CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2023-28736 |
Description:
Nessus Plugin ID 216368 with Medium Severity
Synopsis
The remote Azure Linux host is missing one or more security updates.
Description
The version of mdadm installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-28736 advisory. - Buffer overflow in some Intel(R) SSD Tools software before version mdadm-4.2-rc2 May allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2023-28736)Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.
Read more at https://www.tenable.com/plugins/nessus/216368
February 17th, 2025 (5 months ago)
|
|
CVE-2023-39742 |
Description:
Nessus Plugin ID 216369 with Medium Severity
Synopsis
The remote CBL Mariner host is missing one or more security updates.
Description
The version of giflib installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-39742 advisory. - giflib v5.2.1 was discovered to contain a segmentation fault via the component getarg.c. (CVE-2023-39742)Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.
Read more at https://www.tenable.com/plugins/nessus/216369
February 17th, 2025 (5 months ago)
|
|
CVE-2022-49043 |
Description:
Nessus Plugin ID 216370 with High Severity
Synopsis
The remote Red Hat host is missing a security update for libxml2.
Description
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1516 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): * libxml: use-after-free in xmlXIncludeAddNode (CVE-2022-49043) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the RHEL libxml2 package based on the guidance in RHSA-2025:1516.
Read more at https://www.tenable.com/plugins/nessus/216370
February 17th, 2025 (5 months ago)
|
|
CVE-2020-11023 |
Description:
Nessus Plugin ID 216371 with Medium Severity
Synopsis
The remote Red Hat host is missing a security update for idm:DL1.
Description
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1515 advisory. Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): * jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods (CVE-2020-11023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the RHEL idm:DL1 package based on the guidance in RHSA-2025:1515.
Read more at https://www.tenable.com/plugins/nessus/216371
February 17th, 2025 (5 months ago)
|
|
CVE-2022-49043 |
Description:
Nessus Plugin ID 216372 with High Severity
Synopsis
The remote Red Hat host is missing a security update for libxml2.
Description
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1517 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): * libxml: use-after-free in xmlXIncludeAddNode (CVE-2022-49043) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the RHEL libxml2 package based on the guidance in RHSA-2025:1517.
Read more at https://www.tenable.com/plugins/nessus/216372
February 17th, 2025 (5 months ago)
|
|
CVE-2020-11023 |
Description:
Nessus Plugin ID 216373 with Medium Severity
Synopsis
The remote Red Hat host is missing a security update for ipa.
Description
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1514 advisory. Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): * jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods (CVE-2020-11023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the RHEL ipa package based on the guidance in RHSA-2025:1514.
Read more at https://www.tenable.com/plugins/nessus/216373
CVSS: MEDIUM (6.9)
February 17th, 2025 (5 months ago)
|
|
Description: Cybersecurity researchers have shed light on a new Golang-based backdoor that uses Telegram as a mechanism for command-and-control (C2) communications.
Netskope Threat Labs, which detailed the functions of the malware, described it as possibly of Russian origin.
"The malware is compiled in Golang and once executed it acts like a backdoor," security researcher Leandro Fróes said in an analysis
February 17th, 2025 (5 months ago)
|
|
|
Description: Microsoft has announced the deprecation and eventual removal of the Location History feature in Windows, which allowed applications, including Cortana, to access 24 hours of stored device location data. This change, set to take effect this month, will remove the corresponding settings from the Privacy & Security > Location page in Windows Settings, and location …
The post Microsoft to Deprecate Location History Feature in Windows appeared first on CyberInsider.
February 17th, 2025 (5 months ago)
|
|
|
Description: Multiple MFPs (multifunction printers) provided by FUJIFILM Business Innovation Corp. contain an out-of-bounds write vulnerability.
February 17th, 2025 (5 months ago)
|
|
|
Description: OMRON CX-Programmer contains an out-of-bounds read vulnerability.
February 17th, 2025 (5 months ago)
|