CVE-2021-47390 KVM: x86: Fix stack-out-of-bounds memory access from ioapic_write_indirect()
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix stack-out-of-bounds memory access from ioapic_write_indirect() KASAN reports the following issue: BUG: KASAN: stack-out-of-bounds in kvm_make_vcpus_request_mask+0x174/0x440 [kvm] Read of size 8 at addr...
6.8AI Score
0.0004EPSS
.NET Denial of Service vulnerability
Microsoft Security Advisory CVE-2023-29331: .NET Denial of Service vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their...
7.5CVSS
6.5AI Score
0.001EPSS
An issue in Panoramic Corporation Digital Imaging Software v.9.1.2.7600 allows a local attacker to escalate privileges via the ccsservice.exe...
6.5AI Score
EPSS
CVE-2021-47390 KVM: x86: Fix stack-out-of-bounds memory access from ioapic_write_indirect()
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix stack-out-of-bounds memory access from ioapic_write_indirect() KASAN reports the following issue: BUG: KASAN: stack-out-of-bounds in kvm_make_vcpus_request_mask+0x174/0x440 [kvm] Read of size 8 at addr...
6.4AI Score
0.0004EPSS
KB5017311: Windows 10 version 17784 / Azure Stack HCI Security Update (September 2022)
The remote Windows host is missing security update 5017311. It is, therefore, affected by multiple miscellaneous security improvements to internal OS...
7.5AI Score
KB5014698: Windows 10 version 17784 / Azure Stack HCI Security Update (June 2022)
The remote Windows host is missing security update 5014698. It is, therefore, affected by multiple vulnerabilities resulting in miscellaneous security improvements to internal OS...
7.6AI Score
Microsoft Security Advisory CVE-2023-33170: .NET Security Feature Bypass Vulnerability
Microsoft Security Advisory CVE-2023-33170: .NET Security Feature Bypass Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core 2.1 and above. This advisory also provides guidance on what developers can do to...
8.1CVSS
8AI Score
0.001EPSS
.NET Denial of Service vulnerability
Microsoft Security Advisory CVE-2023-29331: .NET Denial of Service vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their...
7.5CVSS
6.5AI Score
0.001EPSS
KB5015809: Windows 10 version 17784 / Azure Stack HCI Security Update (July 2022)
The remote Windows host is missing security update 5015809. It is, therefore, affected by miscellaneous security issues with the functionality of the internal...
7.6AI Score
CVE-2024-35989 dmaengine: idxd: Fix oops during rmmod on single-CPU platforms
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix oops during rmmod on single-CPU platforms During the removal of the idxd driver, registered offline callback is invoked as part of the clean up process. However, on systems with only one CPU online, no valid...
7AI Score
0.0004EPSS
KB5004950: Windows 10 1507 LTS OOB Security Update RCE (July 2021)
A remote command execution vulnerability exists in Windows Print Spooler service improperly performs privileged file operations. An authenticated, remote attacker can exploit this to bypass and run arbitrary code with SYSTEM...
8.8CVSS
9.4AI Score
0.967EPSS
KB5003209: Windows 8.1 and Windows Server 2012 R2 Security Update (May 2021)
The remote Windows host is missing security update 5003209. It is, therefore, affected by multiple...
9.9CVSS
7.6AI Score
0.937EPSS
Microsoft Security Advisory CVE-2023-33170: .NET Security Feature Bypass Vulnerability
Microsoft Security Advisory CVE-2023-33170: .NET Security Feature Bypass Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core 2.1 and above. This advisory also provides guidance on what developers can do to...
8.1CVSS
8AI Score
0.001EPSS
In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Use access_width over bit_width for system memory accesses To align with ACPI 6.3+, since bit_width can be any 8-bit value, it cannot be depended on to be always on a clean 8b boundary. This was uncovered on the Cobalt....
6.7AI Score
0.0004EPSS
CVE-2024-35989 dmaengine: idxd: Fix oops during rmmod on single-CPU platforms
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix oops during rmmod on single-CPU platforms During the removal of the idxd driver, registered offline callback is invoked as part of the clean up process. However, on systems with only one CPU online, no valid...
6.3AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix oops during rmmod on single-CPU platforms During the removal of the idxd driver, registered offline callback is invoked as part of the clean up process. However, on systems with only one CPU online, no valid...
6.6AI Score
0.0004EPSS
KB4592504: Windows Server 2008 December 2020 Security Update
The remote Windows host is missing security update 4592504 or cumulative update 4592498. It is, therefore, affected by multiple vulnerabilities: An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information....
5.5CVSS
6.5AI Score
0.0004EPSS
Security Updates Outlook for Windows (April 2024)
The Microsoft Outlook application installed on the remote host is missing a security update. It is, therefore, affected by a spoofing vulnerability. External attackers could send specially crafted emails that will cause a connection from the victim to an untrusted location of attackers' control....
8.1CVSS
7.9AI Score
0.001EPSS
MITRE Corporation reports: inc/user.class.php in GLPI before 9.4.3 allows XSS via a user...
6.1CVSS
2.7AI Score
0.001EPSS
KB5004946: Windows 10 1909 OOB Security Update RCE (July 2021)
A remote command execution vulnerability exists in Windows Print Spooler service improperly performs privileged file operations. An authenticated, remote attacker can exploit this to bypass and run arbitrary code with SYSTEM...
8.8CVSS
9.4AI Score
0.967EPSS
KB5004959: Windows Server 2008 OOB Security Update RCE (July 2021)
A remote command execution vulnerability exists in Windows Print Spooler service improperly performs privileged file operations. An authenticated, remote attacker can exploit this to bypass and run arbitrary code with SYSTEM...
8.8CVSS
9.4AI Score
0.967EPSS
Fedora 30 : python3 / python3-docs (2019-9bfb4a3e4b)
Python 3.7.4 is the fourth and most recent maintenance release of Python 3.7. Changelog for final, 3.7.4 release candidate 2 and 3.7.4 release candidate 1. Contains security fixes for CVE-2019-9948 and CVE-2019-10160. Note that Tenable Network Security has extracted the preceding description block....
9.8CVSS
8.9AI Score
0.007EPSS
KB5004960: Windows Server 2012 OOB Security Update RCE (July 2021)
A remote command execution vulnerability exists in Windows Print Spooler service improperly performs privileged file operations. An authenticated, remote attacker can exploit this to bypass and run arbitrary code with SYSTEM...
8.8CVSS
9.4AI Score
0.967EPSS
KB5030220: Windows 10 LTS 1507 Security Update (September 2023)
The remote Windows host is missing security update 5030220. It is, therefore, affected by multiple vulnerabilities Windows GDI Elevation of Privilege Vulnerability (CVE-2023-36804, CVE-2023-38161) Windows TCP/IP Denial of Service Vulnerability (CVE-2023-38149) Windows Miracast Wireless...
8.8CVSS
7.5AI Score
0.001EPSS
KB5004945: Windows 10 2004 / 20H2 / 21H1 OOB Security Update RCE (July 2021)
A remote command execution vulnerability exists in Windows Print Spooler service improperly performs privileged file operations. An authenticated, remote attacker can exploit this to bypass and run arbitrary code with SYSTEM...
8.8CVSS
9.4AI Score
0.967EPSS
KB5004947: Windows 10 1809 and Windows Server 2019 OOB Security Update RCE (July 2021)
A remote command execution vulnerability exists in Windows Print Spooler service improperly performs privileged file operations. An authenticated, remote attacker can exploit this to bypass and run arbitrary code with SYSTEM...
8.8CVSS
9.4AI Score
0.967EPSS
KB5003697: Windows Server 2012 Security Update (June 2021)
The remote Windows host is missing security update 5003697. It is, therefore, affected by multiple...
9.4CVSS
8.5AI Score
0.966EPSS
KB5003695: Windows Server 2008 Security Update (June 2021)
The remote Windows host is missing security update 5003695. It is, therefore, affected by multiple...
9.4CVSS
8.4AI Score
0.966EPSS
KB5003172: Windows 10 version 1507 LTS Security Update (May 2021)
The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...
9.9CVSS
7.3AI Score
0.937EPSS
RHEL 8 : RHV Manager (ovirt-engine) [ovirt-4.5.3] (RHSA-2022:8502)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:8502 advisory. The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators...
6.5CVSS
7.4AI Score
0.001EPSS
glpi -- SQL injection for all usages of "Clone" feature
MITRE Corporation reports: In glpi before 9.5.1, there is a SQL injection for all usages of "Clone" feature. This has been fixed in...
7.1CVSS
1.7AI Score
0.001EPSS
Fedora 29 : python3 / python3-docs (2019-60a1defcd1)
Python 3.7.4 is the fourth and most recent maintenance release of Python 3.7. Changelog for final, 3.7.4 release candidate 2 and 3.7.4 release candidate 1. Contains security fixes for CVE-2019-9948 and CVE-2019-10160. Note that Tenable Network Security has extracted the preceding description block....
9.8CVSS
8.9AI Score
0.007EPSS
KB5003169: Windows 10 version 1909 Security Update (May 2021)
The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...
9.9CVSS
7.3AI Score
0.937EPSS
KB5003174: Windows 10 version 1803 Security Update (May 2021)
The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...
9.9CVSS
7.3AI Score
0.937EPSS
KB4578013: Windows 8.1 and Windows Server 2012 R2 August 2020 Additional Security Update
The remote Windows host is missing security update 4578013. It is, therefore, affected by multiple vulnerabilities : An elevation of privilege vulnerability exists when Windows Remote Access improperly handles memory. (CVE-2020-1530) An elevation of privilege vulnerability exists when...
7.8CVSS
8.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ice: fix locking for Tx timestamp tracking flush Commit 4dd0d5c33c3e ("ice: add lock around Tx timestamp tracker flush") added a lock around the Tx timestamp tracker flow which is used to cleanup any left over SKBs and prepare...
6.6AI Score
0.0004EPSS
KB5004951: Windows 7 and Windows Server 2008 R2 OOB Security Update RCE (July 2021)
A remote command execution vulnerability exists in Windows Print Spooler service improperly performs privileged file operations. An authenticated, remote attacker can exploit this to bypass and run arbitrary code with SYSTEM...
8.8CVSS
9.4AI Score
0.967EPSS
KB5004948: Windows 10 1607 and Windows Server 2016 OOB Security Update RCE (July 2021)
A remote command execution vulnerability exists in Windows Print Spooler service improperly performs privileged file operations. An authenticated, remote attacker can exploit this to bypass and run arbitrary code with SYSTEM...
8.8CVSS
9.4AI Score
0.967EPSS
KB5004958: Windows Server 2012 R2 OOB Security Update RCE (July 2021)
A remote command execution vulnerability exists in Windows Print Spooler service improperly performs privileged file operations. An authenticated, remote attacker can exploit this to bypass and run arbitrary code with SYSTEM...
8.8CVSS
9.4AI Score
0.967EPSS
KB5003197: Windows 10 1607 / Windows Server 2016 Security Update (May 2021)
The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...
9.9CVSS
7.3AI Score
0.937EPSS
KB5033369: Windows 11 version 21H2 Security Update (December 2023)
The remote Windows host is missing security update 5033369. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36006) Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability...
8.8CVSS
8.1AI Score
0.035EPSS
KB5033427: Windows Server 2008 Security Update (December 2023)
The remote Windows host is missing security update 5033427. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36006) A division-by-zero error on some AMD processors can potentially return...
8.8CVSS
7.7AI Score
0.033EPSS
KB5030261: Windows Server 2008 R2 Security Update (September 2023)
The remote Windows host is missing security update 5030261. It is, therefore, affected by multiple vulnerabilities Windows GDI Elevation of Privilege Vulnerability (CVE-2023-36804, CVE-2023-38161) DHCP Server Service Information Disclosure Vulnerability (CVE-2023-36801, CVE-2023-38152) ...
7.8CVSS
7AI Score
0.005EPSS
KB5007207: Windows 10 LTS 1507 Security Update (November 2021)
The Windows installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. An elevation of...
8.8CVSS
8.5AI Score
0.055EPSS
KB5007205: Windows 2022 Security Update (November 2021)
The remote Windows host is missing security update. See Vendor Advisory for...
9CVSS
7.3AI Score
0.904EPSS
KB5006675: WWindows 10 version 1507 LTS Security Update (October 2021)
The remote Windows host is missing security update 5006675. It is, therefore, affected by multiple...
8.8CVSS
7.7AI Score
0.512EPSS
KB5003687: Windows 10 version 1507 LTS Security Update (June 2021)
The remote Windows host is missing security update 5003687. It is, therefore, affected by multiple...
9.4CVSS
8.4AI Score
0.966EPSS
KB5003694: Windows 7 and Windows Server 2008 R2 Security Update (June 2021)
The remote Windows host is missing security update 5003694. It is, therefore, affected by multiple...
9.4CVSS
8.4AI Score
0.966EPSS
KB5003646: Windows 10 version 1809 / Windows Server 2019 Security Update (June 2021)
The remote Windows host is missing security update 5003646. It is, therefore, affected by multiple...
9.4CVSS
8.1AI Score
0.966EPSS
The remote Windows host is missing security update 4551762. It is, therefore, affected by a remote code execution vulnerability. The vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the...
10CVSS
9.2AI Score
0.975EPSS