Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2025-1996)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-1996 vulnerabilities

Vulnerabilities for packages: kubeflow...

CVE-2021-1996

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Web Services. Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic...

Linux Distros Unpatched Vulnerability : CVE-2022-1996

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0. CVE-2022-1996 Note that Nessus relies on the presence...

Linux Distros Unpatched Vulnerability : CVE-2013-1996

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - X.org libFS 1.0.4 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign...

SUSE SLES15 / openSUSE 15 Security Update : aws-iam-authenticator (SUSE-SU-2024:4329-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:4329-1 advisory. - CVE-2022-1996: Fixed CORS bypass bsc1200528. Tenable has extracted the preceding description block directly from the SUSE...

openSUSE Security Advisory (SUSE-SU-2024:4329-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:4329-1 Security update for aws-iam-authenticator

This update for aws-iam-authenticator fixes the following issues: - CVE-2022-1996: Fixed CORS bypass bsc1200528...

Fedora 37 : golang-cloud-google (2022-6e5bcf2979)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-6e5bcf2979 advisory. Automatic update for golang-cloud-google-0.103.0-2.fc37. Changelog Wed Aug 3 2022 Robert-Andr Mauchin 0.103.0-2 - Fix tests on other arches Mon Aug ...

Fedora 37 : golang (2022-bf188fb91a)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-bf188fb91a advisory. Automatic update for golang-1.18.4-1.fc37. Changelog Wed Jul 13 2022 Alejandro Sez - 1.18.4-1 - Update to 1.18.4 Sun Jun 19 2022 Robert-Andr Mauchin...

LevelOne WBR-6012 Web Application information disclosure vulnerability

Talos Vulnerability Report TALOS-2024-1985 LevelOne WBR-6012 Web Application information disclosure vulnerability October 30, 2024 CVE Number CVE-2024-33603 SUMMARY The LevelOne WBR-6012 router has an information disclosure vulnerability in its web application, which allows unauthenticated users ...

Photon OS 4.0: Calico PHSA-2023-4.0-0427

An update of the calico package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0427. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2022-1996 affecting package sriov-network-device-plugin for versions less than 3.7.0-1

CVE-2022-1996 affecting package sriov-network-device-plugin for versions less than 3.7.0-1. An upgraded version of the package is available that resolves this issue...

RHEL 5 : libfs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libFS: Sign extension issues resulting in heap-based buffer overflow CVE-2013-1996 Note that Nessus has not tested...

Security Bulletin: IBM Storage Fusion is vulnerable to authorization bypass due to go-restful.

Summary emicklei/go-restful is used by IBM Storage Fusion's isf-prereq-operator to create pre-requisite resources and deploy dependent operators. CVE-2022-1996. Vulnerability Details CVEID:CVE-2022-1996 DESCRIPTION: go-restful could allow a remote attacker to bypass security restrictions, caused ...

RHEL 8 : openshift-gitops-kam (RHSA-2023:3229)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:3229 advisory. Security Fixes: go-restful: Authorization Bypass Through User-Controlled Key CVE-2022-1996 For more details about the security issues, including the...

RHEL 8 : Release of OpenShift Serverless Client kn 1.24.0 (Important) (RHSA-2022:6042)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:6042 advisory. Red Hat OpenShift Serverless Client kn 1.24.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.24.0. The kn CLI is delivered a...

CVE-2024-1996

creationtimestamp| type| source ---|---|--- 2024-03-13 17:37:14+00:00| seen| https://t.me/ctinow/206945...

CVE-2024-1996

The Premium Addons PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's IHover widget link in all versions up to, and including, 2.9.12 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

CVE-2024-1996 Premium Addons for Elementor PRO <= 2.9.12 - Authenticated(Contributor+) Stored Cross-Site Scripting via widget link

The Premium Addons PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's IHover widget link in all versions up to, and including, 2.9.12 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...