NodeBB XML-RPC Request xmlrpc.php - XML Injection
A remote code execution (RCE) vulnerability in the xmlrpc.php endpoint of NodeBB Inc NodeBB forum software prior to v1.18.6 allows attackers to execute arbitrary code via crafted XML-RPC...
9.8CVSS
9.9AI Score
0.287EPSS
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...
7.2AI Score
RHEL 8 : kernel (RHSA-2024:2621)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2621 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: use after free flaw in...
8.8CVSS
7.9AI Score
0.002EPSS
7.3AI Score
0.0004EPSS
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...
7.3AI Score
RHEL 9 : kernel (RHSA-2024:1250)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1250 advisory. Security Fix(es): * kernel: use-after-free in smb2_is_status_io_timeout() (CVE-2023-1192) * kernel: nfp: use-after-free in area_cache_get()...
10CVSS
8.8AI Score
0.001EPSS
7.7AI Score
0.0004EPSS
7.2AI Score
0.0004EPSS
RHEL 9 : kernel (RHSA-2024:3855)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3855 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: KVM: SVM: improper check...
7.8CVSS
7.7AI Score
0.001EPSS
TIBCO JasperReports Library - Directory Traversal
The default server implementation of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports Library Community Edition, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for...
6.5CVSS
6.6AI Score
0.503EPSS
Unrestricted file upload in big file upload functionality in /main/inc/lib/javascript/bigupload/inc/bigUpload.php in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web...
8.1CVSS
7.3AI Score
0.002EPSS
GaussDB Kernel: Enabling the Separation of Duties
If the parameter enableSeparationOfDuty is set to on, the separation of duties is enabled to control system administrator permissions. In this mode, system administrators cannot create or modify user configurations or access data in private...
7.2AI Score
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...
7.3AI Score
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Max Bond Code Insert Manager (Q2W3 Inc Manager) allows Reflected XSS.This issue affects Code Insert Manager (Q2W3 Inc Manager): from n/a through...
5.8CVSS
6AI Score
0.0004EPSS
RHEL 7 : kernel-rt (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. kernel: Geneve/IPsec traffic may be unencrypted between two Geneve endpoints (CVE-2020-25645) An issue...
7.5CVSS
6.7AI Score
EPSS
Unspecified vulnerability in the expand_stack function in grsecurity PaX allows local users to gain privileges via unspecified vectors. NOTE: the grsecurity developer has disputed this issue, stating that "the function they claim the vulnerability to be in is a trivial function, which can, and has....
6.7AI Score
0.0004EPSS
WordPress Sell Media 2.4.1 - Cross-Site Scripting
WordPress Plugin Sell Media v2.4.1 contains a cross-site scripting vulnerability in /inc/class-search.php that allows remote attackers to inject arbitrary web script or HTML via the keyword parameter (aka $search_term or the Search...
6.1CVSS
5.9AI Score
0.001EPSS
RHEL 7 : kernel-alt (RHSA-2019:0162)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0162 advisory. kernel: Heap-based buffer overflow in fs/ext4/xattr.c:ext4_xattr_set_entry() with crafted ext4 image (CVE-2018-10840) Note that Nessus has not...
6.6CVSS
8AI Score
0.001EPSS
RHEL 7 : kernel-rt (RHSA-2019:0188)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0188 advisory. kernel: Use-after-free due to race condition in AF_PACKET implementation (CVE-2018-18559) Note that Nessus has not tested for this issue but has...
8.1CVSS
7.9AI Score
0.012EPSS
Moderate: kernel security and bug fix update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240) CVE-2024-25743 hw: amd: Instruction raise #VC exception at exit...
6.5CVSS
6.5AI Score
EPSS
RHEL 8 : kernel (RHSA-2024:3859)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3859 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: KVM: SEV-ES / SEV-SNP...
5.6CVSS
8.1AI Score
0.001EPSS
7.8CVSS
7.2AI Score
0.0004EPSS
7.8CVSS
7.2AI Score
0.0004EPSS
CVE-2021-46911 ch_ktls: Fix kernel panic
In the Linux kernel, the following vulnerability has been resolved: ch_ktls: Fix kernel panic Taking page refcount is not ideal and causes kernel panic sometimes. It's better to take tx_ctx lock for the complete skb transmit, to avoid page cleanup if ACK received in...
6.7AI Score
0.0004EPSS
7.8CVSS
7.2AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: openrisc: traps: Don't send signals to kernel mode threads OpenRISC exception handling sends signals to user processes on floating point exceptions and trap instructions (for debugging) among others. There is a bug where the trap.....
6.8AI Score
0.0004EPSS
Rocky Linux 8 : kernel (RLSA-2022:7683)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7683 advisory. An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an...
7.8CVSS
8.5AI Score
0.01EPSS
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...
7.3AI Score
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...
7.3AI Score
CentOS 7 : kernel (CESA-2019:0512)
An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from...
7.8CVSS
7.7AI Score
0.001EPSS
Amazon Linux 2 : kernel (ALAS-2024-2549)
The version of kernel installed on the remote host is prior to 4.14.343-259.562. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2549 advisory. 2024-06-19: CVE-2023-46838 was added to this advisory. 2024-06-06: CVE-2023-52486 was added to this advisory. ...
7.8CVSS
7.6AI Score
0.001EPSS
Amazon Linux 2 : kernel (ALAS-2024-2569)
The version of kernel installed on the remote host is prior to 4.14.276-211.499. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2569 advisory. 2024-06-19: CVE-2022-1011 was added to this advisory. 2024-06-19: CVE-2022-1353 was added to this advisory. ...
7.8CVSS
8.3AI Score
0.0004EPSS