Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2023-3019 |
Description:
Nessus Plugin ID 234595 with Medium Severity
Synopsis
The remote CBL Mariner host is missing one or more security updates.
Description
The version of qemu installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-3019 advisory. - A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. (CVE-2023-3019)Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.
Read more at https://www.tenable.com/plugins/nessus/234595
April 18th, 2025 (about 15 hours ago)
|
|
CVE-2023-3180 |
Description:
Nessus Plugin ID 234596 with Medium Severity
Synopsis
The remote CBL Mariner host is missing one or more security updates.
Description
The version of qemu installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-3180 advisory. - A flaw was found in the QEMU virtual crypto device while handling data encryption/decryption requests in virtio_crypto_handle_sym_req. There is no check for the value of `src_len` and `dst_len` in virtio_crypto_sym_op_helper, potentially leading to a heap buffer overflow when the two values differ. (CVE-2023-3180)Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.
Read more at https://www.tenable.com/plugins/nessus/234596
April 18th, 2025 (about 15 hours ago)
|
|
CVE-2023-3255 |
Description:
Nessus Plugin ID 234597 with Medium Severity
Synopsis
The remote CBL Mariner host is missing one or more security updates.
Description
The version of qemu installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-3255 advisory. - A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition May lead to an infinite loop when inflating an attacker controlled zlib buffer in the `inflate_buffer` function. This could allow a remote authenticated client who is able to send a clipboard to the VNC server to trigger a denial of service. (CVE-2023-3255)Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.
Read more at https://www.tenable.com/plugins/nessus/234597
April 18th, 2025 (about 15 hours ago)
|
|
CVE-2023-3255 |
Description:
Nessus Plugin ID 234598 with Medium Severity
Synopsis
The remote Azure Linux host is missing one or more security updates.
Description
The version of qemu installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-3255 advisory. - A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition May lead to an infinite loop when inflating an attacker controlled zlib buffer in the `inflate_buffer` function. This could allow a remote authenticated client who is able to send a clipboard to the VNC server to trigger a denial of service. (CVE-2023-3255)Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.
Read more at https://www.tenable.com/plugins/nessus/234598
April 18th, 2025 (about 15 hours ago)
|
|
CVE-2024-10041 |
Description:
Nessus Plugin ID 234605 with Medium Severity
Synopsis
The remote SUSE host is missing a security update.
Description
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:1334-1 advisory. - CVE-2024-10041: sensitive data exposure while performing authentications. (bsc#1232234)Tenable has extracted the preceding description block directly from the SUSE security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.
Read more at https://www.tenable.com/plugins/nessus/234605
April 18th, 2025 (about 15 hours ago)
|
|
CVE-2024-54551 |
Description:
Nessus Plugin ID 234606 with Critical Severity
Synopsis
The remote SUSE host is missing one or more security updates.
Description
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1336-1 advisory. - Update to version 2.48.1 - CVE-2024-54551: improper memory handling may lead to a denial-of-service when processing certain web content (bsc#1240962) - CVE-2025-24208: permissions issue may lead to a cross-site scripting attack when loading a malicious iframe (bsc#1240961) - CVE-2025-24209: buffer overflow may lead to crash when processing maliciously crafted web content (bsc#1240964) - CVE-2025-24213: type confusion issue may lead to memory corruption (bsc#1240963) - CVE-2025-24216: improper memory handling may lead to an unexpected crash when processing certain web content (bsc#1240986) - CVE-2025-24264: improper memory handling may lead to unexpected crash when processing certain web content (bsc#1240987) - CVE-2025-30427: use-after-free issue may lead to an unexpected Safari crash when processing maliciously crafted web content (bsc#1240958)Tenable has extracted the preceding description block directly from the SUSE security advisory.Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affecte...
EPSS Score: 0.17%
April 18th, 2025 (about 15 hours ago)
|
|
CVE-2024-56431 |
Description:
Nessus Plugin ID 234612 with Critical Severity
Synopsis
The remote SUSE host is missing a security update.
Description
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:1340-1 advisory. - CVE-2024-56431: Fixed a negative shift in huffdec.c (bsc#1234837).Tenable has extracted the preceding description block directly from the SUSE security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the affected libmozjs-115-0, mozjs115 and / or mozjs115-devel packages.
Read more at https://www.tenable.com/plugins/nessus/234612
April 18th, 2025 (about 15 hours ago)
|
|
Description:
Nessus Plugin ID 234615 with Critical Severity
Synopsis
The remote PhotonOS host is missing multiple security updates.
Description
An update of the mozjs package has been released.
Solution
Update the affected Linux packages.
Read more at https://www.tenable.com/plugins/nessus/234615
April 18th, 2025 (about 15 hours ago)
|
|
|
Description:
Nessus Plugin ID 234616 with Info Severity
Synopsis
Dell Trusted Device is installed on the remote Windows host.
Description
Dell Trusted Device (formerly known as Dell BIOS Verification) is installed on the remote Windows host.
Solution
null
Read more at https://www.tenable.com/plugins/nessus/234616
April 18th, 2025 (about 15 hours ago)
|
|
Description: Here's our live panel and podcast from SXSW!
April 18th, 2025 (about 15 hours ago)
|