Amazon Web Services EC2 SSM enumeration
Provided AWS credentials, this module will call the authenticated API of Amazon Web Services to list all SSM-enabled EC2 instances accessible to the account. Once enumerated as SSM-enabled, the instances can be controlled using out-of-band WebSocket sessions provided by the AWS API (nominally,...
7.1AI Score
Releases Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages qemu - Machine emulator and virtualizer Details USN-6567-1 fixed vulnerabilities QEMU. The fix for CVE-2023-2861 was too restrictive and introduced a behaviour change leading to a regression in certain environments. This update fixes the...
8.8CVSS
8.3AI Score
0.002EPSS
Issue Overview: A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest user to crash the QEMU process....
8.2CVSS
7.5AI Score
0.0004EPSS
[311.2-1.0.1] - Replaced upstream urls in documentation with oracle links [Orabug: 36528753] - Drop subscription-manager-cockpit requirement for ol [Orabug: 34681110] - Remove duplicate reference to server in cockpit [Orabug: 34030494] - Update documentation links [Orabug: 30271413], [Orabug:...
7.3CVSS
7.8AI Score
0.0004EPSS
[310.4-1.0.1] - Update documentation links [Orabug: 34706402] - Drop subscription-manager-cockpit requirement for ol [Orabug: 34681110] - Remove duplicate reference to server in cockpit [Orabug: 33862832] - Update documentation links [Orabug: 32795691] - Make documentation links point to Oracle...
7.3CVSS
6.9AI Score
0.0004EPSS
rhel-system-roles bug fix and enhancement update
An update is available for rhel-system-roles. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky....
6.8AI Score
mdns_service_fuzzer: Heap-use-after-free in MDnsSdListener::Monitor::run
In run of MDnsSdListener.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.3AI Score
0.0004EPSS
In multiple functions of MessageQueueBase.h, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7AI Score
EPSS
[Crafted AVRCP cmd packet Causes Out-of-bounds Read in Bluetooth]
In avrc_ctrl_pars_vendor_cmd of avrc_pars_ct.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for...
6.5CVSS
6.5AI Score
0.001EPSS
In availableToWriteBytes of MessageQueueBase.h, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7AI Score
EPSS
CVE-2023-45853 affecting package cloud-hypervisor for versions less than 32.0-2
CVE-2023-45853 affecting package cloud-hypervisor for versions less than 32.0-2. A patched version of the package is...
9.8CVSS
9.7AI Score
0.001EPSS
[Crafted HFP Client Packet Causes Out-of-bounds Read in Bluetooth]
In AT_SKIP_REST of bta_hf_client_at.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure in the Bluetooth stack with no additional execution privileges needed. User interaction is not needed for...
7.5CVSS
6.5AI Score
0.001EPSS
Security - [Out of Bounds Write in rw_i93_send_to_upper in rw_i93.cc in libnfc-nci]
In rw_i93_send_to_upper of rw_i93.cc, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.4AI Score
0.0004EPSS
[Out of Bounds Write in nci_snd_set_routing_cmd in nci_hmsgs.cc in libnfc-nci]
In nci_snd_set_routing_cmd of nci_hmsgs.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for...
8.8CVSS
7.8AI Score
0.0005EPSS
[Crafted HFP Client Packet Causes Out-of-bounds Write in Bluetooth]
In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for...
9.8CVSS
7.8AI Score
0.001EPSS
In btm_sec_encrypt_change of btm_sec.cc, there is a possible way to downgrade the link key type due to improperly used crypto. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
8.8CVSS
7.1AI Score
0.0005EPSS
Intent to distrust a CA included in the Chrome Root Store
In multiple locations, there are root CA certificates which need to be disabled. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for...
7.5CVSS
6.8AI Score
0.001EPSS
In Spring Cloud Contract, versions 4.1.x prior to 4.1.1, versions 4.0.x prior to 4.0.5, and versions 3.1.x prior to 3.1.10, test execution is vulnerable to local information disclosure via temporary directory created with unsafe permissions through the shaded com.google.guava:guava dependency in...
5.5CVSS
6.6AI Score
0.0004EPSS
CVE-2023-0215 affecting package cloud-hypervisor 22.0-2
CVE-2023-0215 affecting package cloud-hypervisor 22.0-2. This CVE either no longer is or was never...
7.5CVSS
8.4AI Score
0.004EPSS
In multiple functions of looper_backed_event_loop.cpp, there is a possible way to corrupt memory due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.8AI Score
0.0004EPSS
[Binder MemoryHeapBase] - Need to SEAL file size on memfd mapped region
In multiple functions of ashmem-dev.cpp, there is a possible missing seal due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.6AI Score
0.0004EPSS
CVE-2022-4450 affecting package cloud-hypervisor 22.0-2
CVE-2022-4450 affecting package cloud-hypervisor 22.0-2. This CVE either no longer is or was never...
7.5CVSS
9AI Score
0.001EPSS
[Out of Bounds Write in read_attr_value Function in gatt_db.cc in Bluetooth]
In read_attr_value of gatt_db.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for...
9.8CVSS
7.8AI Score
0.001EPSS
CVE-2022-4304 affecting package cloud-hypervisor 22.0-2
CVE-2022-4304 affecting package cloud-hypervisor 22.0-2. This CVE either no longer is or was never...
5.9CVSS
8.4AI Score
0.002EPSS
In ca-certificates, there is a possible way to read encrypted TLS data due to untrusted cryptographic certificates. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for...
6.7AI Score
0.0004EPSS
Exploiting BLURtooth [CVE-2020-15802] on a Pixel 6
In btif_dm_auth_cmpl_evt of btif_dm.cc, there is a possible vulnerability in Cross-Transport Key Derivation due to Weakness in Bluetooth Standard. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
9.8CVSS
7.2AI Score
0.001EPSS
CVE-2023-0286 affecting package cloud-hypervisor 22.0-2
CVE-2023-0286 affecting package cloud-hypervisor 22.0-2. This CVE either no longer is or was never...
7.4CVSS
8.4AI Score
0.003EPSS
Summary Potential open redirect vulnerability in VMware Tanzu Spring Framework ( CVE-2024-22243) has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details ** CVEID:...
8.1CVSS
6.9AI Score
0.0004EPSS
Summary In addition to OS level package updates, multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF033 and 23.0.2-IF005. Vulnerability Details ** CVEID: CVE-2024-21501 DESCRIPTION: **Node.js sanitize-html module could allow a remote attacker to...
8.8CVSS
9.7AI Score
EPSS
In Spring Vault, versions 3.0.x prior to 3.0.2 and versions 2.3.x prior to 2.3.3 and older versions, an application is vulnerable to insertion of sensitive information into a log file when it attempts to revoke a Vault batch...
5.5CVSS
5.8AI Score
0.0004EPSS
cockpit bug fix and enhancement update
An update is available for cockpit. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux...
6.8AI Score
CVE-2022-3162 affecting package kube-vip-cloud-provider 0.0.2-16
CVE-2022-3162 affecting package kube-vip-cloud-provider 0.0.2-16. No patch is available...
6.5CVSS
7AI Score
0.001EPSS
CVE-2023-44487 affecting package kube-vip-cloud-provider for versions less than 0.0.2-12
CVE-2023-44487 affecting package kube-vip-cloud-provider for versions less than 0.0.2-12. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
Summary Potentialcode execution vulnerability in Apache Commons Configuration ( CVE-2024-29131) has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details ** CVEID:...
8.5AI Score
0.0004EPSS
Summary Potential VMware Tanzu Spring Boot arbitrary denial of service vulnerability (CVE-2023-34053) has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details **...
7.5CVSS
7.8AI Score
0.0005EPSS
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in libexpat, caused by improper system resource allocation [CVE-2023-52425]. libexpat is included as a Base OS package used by our Speech Services. This vulnerabilitiy has been addressed....
7.5CVSS
6.7AI Score
0.001EPSS
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to arbitrary command execution in Less, caused by a flaw with omitting shell_quote calls for LESSCLOSE in the close_altfile() function in filename.c [CVE-2022-48624]. Less is included as a Base OS package used by....
7AI Score
0.0004EPSS
Summary Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in ISC BIND, caused by an error when parsing large DNS messages [CVE-2023-4408]. ISC BIND is included as a Base OS package used by our Service Runtimes. This...
7.5CVSS
6.7AI Score
0.001EPSS
[OOB write in L2CAP Bluetooth stack]
In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for...
8.8CVSS
7.8AI Score
0.001EPSS
Summary There is a vulnerability in IBM WebSphere Application Server Liberty used by IBM Cloud Transformation Advisor (CVE-2024-27270). Vulnerability Details ** CVEID: CVE-2024-27270 DESCRIPTION: **IBM WebSphere Application Server Liberty 23.0.0.3 through 24.0.0.3 is vulnerable to cross-site...
4.7CVSS
6.4AI Score
0.0004EPSS
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues. We have performed updates to the Operators used by our Speech Services. The following vulnerabilities have been addressed in this update. Please read the details for...
5.3CVSS
7.6AI Score
EPSS
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to phishing attacks in VMware Tanzu Spring Framework, caused by an open redirect vulnerability in UriComponentsBuilder [CVE-2024-22259]. VMware Tanzu Spring Framework is used in our Speech Microservices. This...
8.1CVSS
6.3AI Score
0.0004EPSS
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in ISC BIND, caused by an error when processing responses coming from specially crafted DNSSEC-signed zones [CVE-2023-50387]. ISC BIND is included as a Base OS package used by our Service...
7.5CVSS
7AI Score
0.05EPSS
Summary Potential code execution vulnerability in Node.js ( CVE-2024-27980) has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details ** CVEID: CVE-2024-27980 ...
8.2AI Score
EPSS
Summary Potential vulnerabilities in Node.js related to the VM component ( CVE-2023-44487, CVE-2023-45143 ) has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details.....
7.5CVSS
7.6AI Score
0.732EPSS
Summary Potential VMware Tanzu Spring Boot arbitrary denial of service vulnerability (CVE-2023-34053) has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details **...
7.5CVSS
7.8AI Score
0.0005EPSS
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues. We have updated the base image used by our Speech Services and the following vulnerabilities have been addressed. Please read the details for remediation below. Vulnerability Details...
8.3CVSS
10AI Score
0.005EPSS
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to sensitive information exposure in Kubernetes, caused by a flaw when kube-apiserver is using logLevel >= 9 [CVE-2020-8565]. Kubernetes is included in the Speech utilities used by our service. This...
5.5CVSS
5.4AI Score
0.0004EPSS
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to sensitive information exposure in Kubernetes, caused by storing credentials in the log by the client-go library [CVE-2019-11250]. Kubernetes is included in the Speech utilities used by our service. This...
6.5CVSS
5.5AI Score
0.001EPSS
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in ISC BIND, caused by an error when preparing an NSEC3 closest encloser proof. [CVE-2023-50868]. ISC BIND is included as a Base OS package used by our Service Runtimes. This vulnerabilitiy....
6.8AI Score
0.0005EPSS