Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-31344 |
Description: Heap-based Buffer Overflow vulnerability in openEuler giflib on Linux. This vulnerability is associated with program files gif2rgb.C.
This issue affects giflib: through 5.2.2.
CVSS: HIGH (7.3) EPSS Score: 0.01%
April 14th, 2025 (7 days ago)
|
|
CVE-2025-24855 |
Description:
Nessus Plugin ID 234257 with High Severity
Synopsis
The remote Red Hat host is missing one or more security updates for libxslt.
Description
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:3624 advisory. libxslt is a library for transforming XML files into other textual formats (including HTML, plain text, and other XML representations of the underlying data) using the standard XSLT stylesheet transformation mechanism. Security Fix(es): * libxslt: Use-After-Free in libxslt numbers.c (CVE-2025-24855) * libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList) (CVE-2024-55549) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the RHEL libxslt package based on the guidance in RHSA-2025:3624.
Read more at https://www.tenable.com/plugins/nessus/234257
CVSS: HIGH (7.8)
April 14th, 2025 (7 days ago)
|
|
CVE-2025-24855 |
Description:
Nessus Plugin ID 234259 with High Severity
Synopsis
The remote Red Hat host is missing one or more security updates for libxslt.
Description
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:3615 advisory. libxslt is a library for transforming XML files into other textual formats (including HTML, plain text, and other XML representations of the underlying data) using the standard XSLT stylesheet transformation mechanism. Security Fix(es): * libxslt: Use-After-Free in libxslt numbers.c (CVE-2025-24855) * libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList) (CVE-2024-55549) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the RHEL libxslt package based on the guidance in RHSA-2025:3615.
Read more at https://www.tenable.com/plugins/nessus/234259
CVSS: HIGH (7.8)
April 14th, 2025 (7 days ago)
|
|
CVE-2025-24855 |
Description:
Nessus Plugin ID 234261 with High Severity
Synopsis
The remote Red Hat host is missing one or more security updates for libxslt.
Description
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:3619 advisory. libxslt is a library for transforming XML files into other textual formats (including HTML, plain text, and other XML representations of the underlying data) using the standard XSLT stylesheet transformation mechanism. Security Fix(es): * libxslt: Use-After-Free in libxslt numbers.c (CVE-2025-24855) * libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList) (CVE-2024-55549) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the RHEL libxslt package based on the guidance in RHSA-2025:3619.
Read more at https://www.tenable.com/plugins/nessus/234261
CVSS: HIGH (7.8)
April 14th, 2025 (7 days ago)
|
|
CVE-2024-55549 |
Description:
Nessus Plugin ID 234266 with High Severity
Synopsis
The remote Red Hat host is missing a security update for libxslt.
Description
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3613 advisory. libxslt is a library for transforming XML files into other textual formats (including HTML, plain text, and other XML representations of the underlying data) using the standard XSLT stylesheet transformation mechanism. Security Fix(es): * libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList) (CVE-2024-55549) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the RHEL libxslt package based on the guidance in RHSA-2025:3613.
Read more at https://www.tenable.com/plugins/nessus/234266
CVSS: HIGH (7.8)
April 14th, 2025 (7 days ago)
|
|
CVE-2025-24855 |
Description:
Nessus Plugin ID 234270 with High Severity
Synopsis
The remote Red Hat host is missing one or more security updates for libxslt.
Description
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:3612 advisory. libxslt is a library for transforming XML files into other textual formats (including HTML, plain text, and other XML representations of the underlying data) using the standard XSLT stylesheet transformation mechanism. Security Fix(es): * libxslt: Use-After-Free in libxslt numbers.c (CVE-2025-24855) * libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList) (CVE-2024-55549) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the RHEL libxslt package based on the guidance in RHSA-2025:3612.
Read more at https://www.tenable.com/plugins/nessus/234270
CVSS: HIGH (7.8)
April 14th, 2025 (7 days ago)
|
|
CVE-2025-24855 |
Description:
Nessus Plugin ID 234273 with High Severity
Synopsis
The remote Red Hat host is missing one or more security updates for libxslt.
Description
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:3626 advisory. libxslt is a library for transforming XML files into other textual formats (including HTML, plain text, and other XML representations of the underlying data) using the standard XSLT stylesheet transformation mechanism. Security Fix(es): * libxslt: Use-After-Free in libxslt numbers.c (CVE-2025-24855) * libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList) (CVE-2024-55549) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the RHEL libxslt package based on the guidance in RHSA-2025:3626.
Read more at https://www.tenable.com/plugins/nessus/234273
CVSS: HIGH (7.8)
April 14th, 2025 (7 days ago)
|
|
CVE-2024-55549 |
Description:
Nessus Plugin ID 234277 with High Severity
Synopsis
The remote Red Hat host is missing a security update for libxslt.
Description
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3614 advisory. libxslt is a library for transforming XML files into other textual formats (including HTML, plain text, and other XML representations of the underlying data) using the standard XSLT stylesheet transformation mechanism. Security Fix(es): * libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList) (CVE-2024-55549) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the RHEL libxslt package based on the guidance in RHSA-2025:3614.
Read more at https://www.tenable.com/plugins/nessus/234277
CVSS: HIGH (7.8)
April 14th, 2025 (7 days ago)
|
|
CVE-2025-24855 |
Description:
Nessus Plugin ID 234278 with High Severity
Synopsis
The remote Red Hat host is missing one or more security updates for libxslt.
Description
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:3625 advisory. libxslt is a library for transforming XML files into other textual formats (including HTML, plain text, and other XML representations of the underlying data) using the standard XSLT stylesheet transformation mechanism. Security Fix(es): * libxslt: Use-After-Free in libxslt numbers.c (CVE-2025-24855) * libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList) (CVE-2024-55549) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the RHEL libxslt package based on the guidance in RHSA-2025:3625.
Read more at https://www.tenable.com/plugins/nessus/234278
CVSS: HIGH (7.8)
April 14th, 2025 (7 days ago)
|
|
CVE-2025-30204 |
Description:
Nessus Plugin ID 234280 with High Severity
Synopsis
The remote Red Hat host is missing a security update for grafana.
Description
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:3616 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): * golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing (CVE-2025-30204) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the RHEL grafana package based on the guidance in RHSA-2025:3616.
Read more at https://www.tenable.com/plugins/nessus/234280
CVSS: HIGH (7.5) EPSS Score: 0.02%
April 14th, 2025 (7 days ago)
|