Scoutmob Local Deals & Event Security Vulnerabilities

CVE-2024-6295 udn News App - Insecure Data Storage

udn News Android APP stores the unencrypted user session in the local database when user log into the application. A malicious APP or an attacker with physical access to the Android device can retrieve this session and use it to log into the news APP and other services provided by...

CVE-2024-22385 File and Directory Permission Vulnerability in Hitachi Storage Provider for VMware vCenter

Incorrect Default Permissions vulnerability in Hitachi Storage Provider for VMware vCenter allows local users to read and write specific files.This issue affects Hitachi Storage Provider for VMware vCenter: from 3.1.0 before...

CVE-2024-22385 File and Directory Permission Vulnerability in Hitachi Storage Provider for VMware vCenter

Incorrect Default Permissions vulnerability in Hitachi Storage Provider for VMware vCenter allows local users to read and write specific files.This issue affects Hitachi Storage Provider for VMware vCenter: from 3.1.0 before...

EulerOS 2.0 SP11 : curl (EulerOS-SA-2024-1829)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum...

Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2024-1847)

The remote host is missing an update for the Huawei...

EulerOS 2.0 SP11 : mod_http2 (EulerOS-SA-2024-1819)

According to the versions of the mod_http2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2024-1821)

The remote host is missing an update for the Huawei...

CVE-2024-6287

Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite...

EulerOS 2.0 SP11 : golang (EulerOS-SA-2024-1835)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This...

EulerOS 2.0 SP11 : expat (EulerOS-SA-2024-1831)

According to the versions of the expat package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via...

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-1837)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: IB/ipoib: Fix mcast list locking Releasing the priv-lock while iterating...

EulerOS 2.0 SP11 : ruby (EulerOS-SA-2024-1846)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1808)

The remote host is missing an update for the Huawei...

Fedora: Security Advisory for thunderbird (FEDORA-2024-6de8bb7c1b)

The remote host is missing an update for...

CVE-2024-38384

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix list corruption from reorder of WRITE ->lqueued __blkcg_rstat_flush() can be run anytime, especially when blk_cgroup_bio_start is being executed. If WRITE of ->lqueued is re-ordered with READ of 'bisc->lnod...

Huawei EulerOS: Security Advisory for glusterfs (EulerOS-SA-2024-1812)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1829)

The remote host is missing an update for the Huawei...

Mageia: Security Advisory (MGASA-2024-0232)

The remote host is missing an update for...

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2024-1824)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for nghttp2 (EulerOS-SA-2024-1841)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for emacs (EulerOS-SA-2024-1809)

The remote host is missing an update for the Huawei...

Fedora 39 : libopenmpt (2024-018a95fb38)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-018a95fb38 advisory. Update from 0.7.6 to 0.7.8 for more bug-fixes. https://lib.openmpt.org/libopenmpt/2024/06/09/security-update-0.7.8-releases-0.6.17-0.5.31-0.4.43/ ...

EulerOS 2.0 SP11 : glusterfs (EulerOS-SA-2024-1833)

According to the versions of the glusterfs packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In Gluster GlusterFS 11.0, there is an xlators/cluster/dht/src/dht-common.c dht_setxattr_mds_cbk use- after-free.(CVE-2022-48340) Tenable...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1816)

The remote host is missing an update for the Huawei...

RHEL 9 : redhat-ds:12 (RHSA-2024:4092)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4092 advisory. Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access...

RHEL 8 : [23.0] Security update for the 23.0 (RPMs) (Low) (RHSA-2024:4081)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4081 advisory. The quarkus-mandrel-java and quarkus-mandrel-23 packages provide the GraalVM installation for the quarkus/mandrel-23-rhel8:23.0 container...

FreeBSD : chromium -- multiple security fixes (2b68c86a-32d5-11ef-8a0f-a8a1599412c6)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 2b68c86a-32d5-11ef-8a0f-a8a1599412c6 advisory. Chrome Releases reports: This update includes 5 security fixes: Tenable has extracted the...

EulerOS 2.0 SP11 : xorg-x11-server (EulerOS-SA-2024-1849)

According to the versions of the xorg-x11-server package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixmap() function. This issue occurs when...

EulerOS 2.0 SP11 : emacs (EulerOS-SA-2024-1830)

According to the versions of the emacs package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23.(CVE-2024-30205) In Emacs...

Fedora: Security Advisory for chromium (FEDORA-2024-d2b54d5a9d)

The remote host is missing an update for...

Fedora: Security Advisory for tomcat (FEDORA-2024-c404b99f19)

The remote host is missing an update for...

Mageia: Security Advisory (MGASA-2024-0236)

The remote host is missing an update for...

RHEL 9 : python3.11 (RHSA-2024:4077)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4077 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic...

Ubuntu: Security Advisory (USN-6845-1)

The remote host is missing an update for...

Mageia: Security Advisory (MGASA-2024-0233)

The remote host is missing an update for...

Fedora: Security Advisory for webkitgtk (FEDORA-2024-826bf5a09a)

The remote host is missing an update for...

EulerOS 2.0 SP11 : xorg-x11-server (EulerOS-SA-2024-1828)

According to the versions of the xorg-x11-server package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixmap() function. This issue occurs when...

EulerOS 2.0 SP11 : sssd (EulerOS-SA-2024-1826)

According to the versions of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper...

Huawei EulerOS: Security Advisory for llvm (EulerOS-SA-2024-1818)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for llvm (EulerOS-SA-2024-1839)

The remote host is missing an update for the Huawei...

Fedora 40 : thunderbird (2024-bf1c613d5a)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-bf1c613d5a advisory. Update to 115.12.1 * https://www.thunderbird.net/en-US/thunderbird/115.12.1/releasenotes/ * https://www.mozilla.org/en-US/security/advisories/mfsa2024-28/ ...

SUSE: Security Advisory (SUSE-SU-2024:2173-1)

The remote host is missing an update for...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2024-1822)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for nghttp2 (EulerOS-SA-2024-1820)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for libyaml (EulerOS-SA-2024-1817)

The remote host is missing an update for the Huawei...

SUSE: Security Advisory (SUSE-SU-2024:2170-1)

The remote host is missing an update for...

EulerOS 2.0 SP11 : libyaml (EulerOS-SA-2024-1817)

According to the versions of the libyaml package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in yaml libyaml up to 0.2.5 and classified as critical. Affected by this issue is the function...

Huawei EulerOS: Security Advisory for glusterfs (EulerOS-SA-2024-1833)

The remote host is missing an update for the Huawei...

EulerOS 2.0 SP11 : glibc (EulerOS-SA-2024-1811)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting...

EulerOS 2.0 SP11 : ruby (EulerOS-SA-2024-1825)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do...