CVE-2021-33586

InspIRCd 3.8.0 through 3.9.x before 3.10.0 allows any user able to connect to the server to access recently deallocated memory, aka the "malformed PONG" issue...

CVE-2020-6937

A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x, 3.9.x, and 4.x released before April 7, 2020, could allow remote attackers to submit data which can lead to resource exhaustion...

CVE-2024-11168

The urllib.parse.urlsplit and urlparse functions improperly validated bracketed hosts , allowing hosts that weren't IPv6 or IPvFuture. This behavior was not conformant to RFC 3986 and potentially enabled SSRF if a URL is processed by more than one URL parser...

SUSE-RU-2024:3971-1 Recommended update for mojo-parent

This update for mojo-parent fixes the following issues: xalan-j2 was updated from version 2.7.2 to 2.7.3: - Security issues fixed: CVE-2022-34169: Fixed integer truncation issue when processing malicious XSLT stylesheets bsc1201684 - Changes and Bugs fixed: Java 8 is now the minimum requirement...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2024-2641)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 37 : pypy3.9 (2023-af5206f71d)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-af5206f71d advisory. Update to 7.3.11. See https://doc.pypy.org/en/latest/release-v7.3.11.html Security fix for CVE-2022-37454, CVE-2022-45061, CVE-2022-42919. Tenable h...

EulerOS Virtualization 2.11.0 : python3 (EulerOS-SA-2024-1434)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It...

Tencent Blueking CMDB Security Vulnerability

Tencent Blueking CMDB is a configuration management database system from Tencent, China. A security vulnerability exists in Tencent Blueking CMDB versions v3.2.x through v3.9.x, which stems from /service/subscription.go contains a server-side request forgery vulnerability that allows an attacker ...

PT-2023-32788 · Github · Github Enterprise Server

Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions 3.9 through 3.9.6 GitHub Enterprise Server versions 3.10 through 3.10.3 GitHub Enterprise Server versions 3.11 through 3.11.0 Description: An improper authentication issue was identified in GitHub Enterprise...

Rocky Linux 9 : python3.9 (RLSA-2022:8493)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:8493 advisory. - Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non- default configuration. The Python multiprocessing...

AlmaLinux 8 : python27:2.7 (ALSA-2023:5994)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5994 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that Nessus h...

CentOS 8 : python39:3.9 and python39-devel:3.9 (CESA-2023:5998)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:5998 advisory. - An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers such as HT...

Moodle 3.9.x < 3.9.8 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.9.x prior to 3.9.8, 3.10.x prior to 3.10.5 or 3.11.x prior to 3.11.1. It is, therefore, affected by multiple vulnerabilities: - An SQL injection in the library fetching a user's enrolled courses. CVE-2021-36392 - An SQL injection in the...

Moodle 3.9.x < 3.9.10 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.9.x prior to 3.9.10, 3.10.x prior to 3.10.7 or 3.11.x prior to 3.11.3. It is, therefore, affected by multiple vulnerabilities: - A session hijack vulnerability was identified in the Shibboleth authentication plugin, when enabled...

Moodle 3.11.x < 3.11.8 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.9.x prior to 3.9.15, 3.11.x prior to 3.11.8 or 4.0.x prior to 4.0.2. It is, therefore, affected by multiple vulnerabilities: - A code injection through an omitted execution parameter elading to Remote Code Execution RCE for sites running...

Moodle 3.9.x < 3.9.5 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.5.x prior to 3.5.17, 3.8.x prior to 3.8.8, 3.9.x prior to 3.9.5 or 3.10.x prior to 3.10.2. It is, therefore, affected by multiple vulnerabilities: - A stored Cross-Site Scripting XSS vulnerability attack due to the lack of sanitization of th...

Moodle 3.9.x < 3.9.19 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.9.x prior to 3.9.19, 3.11.x prior to 3.11.12, 4.0.x prior to 4.0.6 or 4.1.x prior to 4.1.1. It is, therefore, affected by multiple vulnerabilities: - A Cross-Site Scripting XSS vulnerability due to the lack of sanitization of some returnurl...

Moodle 3.9.x < 3.9.18 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.9.x prior to 3.9.18, 3.11.x prior to 3.11.11 or 4.0.x prior to 4.0.5. It is, therefore, affected by multiple vulnerabilities: - An information disclosure due to a user CSRF token being unnecessarily included in the URL during the redirection...

Moodle 3.9.x < 3.9.4 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.5.x prior to 3.5.16, 3.8.x prior to 3.8.7, 3.9.x prior to 3.9.4 or 3.10.x prior to 3.10.1. It is, therefore, affected by multiple vulnerabilities: - A client-side Denial of Service DoS attack due to the lack of character limit when sending...

Moodle 3.9.x < 3.9.14 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.9.x prior to 3.9.14, 3.10.x prior to 3.10.11, 3.11.x prior to 3.11.7 or 4.0.x prior to 4.0.1. It is, therefore, affected by multiple vulnerabilities: - A stored Cross-Site Scripting XSS vulnerability in ID numbers displayed when bulk...