64 matches found
EUVD-2017-18293
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2017-14098
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the pjsip channel driver respjsip in Asterisk 13.x before 13.17.1 and 14.x before 14.6.1, a carefully crafted tel URI in a From, To, or Contact header could...
Linux Distros Unpatched Vulnerability : CVE-2017-17664
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Remote Crash issue was discovered in Asterisk Open Source 13.x before 13.18.4, 14.x before 14.7.4, and 15.x before 15.1.4 and Certified Asterisk before...
CVE-2023-20869
VMware Workstation 17.x and VMware Fusion 13.x contain a stack-based buffer-overflow vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine...
macOS 13.x < 13.7.6 Multiple Vulnerabilities (122718)
The remote host is running a version of macOS / Mac OS X that is 13.x prior to 13.7.6. It is, therefore, affected by multiple vulnerabilities: - A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML...
CVE-2024-48926
Umbraco, a free and open source .NET content management system, has an insufficient session expiration issue in versions on the 13.x branch prior to 13.5.2, 10.x prior to 10.8.7, and 8.x prior to 8.18.15. The Backoffice displays the logout page with a session timeout message before the server...
CVE-2024-48927
Umbraco, a free and open source .NET content management system, has a remote code execution issue in versions on the 13.x branch prior to 13.5.2, 10.x prior to 10.8.7, and 8.x prior to 8.18.15. There is a potential risk of code execution for Backoffice users when they “preview” SVG files in full...
CVE-2024-48927 Potential Code Execution Risk When Viewing SVG Files in Full Screen in Backoffice
Umbraco, a free and open source .NET content management system, has a remote code execution issue in versions on the 13.x branch prior to 13.5.2, 10.x prior to 10.8.7, and 8.x prior to 8.18.15. There is a potential risk of code execution for Backoffice users when they “preview” SVG files in full...
CVE-2024-48926
CVE-2024-48926 affects Umbraco CMS. The issue is an insufficient session expiration in the Backoffice where the logout page shows a timeout message ~30 seconds before the server session expires. Affected versions: 13.x prior to 13.5.2, 10.x prior to 10.8.7, and 8.x prior to 8.18.15. Patches are p...
CVE-2024-48926 Umbraco CMS logout page displayed before session expiration
Umbraco, a free and open source .NET content management system, has an insufficient session expiration issue in versions on the 13.x branch prior to 13.5.2, 10.x prior to 10.8.7, and 8.x prior to 8.18.15. The Backoffice displays the logout page with a session timeout message before the server...
CVE-2024-48926 Umbraco CMS logout page displayed before session expiration
Umbraco, a free and open source .NET content management system, has an insufficient session expiration issue in versions on the 13.x branch prior to 13.5.2, 10.x prior to 10.8.7, and 8.x prior to 8.18.15. The Backoffice displays the logout page with a session timeout message before the server...
PostgreSQL TOCTOU Vulnerability (Aug 2024) - Linux
PostgreSQL is prone to a time-of-check time-of-use TOCTOU race condition vulnerability in pgdump. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...
PostgreSQL TOCTOU Vulnerability (Aug 2024) - Windows
PostgreSQL is prone to a time-of-check time-of-use TOCTOU race condition vulnerability in pgdump. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...
PostgreSQL 12.x < 12.18, 13.x < 13.14, 14.x < 14.11, 15.x < 15.6, 16.x < 16.1 Privilege Escalation Vulnerability - Linux
PostgreSQL is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
PostgreSQL 12.x < 12.18, 13.x < 13.14, 14.x < 14.11, 15.x < 15.6, 16.x < 16.1 Privilege Escalation Vulnerability - Windows
PostgreSQL is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
macOS 13.x < 13.6.4 Multiple Vulnerabilities (HT214058)
The remote host is running a version of macOS / Mac OS X that is 13.x prior to 13.6.4. It is, therefore, affected by multiple vulnerabilities: - The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS...
macOS 13.x < 13.6.1 Multiple Vulnerabilities (HT213985)
The remote host is running a version of macOS / Mac OS X that is 13.x prior to 13.6.1. It is, therefore, affected by multiple vulnerabilities: - The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS...
CVE-2023-34046
VMware Fusion TOCTOU local privilege escalation (CVE-2023-34046) affects Fusion 13.x prior to 13.5 during initial installation or upgrade. A local non-administrative user can escalate privileges to root on the host. VMware’s VMSA-2023-0022 and accompanying resources specify a fixed version of 13....
VMware Fusion Security Vulnerability
VMware Fusion is a suite of virtual machine software from VMware, Inc. designed to run Windows applications on Macs. A security vulnerability exists in VMware Fusion versions 13.x through 13.5 and earlier, which stems from a local elevation of privilege vulnerability...
macOS 13.x < 13.4.1 (a) WebKit Code Execution (HT213825)
The remote host is running a version of macOS / Mac OS X that is 13.x prior to 13.4.1 a. It is, therefore, affected by a code execution vulnerability in the WebKit component. Processing web content may lead to arbitrary code execution. Note that Nessus has not tested for these issues but has...